Tech Made Simple

Hot Topics: How to Fix Bluetooth Pairing Problems | Complete Guide to Facebook Privacy | How to Block Spam Calls | Snapchat Symbol Meaning

We may earn commissions when you buy from links on our site. Why you can trust us.

author photo

Google Study Reveals How Account Hijackings Really Work

by Fox Van Allen on November 06, 2014

An ominous-looking hand that represents, conceptually, the theft of Internet accountsGoogle’s Online Security Blog today released the results of a fascinating study into so-called manual hijackings – when a human being hacks an online account. They’re not common, especially when compared to attacks by bots and automated programs, but the damage caused by them can be incredibly devastating. Bank accounts can get taken over; money can be stolen; sensitive pictures can get copied and worse, all depending on the hacker’s whim.

Knowing more about how manual hijackings work and how hackers operate can be an incredibly beneficial tool for avoiding becoming a victim yourself. First, understand that most of these attacks start through a phishing attack – that is, where an email pretends to be from your bank or Facebook account just to trick you into telling them your password. Just about anyone can fall victim to well-designed phishing attack. Some fake websites that were examined had tricked people 45% of the time. On average, 14% of those who visit a phishing page wind up submitting information, with even the worst sites turning 3% of visitors into victims.

Google infographicWhat happens when your account gets hijacked?

Typically, once a hacker (most typically, someone from China, Ivory Coast, Malaysia, Nigeria or South Africa) has your email account details, he’ll work quick to exploit them. Approximately 20% of hijacked accounts get accessed within the first 30 minutes. Once inside, the hacker will just spend over 20 minutes changing your passwords, stealing credentials to other accounts and locking you out of every account of yours he can get his hands on.

Arguably the worst part of a so-called manual hijacking is how it often puts the people you care most about at risk. Scammers will often send emails from your account, pretending to be you, to try and get inside your email contacts’ accounts too. Google found a scary statistic here: Those contacted by a hacker in this manner are 36 times more likely to become victims themselves.

How do you stay protected?

Always treat emails requesting information about your login, password, bank account or other personal data with a high degree of suspicion. If you still believe the email to be genuine, don’t follow any embedded links inside. Type your bank’s URL in your browser if necessary instead.

Google also recommends securing your accounts with two-step verification wherever possible. It’s simple to set up with a physical USB key or by linking your smartphone to your Google account. If someone tries logging in to your account from an unfamiliar location, they’ll be prompted for that key or a code from your phone. This makes your account exponentially more difficult for hackers to get into, and isn’t very intrusive to use on your end.

[Internet criminals and theft via Shutterstock]


Computer Safety & Support, News, Computers and Software, Internet & Networking, Blog, Privacy

Discussion loading

Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships | Licensing & Permissions
Accessibility Statement
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.