Google (News - Alert) today posted on its official blog that hackers are having an increasingly difficult time in trying to compromise users' Google accounts. In terms of numbers, the post says that attacks on Google, which have led to compromised accounts, have reduced by 99.7 percent since these hijacking attempts reached their peak in 2011.
This all apparently goes back to 2010 when Gmail's spam filters really began to improve. The only real way around Gmail's spam filter was to use real, trusted accounts that would actually get messages sent to users — which meant hacking into existing accounts. Since then, Google has regularly experienced these types of attacks to varying degrees, with one example being a single attacker using stolen passwords in an attempt to break into a million different Google accounts every day for weeks.
Obviously, Google needed to step up its security in response, which includes a "complex risk analysis" performed every time someone logs into its systems. This involves over 120 variables being evaluated for each login attempt, which may lead Google to ask for additional information, like a phone number, before completing the login.
There's only so much Google can do, though, so there will always be accounts that are vulnerable to being hijacked. However, there are additional security features which users can — and should — enable, including two-factor authentication, which will send a verification code to your mobile device every time you try to login, and opting for a stronger password.
Furthermore, Google also recently introduced a new feature that notifies users of any suspicious login attempts, again sending an SMS directly to a user's mobile device when necessary.
This all may seem like a bit much, but serious hacking attempts against major online services are all too common. For example, Facebook recently suffered a hacking attempt, which fortunately didn't lead to any user data being stolen.