In recent days, a rather worrying news has rebounded in the main Italian and foreign newspapers and blogs: 5 million Gmail passwords published online available to anyone. This is certainly not the first case of theft of credentials that, in the past, has involved giants such as Sony and Linkedin.
Google, the number one company in the world for activities on the web, has published a post on its blog to take stock of the situation with a short and concise article on password security, the causes of the theft of credentials on Gmail and impact on users .
The bottom line is that even the best tech hackers can't do much against the security systems of companies like Google.
They, therefore, act in a clever way, taking advantage of people's technical-computer ignorance, their superficiality and carelessness.
Login names and passwords are therefore not stolen by violating a security system, but are obtained, more or less correctly, by combining different sources, thus assuming that they are also used on Gmail or other sites.
Google has made a comparison between the widespread lists (with as many as 5 million stolen accounts) estimating that less than 2% are those name and password combinations that really access a Gmail account.
In practice, those who respected the good rules of managing online accounts did not risk anything and only a few were actually victims of password theft, only those who failed to two of the main online security rules: use too simple passwords and use the same password and username on all web accounts .
Thanks to social engineering techniques it becomes child's play to steal passwords for a hacker who is not too good .
It will be enough to violate a less famous (and less protected) website or simply search for password lists on the internet (easy to find), to put together a large amount of username and password which, if reused for the most important accounts such as Google, Gmail, Facebook, Paypal or other sites, it becomes easy to steal and violate them.
The best hackers, then, are able to steal passwords through malware or phishing techniques, against which you can defend yourself by protecting your computer with an antivirus and being careful not to open messages and emails from strangers or with warnings too strange to be real .
Google, in its article, reassures Gmail users by clarifying that its security systems would still block access attempts that seem strange, for example because they come from another country than the owner's country or because of too many wrong attempts.
In Gmail then you can check the latest accesses at any time, by clicking on Details, at the bottom, in the center of the page.
Google is one of those sites that uses two-factor authentication, very effective against any attempted infringement.
I refer to the guide on how to protect website accounts, to be read carefully, to avoid bad surprises in the future and to be calm in case there are other cases of this kind.
Instead, Google recommends taking a look at the security settings of your Gmail account
READ ALSO: Password theft on the internet: the 5 most used techniques
