Phishing Victims Easiest to Get Hijacked
The year 2016 was possibly largely regarding ransomware attacks; however, one can't forget the high-profile hacks along with credential exposures that spilled passwords in billions and more. To assuage that misfortune, University of California, Berkeley researchers and Google teamed up together and assessed the ways cyber-criminals running secret illegal markers to have innumerable credentials of people capture, utilize and make money out of the data.
It has been estimated that victims of phishing attacks can be more easily hijacked than normal Google visitors at the rate of 400 times for the former over and above the latter. By contrast, victims of data breaches are 10 times more chanced to be hijacked while victims of keylogger are 40 times more chanced. During March 2016 to March 2017, Google examined 778,000 probable keylogging victims, 12.4m probable phishing victims, as well as 1.9bn passwords and usernames that were leaked through data hacks. Mediapost.com posted this, November 14, 2017.
Google's experts further studied particular malware strains employed for phishing as also malware that enabled surreptitious recording of an end-user's typing content. Crooks use phishing tools for embedding web-links inside fraudulent e-mails which take onto websites mimicking Hotmail or Yahoo, thus getting unwitting end-users to trustfully type their credentials on them. These kits attract 12.4m probable victims, state the experts. Different keyloggers counting to thousands too exist that actively manipulate on victims' PCs followed with transmitting the details to the remote attacker.
An oft repeated problem end-users face online is account hijacking. Over 15% of Internauts have reported encountering compromise of their social networking or e-mail accounts. Cyber-criminals are utilizing tools which determine victims' location, Internet Protocol addresses, phone numbers and sometimes the device model too.
Google's study further observes that whereas dual-factor validation aids in lessening problems related to phishing, severe hazards exist in wide adoption, in particular, friendly use, regaining of lost credentials as also achieving end-users towards trusting 3rd-parties. The experts further advise utilizing the password manager that sets one fresh random password per website, thus in case one website is hacked, the other website accounts, in particular the e-mail account of consumers, remain safe from hackers' clutches.
» SPAMfighter News - 15-11-2017