Thursday, July 28, 2011

2-step verification: stay safe around the world in 40 languages

(Cross-posted from the Official Google Blog)

Earlier this year, we introduced a security feature called 2-step verification that helps protect your Google Account from threats like password compromise and identity theft. By entering a one-time verification code from your phone after you type your password, you can make it much tougher for an unauthorized person to gain access to your account.

People have told us how much they like the feature, which is why we're thrilled to offer 2-step verification in 40 languages and in more than 150 countries. There’s never been a better time to set it up: Examples in the news of password theft and data breaches constantly remind us to stay on our toes and take advantage of tools to properly secure our valuable online information. Email, social networking and other online accounts still get compromised today, but 2-step verification cuts those risks significantly.

We recommend investing some time in keeping your information safe by watching our 2-step verification video to learn how to quickly increase your Google Account’s resistance to common problems like reused passwords and malware and phishing scams. Wherever you are in the world, sign up for 2-step verification and help keep yourself one step ahead of the bad guys.

To learn more about online safety tips and resources, visit our ongoing security blog series, and review a couple of simple tips and tricks for online security. Also, watch our video about five easy ways to help you stay safe and secure as you browse.

Update on 12/1/11: We recently made 2-step verification available for users in even more places, including Iran, Japan, Liberia, Myanmar (Burma), Sudan and Syria. This enhanced security feature for Google Accounts is now available in more than 175 countries.

Tuesday, July 19, 2011

Using data to protect people from malware

(Cross-posted from the Official Google Blog)

The Internet brings remarkable benefits to society. Unfortunately, some people use it for harm and their own gain at the expense of others. We believe in the power of the web and information, and we work every day to detect potential abuse of our services and ward off attacks.

As we work to protect our users and their information, we sometimes discover unusual patterns of activity. Recently, we found some unusual search traffic while performing routine maintenance on one of our data centers. After collaborating with security engineers at several companies that were sending this modified traffic, we determined that the computers exhibiting this behavior were infected with a particular strain of malicious software, or “malware.” As a result of this discovery, today some people will see a prominent notification at the top of their Google web search results:

This particular malware causes infected computers to send traffic to Google through a small number of intermediary servers called “proxies.” We hope that by taking steps to notify users whose traffic is coming through these proxies, we can help them update their antivirus software and remove the infections.

We hope to use the knowledge we’ve gathered to assist as many people as possible. In case our notice doesn’t reach everyone directly, you can run a system scan on your computer yourself by following the steps in our Help Center article.

Updated July 20, 2011: We've seen a few common questions we thought we'd address here:
  • The malware appears to have gotten onto users' computers from one of roughly a hundred variants of fake antivirus, or "fake AV" software that has been in circulation for a while. We aren't aware of a common name for the malware.
  • We believe a couple million machines are affected by this malware.
  • We've heard from a number of you that you're thinking about the potential for an attacker to copy our notice and attempt to point users to a dangerous site instead. It's a good security practice to be cautious about the links you click, so the spirit of those comments is spot-on. We thought about this, too, which is why the notice appears only at the top of our search results page. Falsifying the message on this page would require prior compromise of that computer, so the notice is not a risk to additional users.
  • In the meantime, we've been able to successfully warn hundreds of thousands of users that their computer is infected. These are people who otherwise may never have known.