

Even as web giants such as Google LLC implement increasingly sophisticated security safeguards to protect their users, account hijacking remains a major threat. In a bid to shed more light on the issue, the company on Thursday released a landmark study that breaks down hacker activity by the numbers.
The report is the fruit of a yearlong investigation that kicked off last March. In collaboration with researchers from the University of California at Berkeley, Google scoured websites frequented by hackers for stolen account credentials. The company uncovered 788,000 credentials that were obtained using keyloggers, 12.4 million stolen via phishing and a massive 1.9 billion records pilfered through data breaches.
Breach attempts against large corporate targets have proven to be a particularly big privacy risk. The hack at credit reporting giant Equifax Inc. that came to light in September by itself exposed information about 143 million consumers. Yet while such large-scale attacks certainly constitute a far-reaching issue, they somewhat surprisingly aren’t the biggest concern for users worried about their most important online accounts getting hijacked.
Instead, it’s phishing. Google’s study shows that people who fall victim to a phishing campaign, which involves sending messages that appear to be from a known company or person to elicit personal information, are 400 times more likely to have their account compromised than the typical Gmail user. Those impacted by a data breach are just 10 times more susceptible.
This disparity has to do with the type of information stolen during attacks. Hackers that manage to breach a large retailer, for example, may find credit card numbers but they probably wouldn’t come across too many Gmail passwords belonging to customers. Phishing campaigns, by contrast, are specifically designed to fool victims into giving up their account details.
That includes much more than just usernames and passwords. According to Google, hackers are increasingly going after secondary account details such as the user’s geographic location. This information can potentially be employed to bypass the protections that online services have in place to prevent the use of stolen login credentials.
Google’s report is not all doom and gloom, though. In a blog post, the search giant detailed that the hacker data uncovered through its investigation has been applied internally to improve user protections and secure 67 million vulnerable accounts before they could be compromised.
Support our open free content by sharing and engaging with our content and community.
Where Technology Leaders Connect, Share Intelligence & Create Opportunities
SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.