Google has teamed up with UC Berkeley to research how emails and other accounts are hacked. By tracking black markets, the research was able to provide a better understanding of how accounts are hijacked, and also found ways for people to secure and protect their accounts.
Over the course of 12 months, the study analysed how hackers steal important information. It found that 788,000 credentials were stolen by keyloggers, which records the keys someone presses on a keyboard. Another 12 million credentials were stolen through phishing or tricking people into giving their personal data away, and 3.3 billion credentials were exposed by third-party breaches.
Phishing was revealed to pose the biggest threat, as the cybercrime technique was able to obtain 234,000 names and passwords every week. While less than phishing, keyloggers were still able to successfully steal 5000 credentials per week, according to the research.
To prevent these types of attacks, Google suggests users have recovery information linked to their account and to use the automatically generated passwords through Chrome, keeping them safe in Smart Lock.
"While we have already applied these insights to our existing protections, our findings are yet another reminder that we must continuously evolve our defences in order to stay ahead of these bad actors and keep users safe" the Google Security Blog states.