Email this article   Print article 


Google Points To China As Source Of 'Targeted' Gmail Phishing Attack

By Stefanie Hoffman
June 02, 2011    3:26 PM ET

Page 2 of 2

However, security experts say that this particular attack is likely continuing a trend of phishing campaigns that are being used as weapons in more comprehensive cyber espionage efforts.

"The espionage angle has been brought to light progressively more lately, which is unsettling to most that it is happening, but unfortunately this isn't all that new either. We're just now starting to find out about them," said Fred Touchette, senior security analyst at AppRiver. "We have seen more and more directed spear phishing attacks against individuals and/or specific companies over the past few years. This is troubling news because they are usually harder to notice due to their customization but in no way will this affect eh cast net style approach of phishing."

Meanwhile, security solution providers say that the Gmail phishing attack doesn't necessarily imply that Google fell short in its security implementations.

"This isn't new. This isn't Google being hacked. This is people hacking themselves. It's just a phishing attack,' said Leo Bletnitsky, CEO of Las Vegas-based Las Vegas Med IT and Desktop Valet. "Nobody should be doing anything confidential over Gmail anyway. You assume that Google is indexing everything anyway."

Bletnitsky said that to prevent becoming the victim of a phishing attack, he regularly tells his customers to check the URLs and avoid clicking unfamiliar links, as well as questioning apps or Web sites that request users to re-enter a password when they're already logged in to a site.

"If something is behaving differently than it did before, you have to question it," he said.

The recent Gmail attack marks another point of contention in a tumultuous history between China and the search giant. Google's relations with China took a nosedive with a massive targeted attack on the search giant in January 2010, known as Operation Aurora , targeting Google source code and intellectual property.

Meanwhile, Touchette said that it was unclear if Google's previous history with China contributed to the swiftness of its public accusations.

"While it is slightly unusual that Google has made public this particular attack, it's hard to tell whether their past issues with China have had a role in the reason they did so," Touchette said. "I don’t think they're personally overhyping the situation, but rather letting everyone else take care of that for them."



<< Previous | 1 | 2

To continue reading this article, please download the free CRN Tech News app for your iPad or Windows 8 device.
Related: Videos | Slide Shows | Comments

SHARE THIS ARTICLE

More Security

Comments by
Recent Articles

10 Security Companies That Have Scored CIA Funding

CIA-funded venture firm invests millions in technology startups, mostly security firms. Find out which security companies won In-Q-Tel funding.

Head-To-Head: Symantec Vs. McAfee In Endpoint Protection

McAfee and Symantec are archrivals with a firm grip on the North American security market. CRN pits both vendors' endpoint security products against each other and names a winner.

The 8 Steps Behind The Massive $45M Cyber Bank Heist

More than $45 million was stolen from banks in the U.S. and 19 other countries in a scheme that law enforcement is calling an international conspiracy to drain millions from bank accounts using stolen debit cards and PIN numbers. Here's how they did it.
  More Slide Shows




Related Videos
Loading...


 




Related Articles