Google has put itself at the service of its vast public by descending into the dark web with the aim of understanding how hackers act and, in response to such illegal activity, identifying the security measures to be taken. Not a day goes by when new security threats are discovered; the most common are traced to cyber crimes better known as phishing or keylogging activity. According to the survey conducted by Google and lasted a full year (March 2016 – March 2017), the mentioned phishing is the biggest threat to online security. Specifically, from the data reported by Big G, they count about 788,000 credential thefts by keyloggers, 12 million via phishing and 3.3 billion exposed by third-party breaches. Of the total cases recorded, 12% used Gmail addresses as their username and 7% of those accounts reused their Gmail password for other services.

Of the total cases recorded, 12% used Gmail addresses as their username and 7% of those accounts reused their Gmail password for other services. Of the phishing tools and keyloggers reviewed by Google, 82% and 74%, respectively, have the ability to collect IP addresses. Then there are tools that can collect phone numbers, as well as device type and model. All information that allows cybercriminals to authenticate the identities of the accounts they are stealing.

In conjunction with the investigation conducted, Google launched new security features, including Advanced Protection to secure the accounts of more vulnerable people from attacks, such as celebrities and politicians. Although the protection provided by Google is extensive, it is still recommended to use so-called password generators and enable two-factor authentication to allow your credentials to be even more secure.

Sara Avanzi

Download Google’s research “Data breaches, phishing or malware? Understanding the risks of stolen credentials”