Advertisement

Phishing helps hackers hijack Google accounts

From BBC - November 10, 2017

Cyber-thieves grab almost 250,000 valid log-in names and passwords for Google accounts every week, suggests research.

The study by Google and UC Berkeley looked at the ways email and other accounts get hijacked.

It used 12 months of log-in and account data found on websites and criminal forums or which had been harvested by hacking tools.

Google said the research helped secure accounts by showing how people fell victim to scammers and hackers.

During the 12 months studying the underground markets, the researchers identified more than 788,000 credentials stolen via keyloggers, 12 million grabbed via phishing and 1.9 billion from breaches at other companies.

Phishing involves attempts to trick people into handing over personal information and keyloggers are programs that record every key someone presses when using a computer.

Physical location

The most useful information for cyber-thieves came from keyloggers and phishing attacks as these included valid passwords in 12%-25% of attacks, it found.

Phishing attacks posed the biggest risk to users as these helped malicious hackers scoop up about 234,000 valid names and passwords every week. By contrast, keyloggers only yielded about 15,000 valid credentials each week.

Popular passwords found in data breaches

Advertisement

Continue reading at BBC »