Phishing bigger threat than data breaches: Google
Phishing attacks via fake emails cause the greatest threat to individuals, followed by keyloggers and third-party breaches as account hacking increases globally, a new Google study has disclosed. Keystroke logging is a kind of surveillance software that once put in on a system, has the potential to record each keystroke made on that system. The recording is saved in an encrypted log file.
According to Google, enterprising hijackers are constantly finding out, and are able to realize, billions of different platforms’ usernames and passwords on black markets. A Google team, along with the University of California, Berkeley, tracked many black markets that traded third-party password breaches also as 25,000 blackhat tools used for phishing and keylogging.
In total, these sources helped us determine 788,000 credentials stolen via keyloggers, twelve million credentials stolen via phishing, and 3.3 billion credentials exposed by third-party breaches. Account takeover, or ‘hijacking’, is a common drawback for users across the net. Over 15 per cent of web users have reported experiencing the takeover of an email or social networking account.
From March 2016 to March 2017, we analysed many black markets to check how hijackers steal passwords and other sensitive data,” aforesaid Kurt Thomas from Anti-Abuse research and Angelika Moscicki from Account Security groups at Google. The tech giant then applied the insights to its existing protections and secured sixty seven million Google accounts before they were abused.
While our study targeted on Google, these password stealing techniques cause a risk to any or all account-based on-line services. in the case of third-party information breaches, twelve per cent of the exposed records enclosed a Gmail address serving as a username and a password. Of those passwords, seven per cent were valid due to reuse. When it comes to phishing and keyloggers, attackers often target Google accounts to varying success: 12-25 per cent of attacks yield a valid password...[read more..]
Content credit: DJPUNJAB.COM