In a blog post from its engineering director, Google said it had uncovered a scam that was attempting to collect the email passwords of hundreds of Gmail users that included, “senior U.S. government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel and journalists.”
“The goal of this effort seems to have been to monitor the contents of these users’ emails, with the perpetrators apparently using stolen passwords to change peoples’ forwarding and delegation settings,” wrote Eric Grosse.
Grosse said the attack seems to have originated from Jinan, China and that Google has “disrupted the campaign” and notified the victims.
Here’s how the AFP describes what happened:
The “phishing” ruse used to trick Gmail users into revealing account names and passwords reportedly involved sending booby-trapped messages that appeared to come from legitimate associates, friends or organizations.
Links to supposedly view or download email attachments led people to fake Gmail login pages where entered information was harvested and then used to secretly get into accounts, a report connected to the blog post indicated.
If it turns out China is indeed behind this latest attack, it would be one in a string of confrontations between Google and China. As we reported in March, Google accused China of interfering with its Gmail service in order to make it look unreliable. And in 2010, Google complained that the Chinese government had targeted the accounts of Chinese human rights activists.
(Source: NPR)