Google Points To China As Source Of 'Targeted' Gmail Phishing Attack

Printer-friendly version Email this CRN article

Chinese officials are on the defensive after Google fingered China as the source of a sophisticated phishing attack targeting many high profile Gmail account holders, including U.S. government officials. But security experts says the attack, if true, continues a growing trend of sophisticated attacks used by nation states for cyber espionage purposes.

In a blog post Wednesday, Google said that it discovered a targeted phishing campaign appearing to be sourced from Jinan, China , affecting hundreds of Gmail users, including senior U.S. government officials, Chinese political activists, officials in South Korea and other Asian countries, as well as military personnel and journalists.

Google said that the phishing campaign, executed by stealing users' passwords, was launched in an effort to infiltrate users' Gmail accounts and monitor their activity.

"The goal of this effort seems to have been to monitor the contents of these users' e-mails, with the perpetrators apparently using stolen passwords to change peoples' forwarding and delegation settings," Google said in a blog post Wednesday.

During that attack, victims were compelled to open an e-mail appearing to come from someone they knew. The e-mail message used social engineering techniques with highly personalized content to entice them to click on links that took them to malicious sites impersonating the Gmail login screen.

"The telltale sign to note here was the fact that it took them back to a Gmail login screen after they were already in their account. That's never a good sign," said Fred Touchette, senior security analyst for AppRiver. "The fake log-in screen in these attacks also had multiple flaws that should have clued the victims to the fact that something was amiss as well."

Google said that it had already "detected and disrupted" the campaign aimed at hacking into military Gmail accounts, adding that the victims and appropriate government authorities have been notified.

China has since emphatically denied Google's allegations that the spear phishing attack originated in the world's most populous country, calling the search giant's claims "unacceptable."

"Blaming these misdeeds on China is unacceptable," said Hong Lei, Chinese foreign ministry spokesman in a news conference, according to The Telegraph .

Meanwhile an editorial, published by, Xinhua, the official Chinese news agency , said that Google's "groundless" accusations were damaging diplomatic relations and trust between the two countries, stating that "it was too imprudent for the online giant to lash out at others without solid proof to support its accusations.

"The chimerical complaints by Google have become obstacles for enhancing global trust between stakeholders in cyberspace," Xinhua said, adding "It is a real pity that Google's baseless complaints have distressed mutual trust and the efforts to establish new global governance in cyberspace, letting real online criminals obtain illegal profits without being punished."

Xinhua said that this was the second time that "Google arbitrarily pointed its finger at China," citing last year's allegations that the Chinese government perpetrated a hacker attack against the search giant, and elicited the help of the U.S. National Security Agency, which Xinxua said was "a serious threat to Internet neutrality.

"It is not appropriate for Google, a profit-first business, to act as an Internet judge," Xinhua said.

Next: Gmail Attack Continues Trend Of Targeted Phishing Schemes

Printer-friendly version Email this CRN article