IT Security & Network Security News & Reviews: Gmail Security Tips to Follow in Wake of China Phishing Attack

By Clint Boulton  |  Posted 2011-06-03 Print this article Print


Google's Gmail Webmail application has been the target for sophisticated hacks out of China, the search giant claims. This includes access to government officials' accounts.
For the second time in a span of 18 months, hackers believed to have originated from China cracked into the accounts of Google's Gmail users. The first intrusion, uncovered in January 2010, involved a breach of Google's cloud computing infrastructure to gain access to the Gmail accounts of Chinese dissidents and human rights activists. This time around, Google discovered a tricky phishing scam that led hundreds of U.S. White House officials, Chinese political activists, officials in several Asian countries and others to cough up their Gmail passwords. The bad actors, believed to have operated from Jinan, China, were then able to read and forward these victims' email messages. That is, until Google detected the scam with the help of independent security expert Mila Parkour. After halting the illicit email monitoring, Google secured the accounts of those targeted and notified them along with the government authorities whose staff member accounts were compromised. While Google derailed attackers' information-gathering efforts, Gmail and its 200 million-plus users remain a juicy target. Fortunately, Gmail users can be more alert and proactive about protecting their accounts. It starts with checking for unusual email account activity, but users may also elect to take advantage of Google's easy two-step verification process. eWEEK walks through those steps in this slide show.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel