Google today acknowledged a attack on its Gmail service to collect user passwords, likely through phishing.
"This campaign, which appears to originate from Jinan, China, affected what seem to be the personal Gmail accounts of hundreds of users including, among others, senior U.S. government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel and journalists," revealed Google.
"The goal of this effort seems to have been to monitor the contents of these users' emails, with the perpetrators apparently using stolen passwords to change peoples' forwarding and delegation settings. (Gmail enables you to forward your emails automatically, as well as grant others access to your account.)"
Google stated that it has detected and "disrupted" this attack, saying, "We've notified victims and secured their accounts. In addition, we've notified relevant government authorities." Google stated that the apparent object of this attack was to read the emails of the people who were affected by the attack "with the perpetrators apparently using stolen passwords to change peoples" forwarding and delegation settings."
Google stressed that this attack didn't actually affect any of its internal network systems, saying. " ... we believe that being open about these security issues helps users better protect their information online."
Google goes on to suggest how users can improve their online security:
- Enable 2-step verification. This Gmail feature uses a phone and second password on sign-in, and it protected some accounts from this attack.
- Use a strong password for Google that you don't use on any other site.
- Enter your password only into a proper sign-in prompt on a https://www.google.com domain. We'll never ask you to email your password or enter it into a form that appears within an email message.
- Check your Gmail settings for suspicious forwarding addresses or delegated accounts
- Watch for the red warnings about suspicious account activity that may appear on top of your Gmail inbox.
- Review the security features offered by the Chrome browser. If you don't already use Chrome, consider switching your browser to Chrome.
- Explore other security recommendations and a video with tips on how to stay safe across the web.
[Source: Google blog]