Google announced Tuesday, Feb. 19 that it's beefing up security in Gmail to protect users from email spammers and account hijackers. Cybercrime is on the rise and an update on Google's Public Policy Blog addresses the need for enhanced Internet safety precautions.
A common scam to gain unauthorized access to an account is when a user receives an email from someone they know, with a desperate plea urging them to wire money to a foreign country. The usual story line is that the user's friend is stuck in a foreign country after being robbed of their passport and money or that they are stranded at an international airport. Gmail's spam filters work pretty well with less than 1 percent of them making it into the user's inbox. Spammers figured out that if the email came from someone the user knew, then it would stand a better chance of being seen by the user instead of being detected by Google's spam filter.
A new trend among spammers and scammers to beat the spam filter is the hijacking of email accounts. Cyber-criminals hack into websites daily and steal username and password information from website databases. Attackers use the stolen information to gain unauthorized access to accounts all over the web. Many people use the same password information on numerous sites so attackers achieve success cracking user accounts on other sites.
As Google reports, "We've seen a single attacker using stolen passwords to attempt to break into a million different Google accounts every single day, for weeks at a time. A different gang attempted sign-ins at a rate of more than 100 accounts per second."
Google's system ensures protection of user accounts by performing a sophisticated risk analysis that determines how likely it is that the user signing in is the actual account holder. When the system detects that a sign in attempt is suspicious, the user is asked a few questions for verification purposes. "These questions are normally hard for a hijacker to solve, but are easy for the real owner. Using security measures like these, we've dramatically reduced the number of compromised accounts by 99.7 percent since the peak of these hijacking attempts in 2011."
To protect their Gmail account, it's advised that users create a strong and unique password, upgrade their account to use Google's two-step verification process and update their account's recovery options.