How Google Fought Off Spammers Trying To Break Into One Million Accounts

The spam-blocking technology in Gmail is fairly effective, but that doesn’t mean spammers and criminals don’t want to use Gmail to send dubious messages. A blog post from Google notes a dramatic increase in attempts to hijack individual accounts.

“We’ve seen a single attacker using stolen passwords to attempt to break into a million different Google accounts every single day, for weeks at a time,” Google security engineer Mike Hearn wrote in the post. “A different gang attempted sign-ins at a rate of more than 100 accounts per second.”

Those attempts have been thwarted due to a range of controls in Google’s systems. As well as encouraging the use of two-factor authentication (something we definitely recommend), Google checks any login attempt against its existing knowledge of how your account is used.

“Every time you sign in to Google, whether via your web browser once a month or an email program that checks for new mail every five minutes, our system performs a complex risk analysis to determine how likely it is that the sign-in really comes from you,” Hearn wrote. “In fact, there are more than 120 variables that can factor into how a decision is made.”

An update on our war against account hijackers [Official Google Blog]

The Cheapest NBN 50 Plans

Here are the cheapest plans available for Australia’s most popular NBN speed tier.

At Lifehacker, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.


Leave a Reply