CALIFORNIA, U.S. - In a tell all revelation, Google has revealed how hackers break into people’s Gmail accounts.
Based on its research, conducted in the space of 12 months, it found 788,000 login credentials stolen via keyloggers - tools that secretly record every key a user presses, 12 million stolen via phishing - a method of tricking a user into giving up their personal information, and 3.3 billion exposed by third-party data breaches.
Google has said that phishing attacks pose the “greatest threat” to users of its services.
The search engine giant added that it studied the ways in which hackers steal people’s passwords and break into their accounts.
It also noted that 12-25 percent of phishing and keylogger attacks against Google accounts result in a valid password being exposed.
However, attackers don’t stop at that - Google claims hackers use tools that also attempt to work out targets’ phone numbers, IP addresses, device types and locations, in case a password isn’t enough to successfully hijack an account.
Google said, “By ranking the relative risk to users, we found that phishing posed the greatest threat, followed by keyloggers, and finally third-party breaches. What we learned from the research proved to be immediately useful. We applied its insights to our existing protections and secured 67 million Google accounts before they were abused.”
For the research, Google said that it teamed up with UC Berkeley, and that they analysed “several black markets” that traded third-party password breaches and 25,000 blackhat tools used for phishing and keylogging, between March 2016 and March 2017.
Google, which has been issuing warnings about phishing and keylogging attacks, said that it also found that 12 percent of the 3.3 billion leaked records included a Gmail address, and seven percent of the passwords linked to these were valid, due to the account owners reusing them.
Google said, “Our findings were clear: enterprising hijackers are constantly searching for, and are able to find, billions of different platforms’ usernames and passwords on black markets.”
The study is said to have focused on Google accounts, and the company warned that these hijacking tactics pose a risk to accounts across all other online platforms too.
Google has recommended that users should protect themselves by visiting its Security Checkup page and allowing Chrome to automatically generate passwords for their accounts and save them via Smart Lock.
It said, “Finally, we regularly scan activity across Google’s suite of products for suspicious actions performed by hijackers and when we find any, we lock down the affected accounts to prevent any further damage as quickly as possible. We prevent or undo actions we attribute to account takeover, notify the affected user, and help them change their password and re-secure their account into a healthy state.”