Google revealed in an incredibly well-explained and sugar-coated blog post that the company had detected a phishing scam which attempted to obtain the passwords of U.S. Officials and Chinese activists.
The phishing scam originated from Jinan, China, according to Google’s blog, with the apparent purpose of monitoring selected e-mail accounts, including those belonging to U.S. Officials, Chinese activists, journalists and military personnel:
Through the strength of our cloud-based security and abuse detection systems*, we recently uncovered a campaign to collect user passwords, likely through phishing. This campaign, which appears to originate from Jinan, China, affected what seem to be the personal Gmail accounts of hundreds of users including, among others, senior U.S. government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel and journalists.
According to Google, attackers would change the forwarding settings of targeted accounts, so that all e-mails received by targets would automatically be sent over to hackers. Google has stressed that this account was no more than a phishing scam and that the company’s systems weren’t broken into:
It’s important to stress that our internal systems have not been affected—these account hijackings were not the result of a security problem with Gmail itself. But we believe that being open about these security issues helps users better protect their information online.
Google also mentioned a few security tips to help keep hackers out. The most important of those is enabling two-step verification, which makes your log-in process dependent on a code that’s sent to the user’s phone: after inserting your password, users have to type a unique, expirable code that is sent to their phones via SMS. Users are also encouraged to check their e-mail forwarding settings, by going to the "Forwarding and POP/IMAP" tab under Gmail’s settings and checking for unfamiliar addressed under that section.
If you believe your account was hacked, as always, change the password immediately.
Google has contacted "government authorities", yet many believe the Chinese government was behind the attack, just like a few other attacks it’s believed to have engineered in the past. Last year, China attempted to access accounts of activists, causing Google to threaten to leave the country unless the country agreed to change its ways, but it later ended up staying. This time around, Google isn’t pointing fingers and hasn’t made similar threats.