Faizel Patel, Radio Islam News – 13-11-2017
A Google report has found 788,000 credentials were stolen via keyloggers, 12 million stolen via phishing and 3.3 billion exposed by third-party breaches within a year of investigating black markets.
From March 2016 to March 2017, Google analysed several black markets to gain a better understanding of how hijackers steal passwords and other sensitive data in the wild.
It found that among the three, phishing poses the biggest threat to online security. Together with credential leaks, the two represent a threat “orders of magnitude larger than keyloggers.”
Google says account takeover, or ‘hijacking’, is unfortunately a common problem for users across the web.
“More than 15% of Internet users have reported experiencing the takeover of an email or social networking account. However, despite its familiarity, there is a dearth of research about the root causes of hijacking.”
Google says while the study focused on its own company, the password stealing tactics pose a risk to all account-based online services.
“In the case of third-party data breaches, 12% of the exposed records included a Gmail address serving as a username and a password; of those passwords, 7% were valid due to reuse.”
Google says its regularly scans activity across the company’s suite of products for suspicious actions performed by hijackers, locking down the affected accounts to prevent any further damage as quickly as possible.