Oh, That’s Just Great… GMail Hacked By Chinese, Using Social Engineering

And if that wasn’t bad enough, those who succumbed to requests to give up their information included journalists and “senior U.S. government officials”.

Sarah Lai Stirland of TPM:

Google on Wednesday disclosed that hackers in China have tricked “hundreds” of its e-mail service users into disclosing their personal account information, thereby allowing the online fraudsters to monitor those users’ personal communications.

“This campaign, which appears to originate from Jinan, China, affected what seem to be the personal Gmail accounts of hundreds of users including, among others, senior U.S. government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel and journalists,” wrote Eric Grosse, Google’s security team engineering director in a mid-afternoon blog post.

Just how fucking stupid are these people, anyway?

Advertisements
Post a comment or leave a trackback: Trackback URL.

Comments

  • Bryan  On Wednesday June 1, 2011 at 11:04 pm

    I’m with you, Steve, these attempts are so lame, I can’t believe that people who can start a computer would fall for them.

    The military was once paranoid about security, but this “volunteer force” that we now have doesn’t seem to even know the basics.

    The mind boggles.

    • Steve  On Wednesday June 1, 2011 at 11:30 pm

      Bryan, if people would simply learn to use “View message source” in whatever email s/w they have, on anything that looks remotely funny, it would save them a lot of grief. They don’t have to understand MIME headers or encodings or any of that… if they simply note that the From or Reply-To address is not something recognizably associated with the company the message claims to be from, that’s enough to tell them not to respond. I’m no security expert, and I assure people… this isn’t rocket science, it’s just common sense: look at the message source before you respond. Really effective phishing is bound to be nearly impossible against an aware user.

      • Bryan  On Thursday June 2, 2011 at 10:55 am

        Steve, people use Outlook and just click on things. I open everything as a raw text file in Pegasus, having removed Outlook from my system.

        If it is something I am familiar with, like my Mother’s Netflix account, I copy the link and launch it in Firefox. Eset is watching all of this stuff. I can’t remember the last time I had a machine infected by a virus.

Leave a Reply (NB: I'm not responsible for any ad!)

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: