Gone In 30 Minutes: The Rise Of Manually Hacked Email Accounts

For many types of business one of the biggest boons of the internet is its ability to offer scalability to the organisation.

Unfortunately, it’s not just the honest business owner who knows that.

Email hackers have long since learned how to automate their attacks in order to compromise as many accounts as possible in the shortest time frame. But sometimes the old-fashioned ways of doing things are the best and that is exactly what a new report from Google has discovered.

The study reveals how cyber perps are now increasingly investing their time in devising targeted attacks on individuals to maximise their potential financial gains.

Despite the growth in manual hacking the number of incidents is still rare fortunately – about nine incidents per million users per day – but the effects of such an attack can be devastating, according to Google:

“The damage manual hijackers incur is far more severe and distressing to users and can result in significant financial loss. These needle-in-a-haystack attacks are very challenging and represent an ongoing threat to Internet users.”

The internet search company said that manual hackers often find their way into accounts via deceptive means – phishing emails designed to trick the user into handing over their login credentials and other personal information.

The study found that around 1-in-5 compromised accounts are accessed within 30 minutes. Once the attacker has access they often spend more than 20 minutes inside the account, looking for indications of the account’s value based upon popular search terms, as seen in the image below:

Search terms

Where an account is deemed to be of value, the password is often changed to lock out the real owner and their contacts list exploited for the purpose of sending out further phishing emails (or bogus cries for financial help) to entrap other potential victims.

While this reliance on phishing may sound very old school, it is still a surprisingly effective tactic. Google report that links to some fake websites caught victims out as much as 45% of the time which is a startling statistic that says much about the state of security training and awareness among the general population.

Google said that the best defence against such attacks is the use of two factor authentication to add an additional layer of security to the account login process. Google’s own 2-step verification, for example, requires the user to sign in with their password as normal but also requests they enter a code which will have been sent to their phone whenever they log in from a new device. This, Google said, “has some drawbacks, [but] we believe that it is the best way to curb hijacking long term.”

The firm said that the majority of manual account hijacks originate in just five countries: China, Ivory Coast, Malaysia, Nigeria, and South Africa.

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.

Speak Your Mind