Google wanted to know how hackers steal passwords and other important data and it has conducted a study that explores deeper into how accounts get hijacked.
The threats online can be encapsulated to three MOs: keylogging, third-party breaches, and phishing.
Google took a survey of online black markets from March 2016 to March 2017 to gain a better understanding of the root causes of hijacking and account takeovers. It found that among the three MOs, phishing is the biggest threat which causes a threat to online security.
Third-party was responsible for stealing 3.3 billion credentials, while keyloggers and phishing breaches uncovered 788,000 and 12 million credentials respectively.
According to the Mountain View Company, a total of 12 percent of the exposed records used Gmail addresses as a username and seven percent of those accounts reused the Gmail password for other services. Meaning that they were more vulnerable than the others online attacks.
Intruders are continuously making software to penetrate the added security measures for authentication purposes.
According to study, 82 percent of phishing tools and 74 percent of keyloggers would try to steal IP addresses. Hacker’s uses tools to find out victim’s phone numbers, location, as well as device’s make and model.
Attackers have begun to use tools that find out the victim’s phone numbers, IP addresses, location and even the type of device; all of which can be used, just in case there is something more needed to get it.
Google said that they have applied what it learned from the study to their existing protections and security systems.