In an effort to better understand how users accounts get 'hijacked,' Google collaborated with the University of California at Berkeley to investigate how the black markets responsible for obtaining and selling user credentials operate.
The study took place from March 2016 to March 2017 and the research focused primarily on tracking several large black markets trading in third-party password breaches and 25,000 blackhat tools utilised for phishing and keylogging.
By the end of their research, Google and the University of California identified 788,000 credentials stolen using keyloggers, 12 million credentials stolen through phising and 3.3 billion credentials leaked through third-party breaches.
While Google accounts were used as a case-study, the tactics employed by these cyber criminals could be used to gain access to other online accounts as well.
Regarding third-party data breaches, 12 per cent of the exposed records contained a Gmail address which served as a username and password. Of those passwords though, only seven per cent were valid due to reuse. Phishing and keylogging attempts often targeted Google accounts but were only somewhat successfully with 12 to 25 per cent producing a valid password.
As Google has begun to require more than just a username and password to access an account on a new device, cyber criminals have begun to try and collect even more sensitive data on users to help them bypass verification questions.
The study found that 82 per cent of blackhat phishing tools and 74 per cent of keyloggers tried to record a user's IP address and location while an additional 18 per cent of tools also tried to collect users' phone numbers as well as the make and model of their device.
Google has increasingly tried to protect its users from having their accounts 'hijacked' through the implementation of new security tools such as its recently announced Advanced Protection program and through its new two step verification program Google Prompt.
The study was presented at the Conference on Computer and Communications Security (CCS) in Dallas, Texas and is now available in full from Research at Google.
Image Credit: Antb / Shutterstock