http://www.darkreading.com/attacks-breaches/google-manual-account-hijacks-much-more-dangerous-than-bot-takeovers/d/d-id/1317301
By Jai Vijayan
Dark Reading
11/6/2014
Targeted attacks are less common but cause more problems and financial
losses for victims than nontargeted mass account takeovers, a new report
from Google says.
Most online account hijacking capers are carried out using automated bots,
but not all. In fact, some of the most effective and damaging heists
result from targeted, carefully staged, manual attacks, a new study by
Google shows.
Researchers at the search company recently reviewed manual account
hijacking incidents involving users of various Google services from 2011
to 2014. For the study, the researchers looked at how criminals acquired a
victim's login credentials to take over an account and how they attempted
to exploit and monetize that access.
For the purposes of the study, the researchers defined a manual hijack as
an incident where an attacker spends considerable time exploiting a single
victim's account for financial gain. They discovered that such incidents
are extremely rare. In fact, over the period of the study, the researchers
observed an average of just nine incidents of manual account hijackings
per million Google users per day.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
