Cybercriminals are now spending more time in devising
targeted attacks on individuals to make significant financial gains
instead of launching widespread automated attacks, says tech giant
Google.
Incidents of manual hijacking — where
professional attackers spend considerable time exploiting a single
victim’s account —— are still rare at about nine incidents per million
users per day, but the impact can be severely damaging, Google said in a
study.
“The damage manual hijackers incur is far
more severe and distressing to users and can result in significant
financial loss,” it added.
Google said these “needle-in-a-haystack” attacks are very challenging and represent an ongoing threat to Internet users.
Manual
hijackers often get into accounts through phishing attacks by sending
deceptive messages meant to trick users into handing over username,
password and other personal information.
“Of the
hijacking case samples we analysed, we found that most of the hijackers
appear to originate from five main countries: China, Ivory Coast,
Malaysia, Nigeria, and South Africa,” it said.
The
study found that criminals attempted to access 20 per cent of the
accounts within 30 minutes of attack. Once logged in, manual hijackers
profile the victim’s account and spend an average of three minutes to
assess the value of the account before exploiting it or abandoning the
process.
It added: “This step entails searching
through the victim’s email history for banking details or messages that
the victim had previously flagged as important. We also see attackers
scanning through email contacts which are then either solicited for
funds or targeted with a salvo of targeted phishing emails.”
Google said that using a second authentication factor like a phone, has proven the best defence against hijacking.
“While
second factor authentication has some drawbacks, we believe that it is
the best way to curb hijacking long term,” it added.
(This article was published on November 9, 2014)
