CyberNews Briefs

How to block hijacking attacks on your Google account

Securing your Google account against the vast majority of account hijacking attempts is as simple as adding a recovery phone number, new research by Google, New York University, and the University of California, San Diego shows.

The researchers discovered that the mere addition of a recovery phone number sufficed to block all (100%) automated bot attacks, nearly all (99%) untargeted phishing campaigns, and two-thirds (66%) of targeted attacks that took place within the time frame of the study. The research covered a whopping 350,000 hijacking attempts on 1.2 million Google account users.

In the absence of a recovery phone number, Google protects user accounts with knowledge-based questions. These usually still block bot attacks, but are not effective against phishing and targeted attacks, because threat actors can use social engineering to get victims to share information that will enable them to answer the questions.

Read more: How to block hijacking attacks on your Google account

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.