250,000 Google login names and passwords are hijacked a week
Google research reveals how and why these hijacks happen
Google teamed up with UC Berkeley in order to research how emails and other accounts are hacked. By tracking black markets, the research was able to provide a better understanding on how accounts are hijacked, and also found ways for people to secure and protect their accounts.
Over the course of 12 months, the study analysed how hackers steal important information. It found that 788,000 credentials were stolen by keyloggers, which records the keys someone presses on a keyboard. Another 12 million credentials were stolen stolen through phishing, or tricking people into giving their personal data away, and 3.3 billion credentials were exposed by third-party breaches.
Phishing was revealed to pose the biggest threat as the cyber crime technique was able to obtain 234,000 names and passwords every week. While less than phishing, keyloggers were still able to successfully steal 5,000 credentials per week, according to the research.
The research also warned that passwords are not the only thing these attacks are after. In fact, 74% of keyloggers and 82% of phishing attempts tried to collect user's IP address and location.
To prevent these types of attacks, Google suggests users have recovery information linked to their account and to use the automatically generated passwords through Chrome, keeping them safe in Smart Lock.
"While we have already applied these insights to our existing protections, our findings are yet another reminder that we must continuously evolve our defenses in order to stay ahead of these bad actors and keep users safe" the Google Security Blog states.
What you need to know about migrating to SAP S/4HANA
Factors to assess how and when to begin migrationDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
Testing for compliance just became easier
How you can use technology to ensure compliance in your organisationDownload now
Best practices for implementing security awareness training
How to develop a security awareness programme that will actually change behaviourDownload now