Recent research from Google reveals that users can enhance their online security by adding a recovery phone number to their respective accounts.
Google worked in tandem with New York University and The University of California, San Diego on a yearlong study where they researched ways to combat targeted attacks and other security challenges.
The team concluded the study by stating that during their research, simply adding a recovery phone number to the Google account can block up to 100% automated bots, 96% of phishing attacks and 66% of targeted attacks.
The research also looked at both – knowledge-based and device-based challenges.
For example, the knowledge-based challenge involved the search engine giant following up on suspicious sign-in attempts by asking for further proof of your identity through a secondary email address or a phone number. Another way to block hijacking of account is asking for your last sign-in location.
On the other hand, the device-based challenges involved texting codes to the user’s phone number, which are then entered online. According to the research, this method reduced targeted attacks by 76%.
Moreover, on-device prompts that appear on Android devices such as the method that asks for a security key remains to be one of the best ways to enhance security.
However, Google’s research also revealed that around 38% of users did not have access to their phone when challenged while 34% were unable to recall their secondary email address.
![](https://3.bp.blogspot.com/--lfYXSnfYQA/XOAsvUFCwcI/AAAAAAAAElY/4JsCQ03V344xLBhu1EfGyXmd9gmcZwNFQCLcBGAs/s1600-rw/infographic-google-sec.png)
Google also found an emerging trend by the title of ‘hack for hire’ attacks. Through this method, the criminal group breaks into accounts for a fee of $750 and usually relies on phishing emails impersonated from family members, co-workers, government entities, and even Google.
To safeguard accounts, Google recommends users, especially those who fall into ‘high-risk’ targets category to sign up for the Advanced Protection Program.
"Just like buckling a seat belt, take a moment to follow our five tips to help keep your account secure." explained Google Security Team in a blog post. Adding further, "You can also help protect your non-Google accounts from third-party password breaches by installing the Password Checkup Chrome extension."
Google worked in tandem with New York University and The University of California, San Diego on a yearlong study where they researched ways to combat targeted attacks and other security challenges.
The team concluded the study by stating that during their research, simply adding a recovery phone number to the Google account can block up to 100% automated bots, 96% of phishing attacks and 66% of targeted attacks.
The research also looked at both – knowledge-based and device-based challenges.
For example, the knowledge-based challenge involved the search engine giant following up on suspicious sign-in attempts by asking for further proof of your identity through a secondary email address or a phone number. Another way to block hijacking of account is asking for your last sign-in location.
On the other hand, the device-based challenges involved texting codes to the user’s phone number, which are then entered online. According to the research, this method reduced targeted attacks by 76%.
Moreover, on-device prompts that appear on Android devices such as the method that asks for a security key remains to be one of the best ways to enhance security.
However, Google’s research also revealed that around 38% of users did not have access to their phone when challenged while 34% were unable to recall their secondary email address.
![](https://3.bp.blogspot.com/--lfYXSnfYQA/XOAsvUFCwcI/AAAAAAAAElY/4JsCQ03V344xLBhu1EfGyXmd9gmcZwNFQCLcBGAs/s1600-rw/infographic-google-sec.png)
Google also found an emerging trend by the title of ‘hack for hire’ attacks. Through this method, the criminal group breaks into accounts for a fee of $750 and usually relies on phishing emails impersonated from family members, co-workers, government entities, and even Google.
To safeguard accounts, Google recommends users, especially those who fall into ‘high-risk’ targets category to sign up for the Advanced Protection Program.
"Just like buckling a seat belt, take a moment to follow our five tips to help keep your account secure." explained Google Security Team in a blog post. Adding further, "You can also help protect your non-Google accounts from third-party password breaches by installing the Password Checkup Chrome extension."