Google has issued the latest update on its blog saying recovery phone numbers are essential to block automated bot attempts and stop access to credential stuffing attacks. The internet juggernaut came to the said conclusion after a team of researchers from New York University and the University of California conducted research on behalf of Alphabet Inc.’s subsidiary on how important was linking of a recovery phone number to a Google account.
“Research shows that linking a mobile phone contact number to a G account can block 100% automated attacks by bots, 99% of phishing attacks and 66% of targeted attacks,” says research conducted for Google AI.
Usage of 2FA such as an SMS code can help prove an extra layer protection to stop over 76% of targeted attacks, 96% bulk phishing attacks and 100% automated bots.
After analyzing data related to more than 350,000 hijack attempts on more than 1.2 million users across Google’s 14 varied login challenges, the conclusion was bounded.
At a recent Google Cloud Next Conference, the web search giant said that it wanted to use Android phones as security keys from this year-end.
So, how to protect Google accounts from Phishing attacks?
1. First and foremost thing is to link a mobile phone number and email ID to a G account and keep it updated.
2. Always use alpha-numeric characters as passwords with some special characters included as well as it makes it hard for hackers to guess.
3. Keep the software up to date.
4. Set up 2-factor authentication (2FA) to reduce the chances of someone gaining fraudulent access to an account
5. Go for a ‘Google Security Checkup’ once in a month or so