By Wang Wei
As part of its active efforts to protect billions of online users, Google identified and warned over 12,000 of its users who were targeted by a government-backed hacking attempt in the third quarter of this year.
According to a report published by Google’s Threat Analysis Group (TAG), more than 90 percent of the targeted users were hit with “credential phishing emails” that tried to trick victims into handing over access to their Google account.
Google’s TAG tracks over 270 government-backed hacking groups from over 50 countries that are involved in intelligence collection, stealing intellectual property, destructive cyber attacks, targeting dissidents, journalists, and activists, or spreading coordinated disinformation.
These warnings usually get sent to the potential targets, which generally are activists, journalists, policy-makers, and politicians. However, if you have received any such alert, do not freak out straight away — it doesn’t necessarily mean that your Google account has been compromised.
“We encourage high-risk users—like journalists, human rights activists, and political campaigns—to enroll in our Advanced Protection Program (APP), which utilizes hardware security keys and provides the strongest protections available against phishing and account hijackings. APP is designed specifically for the highest-risk accounts,” Google said.
Google has been warning individual Google account users since 2012 if the company believes government-backed hackers are targeting their account via phishing, malware, or some other tactics.
Just last year, Google also started offering these email attack alerts to G Suite administrators so they can take action to protect their users and so their organization as well.
High-risk users can take some necessary security measures that will help prevent compromise of their accounts, including keeping their apps and software up-to-date and enabling 2-step verification (Google recommends its Authenticator app or a Security Key as the best methods than regular old text message).