Once users have clicked through on the misleading link, on average 14 percent of them actually go on to enter sensitive details such as account login credentials or bank card information, according to the study. The hackers then work quickly to access the newly compromised accounts, with 1 in 5 exploited within the space of half an hour. If you unwittingly give up the keys to your digital home then you might find yourself locked out very quickly.
“For this study, we analyzed several sources of phishing messages and websites, observing both how hijackers operate and what sensitive information they seek out once they gain control of an account,” explains Google’s Elie Bursztein in a blog post. “Even though [these types of hacks are] rare — 9 incidents per million users per day — they’re often severe, and studying this type of hijacker has helped us improve our defenses against all types of hijacking.”
So what can you do to protect yourself, other than being wary of every email that turns up in your inbox? Google recommends reporting suspicious-looking messages and visiting websites directly to login, rather than clicking through a link in your email program. If you’re using Gmail, make sure you’ve set up backup information (like a phone number) that you can use to restore your account if it gets compromised, and switch on two-step verification to make it harder for unwelcome visitors to gain access to your account. Google says it has managed to block 99 percent of hijackings in the last few years.
[Image courtesy of mtkang / Shutterstock.com]
