Skip to: [ search ] [ menus ] [ content ] Select style [ Aqua ] [ Citrus ] [ Fire ] [ Orange ] [ show/hide more content ]

Huge Gmail phishing attack hits top U.S. officials: time to educate the Feds

Hundreds (understatement?) of Gmail accounts were hacked in a massive phishing attack originating in China (hmmm… where have we heard THAT before? :-) ). The attack included the personal Gmail accounts of some senior U.S. government officials, Google said today. Google said that the phishing attack originated in Jinan, China and that Google’s OWN security systems were not compromised in the attack.

The account hijackings resulted from the use of stolen passwords, likely by malware installed on the computers of victims (hmmmm… Windows users? Naive Mac users? :-) ) or from the responses of victims to hackers posing as trusted sources (phishing). Besides the U.S. government officials, the attack targeted South Korean government officials, federal workers of several other Asian countries, Chinese political activists, journalists, and military personnel.

The Department of Homeland Security (…one of MY former customers, and no, I do not have any “insider information.” :-) That employer of mine served a LOT of Windows-using customers! :-) ) said that it is working with Google and federal partners “… to review the matter, offer analysis of any malicious activity, and develop solutions to mitigate further risk.”

This LATEST attack was larger in scope from the one a little over a year ago, but Google itself was not targeted this time. Google notified the victims and disrupted the attack.

A Google spokesperson declined comment on how Google learned about the latest attack. The scope, targets, and source of the attack were determined using public information, user reports, and a third-party hacking blog called Contagio. CNN Money says:

“Google provided several examples of how Gmail users can better protect themselves from phishing attacks on its blog, including enabling a setting that allows users to login to their accounts only after receiving a verification code on their phones. The company also suggested that users monitor their settings for suspicious forwarding settings.”

(Note added August 14, 2011: Or… you could do like GOOGLE did, and phase out the internal use of Windows for security reasons!)

-Bill at

Cheshire Cat Photo™ – “Your Guide to California’s Wonderland™”

You can view higher-resolution photos (*generally* 7-30 megabytes, compressed) at the Cheshire Cat Photo™ Pro Gallery on Shutterfly™, where you can also order prints and gifts decorated with the photos of your choice from the gallery. The Cheshire Cat Photo Store on Zazzle contains a wide variety of apparel and gifts decorated with our images of California. All locations are accessible from here. Be a “Facebook Fan” of Cheshire Cat Photo here! If you don’t see what you want or would be on our email list for updates, send us an email at info@cheshirecatphoto.com.

No Comments to “Huge Gmail phishing attack hits top U.S. officials: time to educate the Feds”

  (RSS feed for these comments)

You must be logged in to post a comment.

InspectorWordpress has prevented 52153 attacks.
Get Adobe Flash player