Google identified and warned more than 12,000 of its users who were targeted by a government-backed hacking attempt in the third quarter of this year.
According to a report published by Google’s Threat Analysis Group (TAG), more than 90 percent of the targeted users were affected by “credential phishing emails” that tricked the victims into handing over access to their Google account.
Google’s TAG tracks over 270 government-backed hacking groups from over 50 countries that are involved in intelligence collection, stealing intellectual property, destructive cyber-attacks, targeting journalists, and activists, or spreading coordinated disinformation.
The alerts were sent to targeted users between July and September 2019, which is consistent within a +/-10 percent range of the number of phishing email warnings sent in the same period of 2018 and 2017.
These warnings are usually sent to potential targets, like activists, journalists, policy-makers, and politicians. In case any of you have received such alert, it doesn’t necessarily mean that your Google account has been compromised.
Instead, it means a state-sponsored hacker has tried to gain access to your Google account using phishing, malware, or another method, and you should take some extra measures to secure your account.
Google states that the high-risk users like journalists, human rights activists, and political campaigns must be encouraged to enroll in their Advanced Protection Program (APP), that makes use of hardware security keys. They are sure to provide the strongest protections available against phishing and account hijackings. APP is designed especially for the highest-risk accounts.
The government-backed phishing attack warnings were sent to affected users in 149 countries. Out of these the United States, Pakistan, South Korea, and Vietnam are the most heavily targeted countries.
The individual Google account users are being warned by Google since 2012. Last year, Google also started offering email attack alerts to G Suite administrators so they can take necessary action to protect their users and organization as well.
High-risk users can take some security measures that can prevent compromising their accounts, including keeping their apps and software up-to-date and enabling 2-step verification.