Google to Users: Your Account May Be Under Attack
CREDIT: Testing / Shutterstock.com
Yesterday (Oct. 2) Google began to issue a warning similar to one it had sent in June to tens of thousands of Gmail users to inform them that their accounts may be targeted by hackers.
"We believe state-sponsored attackers may be attempting to compromise your account or computer," the warning reads in black text on a red banner. "Protect yourself now," a link to Google support page says.
"It's likely that you received emails containing malicious attachments, links to malicious software downloads, or links to fake websites that are designed to steal your passwords or other personal information," warns the support page. "Google's internal systems are not compromised and that this message does not refer to one specific campaign."
The page encourages users to treat all links and attachments with skepticism, ensure that they're on the real page when logging into Google and to enable 2-step verification, a recent feature that sends a unique code to the user's mobile device to be used in conjunction with their password. Users are also encouraged to keep their software and plug-ins up-to-date.
Google said the warning will be seen by tens of thousands of new users in the coming days. Malicious traffic has been heavier than the software developer expected. Based on Twitter, so far, many of the warning’s recipients appear to be journalists and policy experts, noted Bits, The New York Times technology blog.
"Gmail tells me that state-sponsored attackers may be attempting to compromise my account or computer. Looks like I've arrived!" tweeted Daveed Gartenstein-Ross, director for the Center for the Study of Terrorist Radicalization at the Foundation for Defense of Democracies. The editor of Wired's Danger Room security blog, Noah Schactman, also tweeted about the warning and tagged it “#WhatTookYouSoLong.” American Security Project fellow and PBS columnist Joshua Foust tweeted a screen-shot of the warning. “This did not make me particularly happy,” he said.
Information security team manager Mike Wiacek told Bits that Google has gathered additional information about the sophisticated hacking groups targeting Google users and the techniques they employ. He said the attacks were coming from "a slew of different countries" but declined to identify any by name.
In January 2010, hackers, believed to be backed by the Chinese government, used sophisticated hacking methods to break into the Gmail accounts of Chinese dissidents and human rights advocates. They also attempted to steal Google's intellectual property and caused problems for another 20 companies including Adobe Systems.
According to Wiacek, there has been an increase in state-sponsored online attacks overall. They're unlikely to abate anytime soon.
Follow Ben on Twitter @benkwx.