How secure is your email? If you’re among the 425 million people who use Gmail, you’ll be pleased with this answer. In a recent blog post, Google revealed that only 1% of email threats actually make it to your inbox.
The remaining 99% end up in your spam folder, where each message is flagged with specific warnings about phishing, malware or other potentially dangerous spam.
It’s one of the many reasons why we love Google over here at the Scambook Blog. (Another reason? Google Voice. Click here to learn about how Google Voice can save you from a Craigslist scam.)
Spam Filters Get Smarter, Scammers Get Sneakier
But just as spam filters in Gmail are getting smarter, fraudsters are also getting sneakier. In 2010, Google saw a large increase in the volume of fraudulent messages sent from Gmail accounts. To get around an advanced spam filter like Gmail’s, scammers developed some very deceitful tactics.
They started hacking into Gmail user accounts and blasting spam to the user’s contacts. In other words, that’s why you get those weird emails from your grandma about HCG Ultra Drops and work-from-home programs. Gmail recognizes your grandma’s email address and considers it safe, so the message slips through the spam filter and lands in your inbox.
At Scambook, we’ve received hundreds of complaints about diet products associated with this tactic, like HCG Ultra and Raspberry Ultra Drops/Raspberry Ketone Diet. Users get an email from a hijacked account, but they don’t know their friend or family member has been hacked by spammers. They trust their friend’s “endorsement” and buy the product.
Google describes the hackers’ aggressiveness on their Official Blog:
“We’ve seen a single attacker using stolen passwords to attempt to break into a million different Google accounts every single day, for weeks at a time. A different gang attempted sign-ins at a rate of more than 100 accounts per second.”
And remember, it’s only 1% of threats that slip through Gmail’s spam filter. Wow.
How You Can Increase Your Own Google Security
Since Gmail hijacking attempts reached their peak in 2011, Google has significantly boosted security and reduced the overall number of compromised accounts by 99.7%.
Every time someone logs in to Google or Gmail, Google goes to great lengths to ensure that it’s the legitimate user, not a hacker. From Google’s Official Blog:
“[O]ur system performs a complex risk analysis to determine how likely it is that the sign-in really comes from you. In fact, there are more than 120 variables that can factor into how a decision made.
If a sign-in is deemed suspicious or risky for some reason—maybe it’s coming from a country oceans away from your last sign-in—we ask some simple questions about your account…These questions are normally hard for a hijacker to solve, but are easy for the real owner.”
However, there are steps can take on your own to further boost your Gmail security. The most important cyber safety tip is to use a strong, unique password. Change it every three months and never use the same password for multiple websites. If you need help making a secure password, watch our video How to Create a Password Even Your Ex Can’t Hack.
Google also recommends upgrading your Gmail settings. Update your recovery contacts (such as your secondary email and phone number) and use 2-Step Verification. With Google’s 2-Step Verification, you’ll login with your regular password and then receive a special passcode via text, phone call or Google’s mobile app. Enter this second passcode to finish logging in.
As Google says, “if a bad guy hacks through your password layer, he’ll still need your phone to get into your account.”
What Do You Think?
Have you been hacked by spammers? Do you use 2-Step Verification or do you think it’s overkill? Share your thoughts in the comments.