Google explores the dark corners of the web to better protect people’s accounts. In terms of cyber black markets and public forums, the search engine found millions of usernames and passwords stolen directly through piracy. It also discovered billions of usernames and passwords indirectly exposed to third-party data breaches.
For a year, the researchers of the tech giant Google investigated the different ways in which hackers steal personal information and seize search engine accounts. The investigation was published this Thursday.
Focusing exclusively on Google accounts and in partnership with the University of California, Berkeley, researchers created an automated system to scan public websites and criminal forums for stolen credentials. The group also investigated more than 25,000 criminal hacking tools, which it received from undisclosed sources.
The company, owned by Alphabet, said it is the first study to analyze in the long term and comprehensively how criminals steal their data and which tools are most popular.
“One of the interesting things (we found) was the large scale of information about the people that is available and accessible to the hijackers,” said Kurt Thomas, Google’s security researcher.
Even if someone has no experience of malicious hacking, he or she could find all the tools they need in hacker forums.
Data breaches, such as the recent Equifax hack, are the most common ways that criminals can obtain their data. In one year, researchers found 1,900 million usernames and passwords exposed for infractions. The company continued to study this until September 2017 and found a total of 3,300 million credentials.
But digital criminals can be much more proactive in stealing information. Two popular methods are phishing and key capture, which works by recording what you type on your computer.
Google researchers identified 788,000 potential victims of keylogging and 12.4 million potential victims of phishing. These types of attacks happen all the time.
Because passwords are often not enough to access online accounts, cybercriminals also try to collect other data. The researchers discovered that phishers try to divert location, phone numbers or other sensitive information while stealing login credentials. Mark Risher, director of product management at Google, said that this was one of the main conclusions of the study.
Now you can automatically recognize when you are entering from an unusual site: if the company sees you trying to enter from Russia when you usually log in from California, Google will ask you to verify that it is you. As a result, the company has adjusted the location radius around the usual login areas.
The Silicon Valley company also implemented additional layers of email security in its official Gmail application. The company said that applying research knowledge to its security protections prevented the abuse of 67 million accounts.
Although experts have suggested using multi-factor authentication (a layer of security in addition to their password) for a long time, public adoption lags behind. According to recent data from Duo Security, most Americans do not implement the additional layer of protection.
But that could be changing. Risher said Google sees more people adopting less convenient options to stay safe. For example, Google sold the Advanced Protection Program kits shortly after its launch. The kit contains two physical security keys that a person should have to access their account.
So, if you liked this article then simply do not forget to share this article with your friends and family.