Real news from the privacy world

Google Reveals Shocking Truth About Manual Hijacking


Each day the importance of online data containing personal data increases thus making the significance of protecting it much greater than before. We use internet to access social networks and other entertainment websites, purchase goods, work, control our bank accounts, etc. Each time we use our personal information on the internet we are exposed to an increased threat of various data breaches.

The recent survey reflects that people are aware of the dangers online though not every person take precautions to protect the information that they use online. Most people have insurance for their property and if anything happens to it they are able to replace it without much of a problem. However, if your personal information is leaked online you may face much greater threat of having your savings in your bank account stolen or even your identity stolen.

Mass hijacking is the most commonly used method to gain access to various accounts. The procedure is carried by sending automated e-mails, malware, pop-ups and using other phishing campaigns. Other methods to obtain log in details of accounts include cyber attacks against political, educational, health care institutions like government, universities, hospitals. The accounts later on can be used not only to steal something but to spy on the victims as well. In the latter case the victim may be even unaware that their account has been compromised and they are being spied on.

Besides these mass hijacking operations there is also what Google calls “manual hijacking”. Unlike the previously mentioned methods manual hijacking is time-consuming and instead of targeting masses of people the hacker targets an individual account. The method is mostly used to gain access to the bank accounts of targeted individuals. Although this method is rarely used it may be devastating to the victims finances.

Google showed their interest in studying the method more closely. The research showed that people are willing to take the method as a real job and spend many hours in collecting information about a person. This information then can be used to make a seemingly believable stories to ask you to give away your credentials. The method has a much greater success rate than the massively sent messages about uncles in trouble that need your financial support.

Furthermore, the manual hijacking is constantly changing. For example when the company started asking where they log in the most from, hackers reacted to it by gathering the information about log in location details.

The method is also dangerous because after a single account is breached hackers are able to access about 20% of the victim’s accounts in about half an hour. Once your account is breached its log in details may be changed to prevent you from accessing it. Later other accounts are being hacked to gain access to bank accounts and social networks.

Once your accounts have been hacked your contacts in your social networks are targeted by sending messages from your account. Since people in your network tend to know you they are more likely to provide details hackers are looking for or simply click on infected links making it easier to scam them than mass spamming their mailbox from unknown domains.

The countries that most manual hijackers “work” from are China, the Ivory Coast, South Africa and Nigeria. Moreover, they tend to target specific communities for instance French speakers focus on the French speaking community.

Most of us who are aware of similar phishing scams believe that it is very unlikely to become victim of the scams. However, Google’s research showed that some phishing websites had 45% success rate. And while these websites obtained the information from 14% of the visitors, even the most obvious cases of fraud managed to gain information that scammers needed 3% of the time.

The numbers show that even though the manual hijacking may be not the most common scamming method it sure is effective and severe.

Google said that the research results have been used to change their account security systems. Nevertheless, they still warn us that we, ourselves, are the main wall of protection against these scammers. Google suggests to frequently change your passwords as well as avoid easily remembered passwords because most likely such password is commonly used because people are not as different as some of you would like to believe.

They also mentioned that even though secondary levels of verification require your phone number or secondary e-mail, they still provide a significant barricade for hijackers.

Besides these methods we would also recommend to use a VPN for your protection. NordVPN makes sure that your identity is protected and provide an additional technical security that compliments your smart management of various accounts.

Try NordVPN for Free!

3 days of full security and privacy, with no strings attached


Your email address will not be published. Required fields are marked *

Leave a Comment

Your email address will not be published. Required fields are marked *