In view of growing spam and scam online, search giant Google has undertaken extra responsibility of online policing by declaring a war against hijackers of online account details and fraudulent bids to steal people’s passwords.
Referring to online fraud like a plea to wire money to a friend stranded at an international airport or an oddly written message from someone you haven’t heard from in ages? “Compared to five years ago, more scams, illegal, fraudulent or spammy messages today come from someone you know,” stated its warning sent out on its blog.
“Although spam filters have become very powerful—in Gmail, less than 1 percent of spam emails make it into an inbox—these unwanted messages are much more likely to make it through if they come from someone you’ve been in contact with before” stated Google.
In 2010 spammers started changing their tactics—and there was a large increase in fraudulent mail sent from Google Accounts, it admitted and in turn offered to beef up its security team which is finding new ways to keep Gmail users safe.
Explaining that the spammers are resorting to new trick—hijacking of accounts, it said every day, cyber criminals break into websites to steal databases of usernames and passwords—the online “keys” to accounts. “They put the databases up for sale on the black market, or use them for their own nefarious purposes. Because many people re-use the same password across different accounts, stolen passwords from one site are often valid on others,” said Google in a statement.
With stolen passwords, attackers are able to break into accounts across the web and across many different services. “We’ve seen a single attacker using stolen passwords to attempt to break into a million different Google accounts every single day, for weeks at a time. A different gang attempted sign-ins at a rate of more than 100 accounts per second.”
Acknowledging that whenever someone tries to log into his or her Google Account, the provider’s security system does more than just check that a password is correct. otherwise, legitimate accounts are blocked for sending spam but it was dramatically reduced over the past few years, said Google.
Announcing a new Google Security system, the e-mail provider has offered to protect Gmail accounts by performing a complex risk analysis to determine the real identity of the user. More than 120 variables that can factor into it were put to work, said Gmail’s security engineer Mike Hearn in a statement on Google’s official blog.
In case you travel oceans away to a different country and login from there, Google said it may ask for the phone number or pose a security question. With these measures, it said the accounts are protected by 99.7 percent from the peak of hijacking attempts in 2011.
In addition, it sought the jelp of account holders to use a strong and unique password and upgrading it to 2-step verification and updating the recovery options by providing secondary email address and phone number. “Following these three steps can help prevent your account from being hijacked—this means less spam for your friends and contacts, and improved security and privacy for you,” said Hearn.