Many of us have likely received bogus emails from the Gmail addresses of friends who have had their accounts compromised by hackers. “I’m stranded in London; send money!” or “Click this hilarious link!”
Hopefully we are tech-savvy enough to not click sketchy links and avoid draining our bank account for a “friend” in need. But in a blog post today, Google outlined how it tries to stop those hacks from happening in the first place.
The search giant said hackers started targeting individual email accounts in 2010 after advances in spam protection meant that most bogus messages were delivered directly to the trash.
“In 2010 … we saw a large increase in fraudulent mail sent from Google Accounts,” wrote Mike Hearn, a Google security engineer. “In turn, our security team has developed new ways to keep you safe, and dramatically reduced the amount of these messages.”
Google said it has reduced the number of compromised accounts by 99.7 percent since the number of these hijacking attempts peaked in 2011. One aspect of that decline is a system of more than 120 variables that check to make sure an account signin is actually you.
“If a sign-in is deemed suspicious or risky for some reason—maybe it’s coming from a country oceans away from your last sign-in—we ask some simple questions about your account,” Hearn wrote, like your phone number or your security question. These questions are often hard for the attacker to answer, prompting the decline in compromised accounts.
How do hackers get your details in the first place? You’ve no doubt heard of countless database hacks in recent months, where passwords, email addresses, and other data was “compromised.” Those hacks are not just for the lulz; attackers hope to turn your personal data into cold, hard cash.
“Every day, cyber criminals break into websites to steal databases of usernames and passwords—the online ‘keys’ to accounts,” Hearn wrote. “They put the databases up for sale on the black market, or use them for their own nefarious purposes. Because many people re-use the same password across different accounts, stolen passwords from one site are often valid on others.”
“We’ve seen a single attacker using stolen passwords to attempt to break into a million different Google accounts every single day, for weeks at a time,” he continued. “A different gang attempted sign-ins at a rate of more than 100 accounts per second.”
Google urged users to have strong passwords, opt for two-factor authentication, and update recovery features.
Earlier this month, meanwhile, journalists covering Myanmar reported that Google warned them of what appeared to be government-sponsored hacks. Google has been warning users about state-sponsored attacks since June, and also offers alerts about malware and blocked websites in China.