Google officials are sending out tens of thousands of messages to Gmail users warning that their accounts may be targets of state-sponsored cyber-attacks, citing a growth in the number of threats coming out from other parts of the world, particularly the Middle East.
The warnings, which Google security officials began sending out on 2 October, come after Google security officials gleaned new information about cyber-attacks and their perpetrators, according to a report in the New York Times. In an interview with the newspaper, Mike Wiacek, a manager in Google’s information security group, said that after seeing the new intelligence about the threats, the search engine giant decided to send out the warnings.
The newest round of messages comes four months after Google alerted users that the company was going to begin warning them of attacks on their Gmail accounts that officials believe were coming from state-sponsored groups, in such forms as malware and phishing attacks.
In a 5 June blog post, Eric Grosse, vice president of security engineering from Google, told users of the company’s plans to issue alerts.
The Times identified several people who have received Google’s warning message, including journalists and security researchers.
China has been the country that in the past has been a chief suspect of much of the state-sponsored attacks seen in the world, but Google’s Wiacek told the Times that the company had seen a jump in state-sponsored attacks coming out of the Middle East. He declined to name specific countries, adding instead that they were coming from “a slew of different countries” in the region.
The Times report said Google’s findings correspond with what security analysts have seen in some Middle East countries – including Iran, Qatar, the United Emirates and Bahrain – which have used spyware to track citizens both within their borders and overseas.
Google officials have outlined several steps users who get the warning message can take to protect themselves and their information, including creating a new unique password with a mix of lower-case and capital letters, punctuation and numbers.
In addition, users should use two-step verification, and update their browsers, operating systems, plug-ins and document editors, according to Google.
In addition, according to Google’s Grosse: “Attackers often send links to fake sign-in pages to try to steal your password, so be careful about where you sign in to Google and look for https://accounts.google.com/ in your browser bar. These warnings are not being shown because Google’s internal systems have been compromised or because of a particular attack.”
How well do you know Apple? Take our quiz.
Originally published on eWeek.
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…