1, 2, 3, 4, 5, Google caught a phish alive

- Cyber security - Phishing

27-11-2017


A recent study by Google has revealed the ways in which email and other accounts are commonly highjacked by cyber criminals. Over a 12-month period, the company analysed log-in and harvested account data found on websites and criminal forums.

The research revealed that more than 78,000 credentials had been stolen via keyloggers, 12 million grabbed via phishing scams, and 1.9 billion from company breaches. Interestingly, the most useful information came from keyloggers and phishing attacks as these included valid passwords in 12-25% of attacks.

What is perhaps most concerning about the findings is the continued use of inadequate passwords. Popular passwords found in the analysed breach data included: 123456, password, 111111 and qwerty.

Despite cyber awareness improving in recent years, it is disappointing to see such poor password choices still prevailing. PGI recommends that passwords should be a minimum of 14 characters long, use non-dictionary words and contain a mix of special characters to add complexity.

We also remind users not to use the same password across multiple accounts as any criminal who gains a password will immediately try accessing other major sites (such as Amazon, Facebook, PayPal, etc) in the hope that the victim has reused the same password elsewhere.

How PGI can help your team avoid phishing scams

PGI offer a Phishing Vulnerability Assessment service. This programme will help your team identify malicious e-mails and gauge their vulnerability to compromised links. Talk to us to find out more: sales@pgitl.com or +44 (0) 845 600 4403

Ready to get started? Speak to one of our experts.

If you have any questions about our services or would like to learn more about our consultants here at PGI, please get in touch with us and speak with one of the team, call us on +44 (0)845 600 4403 or email us at sales@pgitl.com

Get in touch

Want to find out more?