Wednesday, June 01, 2011

China Hacks G-Mail -



(Here is a screen shot from Contagio of the fake G-Mail page that the scammers used to harvest passwords, and the real sign in.)

The report today that G-mail has been hacked again, and again by China is not surprising. First of all e mail is the "golden" source of intelligence (see Wikileaks) and second hacking is now a routine and easy to do method of getting hold of any sort of information you want. How sad and how dangerous. Here is the story from the New York Times.

"Google said Wednesday [June1, 2011] that some users of Gmail, its e-mail service, had been the targets of a clandestine campaign originating in China that was aimed at stealing passwords and monitoring e-mail accounts.

In a blog post, the company said that the campaign appeared to originate from the city of Jinan, China, and that the attackers had hijacked the personal Gmail accounts of senior government officials in the United States, Chinese political activists, officials in several Asian countries, military personnel and journalists.

It is the second time that Google has pointed to China as the source of an intrusion. Last year it said it had traced a sophisticated attack on its systems to China-based perpetrators."

T0 be realistic there is virtually nothing we can do about it. You and I are helpless since we are not responsible for G-mail security. So, we just grin and bare it - chalk it up to that's life and maybe not use e mail to communicate super sensitive information (don't use your cell hone either because those messages are completely insecure and can be intercepted as they go out wirelessly).

Bloomberg reported (San Francisco Chnonicle that, "The campaign, which appears to have originated in China, probably used a so-called phishing scam to collect passwords with the goal of monitoring e-mail content, Eric Grosse, engineering director on the Google Security Team, said in a blog post today. The company said it detected and disrupted the campaign, secured users' accounts and notified authorities."

Businessinsider reported that, "The attackers would send an email that appeared to be from a friend or business associate, but was actually spoofed. The victim would open a link that directed them to a very realistic looking Gmail sign-in page. In fact, the page was fake, and set up to collect Gmail passwords."

We live in dangerous times. Stay indoors, get a land line, and use the US postal service! And above all DO NOT open that G-Mail that seems to be from Pres. Obama or Newt Gingrich!

Steffen Schmidt, Professor

Labels: ,

0 Comments:

Post a Comment

<< Home

  • All Material is Copyright © 2009 Michael McCoy and SEAS, L.L.C
  • Deter. Detect. Defend. Avoid ID Theft - www.ftc.gov/idtheft