November 12, 2017 by

Google Research: Phishing Poses the Greatest Cybersecurity Threat

A new study by Google has revealed insights to better explain how emails and other accounts are hacked and hijacked by malicious hackers.

A 12-month study wherein Google partnered the University of California, Berkeley to provide a better understanding on how customer accounts are hijacked has also revealed ways in which users can better secure their online accounts.

Google wrote:

What we learned from the research proved to be immediately useful. We applied its insights to our existing protections and secured 67 million Google accounts before they were abused. We’re sharing this information publicly so that other online services can better secure their users, and can also supplement their authentication systems with more protections beyond just passwords

Over a 12-month period, the study revealed that a staggering 788,000 credentials were stolen via keyloggers – malicious software or hardware that records the keystrokes on a keyboard. The study, which lasted between March 2016 and March 2017, also discovered 12.5 million potential victims of phishing kits and 1.9 billion usernames and passwords exposed via data breaches and traded on black market forums. A further 3.3 billion credentials were exposed by third-party breaches.

Revealingly, phishing continues to pose the biggest cybersecurity threat, farming some 235,000 usernames and passwords every week. Relatively speaking, keyloggers were found to be stealing nearly 5,000 credentials per week. Furthermore, 74% of keyloggers and 82% of phishing attempts also tried to collect a user’s IP address and physical location. A further 18% of malicious tools collected phone numbers as well as the victim’s device make and model.

Google engineers added:

By ranking the relative risk to users, we found that phishing posed the greatest threat, followed by keyloggers, and finally third-party breaches.

Image credit: Flickr.

About the author

Image of Author

LIFARS is a digital forensics and cybersecurity intelligence firm based in New York City. LIFARS is ranked as one of the top Digital Forensics and Cyber Investigations companies in 2016 and as one of the top cybersecurity companies in the New York metropolitan area for 2015 on the Cybersecurity 500 – a directory of the hottest and most innovative companies to watch in the cybersecurity industry.

Related articles

Google Plans 2FA Upgrade with Hardware Replacements

Google is reportedly close to rolling out a new hardware-based replacement solution as an upgrade...

Read more arrow_forward

Hackers Find a New Way to Attack Nuclear Plants: Template Injection

Hackers have leveraged phishing, a long successful method to execute cyberattacks, with a template...

Read more arrow_forward

Google Will Pay Up to $200,000 for Android Hacks

Google is increasing payouts for its Android bug bounty program, with rewards up to $200,000 for...

Read more arrow_forward