While Google's (NASDAQ:GOOGL) Gmail has drastically improved its filtering over the years -- fewer than 1% of spam emails make it into inboxes -- spammers have become more sophisticated in their attacks. To improve their chances of bypassing spam filters and reaching customers' inboxes, spammers now send obnoxious emails from a contact's account. In effect, spammers have become account hijackers.
Account hijackers buy access to people's email accounts. On the black market, cyber criminals -- who have stolen a databases of usernames and passwords from websites -- sell personal information to these hijackers. As usernames and passwords are often the same across different accounts, attackers attempt to break into these accounts across the web. In one instance, Google saw a single attacker steal passwords to break into a million different Google accounts every single day, for weeks at a time.
However, Google has dramatically reduced the number of compromised accounts by 99.7% since the peak of these hijackings in 2011 by checking for more than just a password. The company's system performs risk analyses on over 120 variables to ensure that the sign-in comes from the owner. If the sign-in is suspicious or risky, Google asks a few simple questions about your account.
Google says users can help keep spammers out by using a strong, unique password for their Google account, upgrading their account to 2-step verification, and updating the recovery options with a secondary email address and phone number.
Fool contributor Kevin Chen has no position in any stocks mentioned. You can follow him on Twitter at @TMFKang or on Google+. The Motley Fool recommends and owns shares of Google. Try any of our Foolish newsletter services free for 30 days. We Fools may not all hold the same opinions, but we all believe that considering a diverse range of insights makes us better investors. The Motley Fool has a disclosure policy.