Join my exclusive Dead Drop Digest with the most popular spy stories, tips, & tricks.

close
Breaking news

A Russia-linked cyber-espionage group has hacked into the controls of electricit...read more What is metadata, how is it used and why is it important? When we interact over ...read more Mass surveillance is the subjection of a population or significant component of ...read more There’s a good chance you were affected by the Equifax hack of 143 million nam...read more Facebook has the ability to spy on users in their homes and offices because of...read more

Google says billions of people’s usernames and passwords are available on the black market

New research by the technology giant and the University of California found that anyone who has an email account is at risk of a triple-threat attack.

Researchers identified 788,000 “credentials” stolen using tools that track victims’ keyboard strokes.

A further 12 million were nicked during attacks in which crooks try to trick people into typing their account details by sending links to re-set their password or pretend to be a well-known brand like eBay, Amazon or a bank like Barclays.

This technique is called “phishing” and can be difficult to detect, because the emails may appear in your inbox as convincing-looking receipts for purchases you haven’t made.

Many are still fooled by a particularly convincing Amazon “thank you for your purchase” email which asks you to click on a link to cancel the order.

Sell your videos to The Sun and we will pay you cash

Of course, the order never existed in the first place.

It is thought an astonishing 3.3billion passwords and usernames are out in the wild thanks to a number of data breaches.

But a password is rarely enough to crack your email account.

Sophisticated attackers are also trying to collect sensitive information needed to verify your identity.

Google security sleuths Kurt Thomas and Angelika Moscicki wrote in a blog post: “We found 82 percent of blackhat phishing tools and 74 percent of keyloggers attempted to collect a user’s IP address and location, while another 18 percent of tools collected phone numbers and device make and model.”

If you want to check whether you’ve been affected, there are services around to help.

Thomas and Moscicki wrote: “Our findings were clear: enterprising hijackers are constantly searching for, and are able to find, billions of different platforms’ usernames and passwords on black markets.

“While we have already applied these insights to our existing protections, our findings are yet another reminder that we must continuously evolve our defences in order to stay ahead of these bad actors and keep users safe.”

Source

Tags: ,

No Comments

Leave a reply

Story Page