Google uncovered a cyberattack originating in China to collect user passwords, likely through phishing on hundreds of Gmail account. This campaign, which appears to originate from Jinan, China, affected what seem to be the personal Gmail accounts of hundreds of users including, among others, senior U.S. government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel and journalists.
According to The goal of this effort seems to have been to monitor the contents of these users’ emails, with the perpetrators apparently using stolen passwords to change peoples’ forwarding and delegation settings. (Gmail enables you to forward your emails automatically, as well as grant others access to your account.)
[advt]Google detected and has disrupted this campaign to take users’ passwords and monitor their emails. We have notified victims and secured their accounts. In addition, we have notified relevant government authorities.
It’s important to stress that our internal systems have not been affected—these account hijackings were not the result of a security problem with Gmail itself. But we believe that being open about these security issues helps users better protect their information online.
Here are some ways to improve your security when using Google products:
- Enable 2-step verification. This Gmail feature uses a phone and second password on sign-in, and it protected some accounts from this attack.
- Use a strong password for Google that you do not use on any other site.
- Enter your password only into a proper sign-in prompt on a https://www.google.com domain. Google will never ask you to email your password or enter it into a form that appears within an email message.
- Check your Gmail settings for suspicious forwarding addresses or delegated accounts.
- Watch for the red warnings about suspicious account activity that may appear on top of your Gmail inbox.
- Review the security features offered by the Chrome browser. If you don’t already use Chrome, consider switching your browser to Chrome.
- Explore other security recommendations and a video with tips on how to stay safe across the web.