Tuesday, February 19, 2013 9:13 AM
Have you ever gotten a plea to wire money to a friend stranded at an international airport? An oddly written message from someone you haven’t heard from in ages? Compared to five years ago, more scams, illegal, fraudulent or spammy messages today come from someone you know. Although spam filters have become very powerful—in Gmail, less than 1 percent of spam emails make it into an inbox—these unwanted messages are much more likely to make it through if they come from someone you’ve been in contact with before. As a result, in 2010 spammers started changing their tactics—and we saw a large increase in fraudulent mail sent from Google Accounts. In turn, our security team has developed new ways to keep you safe, and dramatically reduced the amount of these messages.
Spammers’ new trick—hijacking accounts
To improve their chances of beating a spam filter by sending you spam from your contact’s account, the spammer first has to break into that account. This means many spammers are turning into account thieves. Every day, cyber criminals break into websites to steal databases of usernames and passwords—the online “keys” to accounts. They put the databases up for sale on the black market, or use them for their own nefarious purposes. Because many people re-use the same password across different accounts, stolen passwords from one site are often valid on others.
With stolen passwords in hand, attackers attempt to break into accounts across the web and across many different services. We’ve seen a single attacker using stolen passwords to attempt to break into a million different Google accounts every single day, for weeks at a time. A different gang attempted sign-ins at a rate of more than 100 accounts per second. Other services are often more vulnerable to this type of attack, but when someone tries to log into your Google Account, our security system does more than just check that a password is correct.
Legitimate accounts blocked for sending spam: Our security systems have dramatically reduced the number of Google Accounts used to send spam over the past few years
How Google Security helps protect your accountEvery time you sign in to Google, whether via your web browser once a month or an email program that checks for new mail every five minutes, our system performs a complex risk analysis to determine how likely it is that the sign-in really comes from you. In fact, there are more than 120 variables that can factor into how a decision is made.
If a sign-in is deemed suspicious or risky for some reason—maybe it’s coming from a country oceans away from your last sign-in—we ask some simple questions about your account. For example, we may ask for the phone number associated with your account, or for the answer to your security question. These questions are normally hard for a hijacker to solve, but are easy for the real owner. Using security measures like these, we've dramatically reduced the number of compromised accounts by 99.7 percent since the peak of these hijacking attempts in 2011.
While we do our best to keep spammers at bay, you can help protect your account by making sure you’re using a strong, unique password for your Google Account, upgrading your account to use 2-step verification, and updating the recovery options on your account such as your secondary email address and your phone number. Following these three steps can help prevent your account from being hijacked—this means less spam for your friends and contacts, and improved security and privacy for you.
(Cross-posted from the Official Google Blog)
11 comments:
I'm a fan of the two-factor authentication Google uses. In encouraging others to use it, I'd love to be able to share statistics indicating its effectiveness. Can you share any numbers regarding the reduction in account compromises among people who use two-factor authentication.
I realize such a number would have selection bias, but it's better than nothing.
This just happened to one of our users today. I think this group of people should be called Spackers, for Spam and Hackers. They hack, then send spam.
Very nice.
I just got an email from noreply@googlesecurityteam.net that said:
================
Dear Member,
We noticed our security IP-Address detector as been disabled on your account,to avoid account been hacked or interrupted,You need to re-log in on the link below to update your IP-Address Security.
Secure is one of our most important responsibilities..
Click UPDATE NOW for verification.
Gmail Services Team
© 2013 Gmail LLC. All Rights Reserved.
=========================
Clicking on the link took me to a Google looking sign on page with the url: http://lakshyyaent.com/sites/g/page.gmail.com/gmail/Gmail/ServiceLogin.htm
Is this you or another hacking job?
2 STeps authentication,strong password,recovery option..Google still the best email
Well, this has happened to me a number of times now. My account was not only hijacked, but my websites cloned as well.
It has been suggested that some drug addicts hijacked my blog in order to use the Google adsense.
The templates on Blogger may have some flaws as well. On my account, my editing pencil. wrench and other editing tools do not show up, making it difficult to post and edit in my blogs.
Now, people keep getting me mixed up with the drug addicts who hijacked my blogs.
At the present time, it appears that I may be posting on the spoofed or cloned account and someone else has my account or is sharing it.
Google accounts appear to be hijacked often.
Antonia.
Thank you Google,I'll do my best to protect my Google account and I think Google will remain the best
I use google talk from the MacOS "Messages" application, and I frequently work from a commuter shuttle or remote site (frequently == daily). So basically every time I start Messages, Google flips out about suspicious activity and makes me go throug hthe rigamarole you describe before I can use my account. Is there any way to opt out of this for those of us who simply cannot guarantee an IP address, or do we have to avoid using Google Talk while on the road?
I use Google Talk via MacOS Messages, and I do this from a laptop that is, on a near daily basis, logged in from strange IP addresses. This results in me having to re-authenticate continuously. I'm wondering if there is some way to opt out of this due to the high volume of address-switching I do, or if Google would advise me to avoid using Google Talk from my laptop?
Seriously? Just check how bad written those messages are. They're not even proper English. And that URL has nothing to do with Google. Plus Google never sends emails saying click here to login they always display content on-site.
Thanks! I'm glad you're upping your security. I live up in Calgary, and its nice to know that my online stuff is protected.
Post a Comment