Thursday, June 2, 2011

Here’s The Fake Gmail Site Chinese Hackers Used To Steal U.S., Activist Data

Look at the two Gmail login pages in the image below and ask yourself: Would you have spotted the difference?
On Tuesday, Google revealed on its official blog that it had been the target of a phishing campaign seemingly originating in Jinan, China, and aimed at gaining access to the accounts of senior officials in the U.S., Korea and other governments, as well as those of Chinese activists.
The attack worked–at least in part–by sending the victims spoofed emails, often from accounts that appeared to belong to coworkers, family or friends. Those emails contained links to the spoofed Gmail sites, which harvested the usernames and passwords of anyone fooled by their realistic appearance.
The hackers then used those login details to forward all mail coming into the account to a third party, or in some cases gathered information about contacts to use in other phishing scams.
Google is suggesting that users watch for suspicious forwarding settings that might indicate an intruder is copying their mail, as well as a red warning at the top of the page that indicates Google has detected “suspicious activity” that might signal a hacker has gained access to the account.

No comments:

Post a Comment