The Gmail hacking episode this week shows this if nothing else: Hackers have come a long way since the days of Nigerian banking email scams.
Secretary of State Hillary Clinton said Thursday that U.S. officials are investigating Google’s claim that Chinese hackers are responsible. Clinton told reporters the Obama administration viewed the allegations as “very serious,” according to The Associated Press.
It may seem reasonable to question how anyone with an average IQ — let alone high-ranking U.S. officials — could unwittingly hand over their email passwords to a hacker. But cybersecurity experts say it’s not surprising at all.
“Really smart people fall for this all the time,” Bruce Schneier, a leading cybersecurity expert and technologist, told POLITICO. “If you get an email from someone you know saying, ‘Here’s this really cool thing, click on this link to see it,’ a lot of the time you’re going to click.”
The Gmail hacking affected hundreds of influential users, Google revealed in a blog post on Wednesday, including “senior U.S. government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel and journalists.”
Google said the scam appeared to originate from Jinan, China, the site of the country’s version of the National Security Agency as well as a top military vocational academy whose computers were linked to a serious attack last year on the computer systems of major American companies, including Google.
But a Chinese foreign ministry official on Thursday denied any government involvement and called Google’s claim a “total fabrication,” according to the Agence France-Presse.
Whoever was behind it clearly knew what they were doing, although the phishing attack was not highly sophisticated compared with cyberattacks that target the computer systems of large corporations or organizations.
But perpetrators of these types of email scams have refined their methods: Experts say they’re generally spell-checked and grammatically written, unlike earlier generations of phishing attacks.
Also unlike the classic Nigerian banking email blasts sent to millions with the hope that a tiny percentage will give up their bank account information, the perpetrators had a very specific target list and were seeking political intelligence, not profits.
Technologist Mila Parkour explained the scam, known as spearing, in a February post on her blog, Contagio Malware Dump.
Join the official YWN WhatsApp status
One Response
I can say that i personally can relate to this! My account was just hacked by someone from china. I changed my password, and so far there has been no other strange occurrences! Good to know that I’m not the only one!