designer491
Many people still use passwords that are very easy to guess
Cyber-thieves grab almost 250,000 valid log-in names and passwords for Google accounts every week, suggests research.
The study by Google and UC Berkeley looked at the ways email and other accounts get hijacked.
It used 12 months of log-in and account data found on websites and criminal forums or which had been harvested by hacking tools.
Google says the research shows victim to scammers and hackers.
During the 12 months studying the underground markets, the researchers identified more than 788,000 stolen credentials via keyloggers, 12 million grabbed via phishing and 1.9 billion from breaches at other companies.
Physical location
Physical location
The most useful information for cyber-thieves (19459012)
Phishing attacks posed the biggest risk to users as these helped malicious hackers scoop up about 234,000 valid names and passwords every week. By contrast, keyloggers only yielded about 15,000 valid credentials each week.
Cyber-attackers also sought to grab other information that could be useful in attacks, said the researchers.
Data about a person's internet address (IP) [1945901]
Popular passwords found in data breaches
- 123456
- password
- 123456789
- abc123
- password1
- 111111
- qwerty
- 12345678
- 1234567
Gathering this data is much harder, found the research, with only 3.8% of people who have credentials of surrendering detailed device information.
In a blog, Google said it would use the results of the research to refine the ways it spotted and blocked attempts to take over accounts. (19459012)
However, the researchers acknowledged that the "multi-pronged problem" of account hijacking required efforts in
It noted that only 3.1% of people who had an account
Because of this, they said, educating users about how to protect accounts should become a "major initiative".
