Google the proud owner of Gmail has led a year-long investigation into the hacking of many of the user’s Gmail accounts and according to the results users are more at risk due to phishing than of data breaches as the former collects a lot of additional data/information.
Data breaches are dangerous as well for the users but according to the Google’s study, phishing is a far greater threat to the users.
To conduct the study, Google directed its web crawlers at hacker forums that are available to the general public however several private hacker forums were also bypassed by Google in this investigation.
Furthermore, the company also directed them to paste sites to look for potential credential leaks.This whole investigation was done in partnership with the University of California Berkeley.
The result of this investigation proved to be quite fruitful as the blackhat search came up with 1.9 billion credentials that had been exposed by data breaches.
These breaches had affected users of Adobe, MySpace, Dropbox, LinkedIn and several other dating sites. And, a great majority of the credentials were found being traded on private forums.
But, regardless of these huge numbers, only 7% percent of the credentials exposed in these data breaches match the password that is being used by Gmail users, but on the other hand, a quarter of 3.8 million credentials that were exposed in phishing attacks do match the current Google password of Gmail users.
The study further states that users who have been exposed to this kind of attacks are 400 times more likely to get their Gmail accounts hijacked than a random Google user. This difference is due to the courtesy of phishing kits and the type of information they collect.
What are Phishing Kits?
Phishing Kits are generally uploaded to compromise websites, as they automatically email captured credentials to the hacker’s account. They have prepackaged fake login pages of popular websites, such as Gmail, Hotmail, Yahoo, and online banking.
Phishing kits capture the same amount of details that Google uses in its risk assessment when users log in, such as geolocation, phone number or a secret question and this is the reason that these kits enable a higher amount of account hijacking.
17 percent of phishing attacks collect phone numbers while 83 percent of 10,000 phishing kits collect the victims’ geolocation
Based on location 41 percent of phishing kit users are from Nigeria while next in line is the US which accounts for 11 percent of these users.
Fascinatingly, the researchers found that 72 percent of the phishing kits have been using Gmail accounts to send the captured credentials to the attacker while, only 6.8 percent used Yahoo, which is the second most popular service for these phishing-kit operators.
Every week 234,887 valid credentials were sent using phishing kits
Also, 27 percent Gmail users represent the largest group of phishing victims, followed by Yahoo who stands at 12 percent. However, the largest group of leaked credential victims are those that use Yahoo and Hotmail representing 19 percent, followed by Gmail at 12 percent.
If we go by location then the most victims of these attacks were based in the US, whereas most victims of key-loggers were from Brazil.
The solution that the researchers of this study suggested is to incorporate a two-factor authentication can diminish the threat of phishing, but also admitted that the ease of use is a hurdle towards adoption.
We have compiled a guide on how to stay safe online as individual steps must be taken by users themselves to resist and fight against phishing attacks and remain safe from hackers.