UPDATED 06:30 EST / FEBRUARY 20 2013

NEWS

Google Claims 99.7% Reduction in Hijacked Gmail Accounts

We’ve seen some pretty clever email scams over the years – such as the ‘travel money scam’ where a friend sends a frantic message saying that they’re stuck overseas and have just lost all of their money, before begging you to send them some funds. Dozens of variations of this exist, along with altogether different scams such as the “click this hilarious link!” messages.

Most tech-savvy users realize straight away that these messages haven’t been sent by their friends at all; instead, they were sent out by criminals that hijacked their friend’s email accounts. This kind of phishing scam apparently reached its peak during the summer of 2011, at which time Google decided to hit back at the account hijackers. Now, the company has just revealed how successful these efforts have been, reporting that the number of Gmail accounts hacked since then has dropped by 99.7%.

Google’s detailed report explains how the email hijacking scams originated. Apparently, the trick evolved as a result of improved spam filters that would successfully weed out your traditional “phishing” emails sent from an unknown address. These measures prompted hackers to hijack people’s email accounts instead, using these ‘trusted’ accounts to send out their fake messages instead and get around the spam filters.

In order to solve this problem, Google introduced a wave of new security measures beyond simple password authentication. Nowadays, Google performs a “complex risk analysis” whenever someone attempts to login to their Gmail, taking into account more than 120 variables to determine if it is the genuine users. Should Google’s system decide that the level of risk is too high, other security measures will kick in to prevent unauthorized access.

These include such things as asking the user a ‘security question’, or prompting them to enter the phone number associated with the account. As Google points out, anyone who steals a password for someone else’s Gmail account is unlikely to know the answers to these questions as well, hence the massive drop in hijacked accounts.

Google’s announcement is timely, serving to show off how secure their email service is at a time when Microsoft has just transformed its outdated Hotmail service into the revamped Outlook.com in an attempt to steal users away from Gmail.

Still, Google does remind us that its security measures can never be 100% water-tight. Users can help themselves to lessen the risk however, by turning to Gmail’s two-step verification system and adopting a much tougher, more complex password. In addition, users should ensure that their account recovery information is kept up to date with a secondary email addressed and their current phone number.


A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU