Google warning users of 'state-sponsored attacks' on GMail and personal dataGoogle has started warning users that their accounts might be compromised by 'state-sponsored attacks' on their GMail accounts, and on their personal data (Hat Tip: NY Nana).
Grosse said the new step includes a specific warning — with a pink message bar and blue letters — to be issued in cases where users might be targeted.I don't know about the rest of you but on a practical level, I'm finding it harder and harder to remember my own passwords and what password goes with what account.
“You might ask how we know this activity is state-sponsored,” he said. “We can’t go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis — as well as victim reports — strongly suggest the involvement of states or groups that are state-sponsored.”
The warnings do not necessarily mean that the account has been hijacked, but indicates that it may be a target, of phishing or malware.
The move comes amid growing concerns about malware from the so-called Flame virus which has been spreading in the Middle East, and indications of cyber warfare involving the United States and other countries.
Google said users who receive the warning should create “a unique password that has a good mix of capital and lowercase letters, as well punctuation marks and numbers” and take other measures including two-step verification as additional security.
“Attackers often send links to fake sign-in pages to try to steal your password, so be careful about where you sign in to Google,” he said.
“We believe it is our duty to be proactive in notifying users about attacks or potential attacks so that they can take action to protect their information,” Grosse said. “And we will continue to update these notifications based on the latest information.”
And Google seems more paranoid than most. Last week, I tried logging into a GMail account from my cell phone - the same cell phone to which they send a verification number about once a month - and the screen froze. As a result, I got an email saying that my account might have been compromised (even though I never succeeded in signing in from the phone) and insisting that I must change my password to something I had never used as a password before.
Maybe if they weren't trying to collect all that information about us for their own purposes, they wouldn't have to worry so much about our accounts being compromised. Just sayin'....