View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
November 7, 2014

Google warns users over ‘manual hijacking’

Hackers get hands dirty to lock out users and send contacts more spam.

By Jimmy Nicholls

Google has published a study warning users about "manual hijacking", in which a hacker targets a single victim’s account.

According to the search engine, such incidents only account for nine incidents per million users, but when successful can lead to money being stolen from the victim.

Elie Bursztein, anti-abuse research lead at Google, said: "Manual hijackers often get into accounts through phishing: sending deceptive messages meant to trick you into handing over your username, password, and other personal info.

"For this study, we analysed several sources of phishing messages and websites, observing both how hijackers operate and what sensitive information they seek out once they gain control of an account."

Some fake phishing sites fooled users as much as 45% of the time, though users only submitted credentials to such pages 14% of the time on average.

A fifth of the time hackers would access the account within half an hour once they had obtained the login details, usually spending more than 20 minutes inside searching for other data and locking the account owner out.

"Hijackers then send phishing emails from the victim’s account to everyone in his or her address book," Bursztein added. "Since your friends and family think the email comes from you, these emails can be very effective."

Content from our partners
Infosecurity Europe 2024: Rethink the power of infosecurity
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond

He warned users to be suspicious of messages asking for personal data, to make use of two-factor authentication requiring more than just a password, and to implement backup procedures in order to take back control of stolen accounts.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.