Google Will Use Mobile Devices to Thwart Phishing Attacks

  /     /     /  
Publicated : 23/11/2024   Category : security


Google Will Use Mobile Devices to Thwart Phishing Attacks


In an effort to combat phishing, Google will allow Android phones and iPhones to be used as security keys.



Security is a continuous game of cat and mouse, with defenders improving their defenses against new attack methods and techniques. At Google I/O this week, the company announced anti-phishing efforts that will make it possible to use Android and iOS devices in the same way as physical security keys.
Security keys such as Google’s Titan Security Key work well to block phishing attempts and are easy to use. Users are prompted to plug the security key into the USB port (although some are NFC-capable) and tap it to authorize a login attempt. Google is bundling this capability into mobile devices, where Android and iOS devices use Bluetooth to verify they are in physical proximity to the device the user is trying to log into.
“Like physical security keys, this helps prevent a distant attacker from tricking you into approving a sign-in on
their
browser, giving us an added layer of security against the kind of ‘person in the middle’ attacks that can still work against SMS or Google Prompt,” wrote Google engineer Daniel Margolis in a
blog post
.
Google is also expanding the types of Google Prompt challenges that users may experience if their login attempts look potentially fraudulent. “If we think an account is at a higher risk, or if we see abnormal behavior, were more likely to use these additional security measures,” Margolis said. 
A new Google Prompt challenge will require users to connect their mobile devices to the same Wi-Fi network as the device they are attempting to log into. Similar to the security key functionality, this allows the user to prove that both mobile and computing devices are in the same location.
Google made several other security announcements at Google I/O, including plans to continue
auto-enrolling Google account users
into two-step verification,
scaling phishing protections for Google Docs, Sheets, and Slides
, as well as new
security and privacy features in Android
. These announcements are in addition to the recent pledge with the FIDO Alliance, Apple, and Microsoft to
expand support for the FIDO Sign-in standards
for passwordless authentication.

Last News

▸ There are plenty of online tools for reporting bugs. ◂
Discovered: 23/12/2024
Category: security

▸ 27 Million South Koreans Hit by Online Gaming Theft. ◂
Discovered: 23/12/2024
Category: security

▸ Homeland Security Background Checks Breach Raises Concerns. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Google Will Use Mobile Devices to Thwart Phishing Attacks