Google disrupts massive phishing campaign

Google has detected and disrupted a massive phishing operation that apparently originated in Jinan, China.

The campaign affected the personal Gmail accounts of hundreds of users including, among others, senior U.S. government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel and journalists.

According to Google security rep Eric Grosse, the phishing operation was executed with the intention of monitoring the contents of emails, as the perpetrators apparently exploited stolen passwords to alter forwarding and delegation settings. 

“We have notified victims and secured their accounts,” Grosse confirmed in an official blog post.

“In addition, we have notified relevant government authorities.”

However, Grosse emphasized Google’s internal systems remain unaffected, as the account hijackings were not the result of a security problem with Gmail itself.

“[Still], we believe being open about these security issues helps users better protect their information online,” he added.