Sophos: High profile Gmail attack - Sophos advises on how to reduce chances of account hacking
June 2011 by Sophos
It has been reported that high profile Gmail users - including US government officials, reporters and political activists - have had their email accounts hacked. IT security and control firm Sophos is warning users that this wasn’t a sophisticated attack against Google’s systems, but rather a cleverly-crafted HTML email which pointed to a Gmail phishing page.
Victims believed that they had been sent an attachment, clicked on the link, and were greeted by what appeared to be Gmail’s login screen. If recipients filled in their details, their Gmail username and password were automatically handed over to unauthorised parties. Graham Cluley, senior technology consultant at Sophos, has provided five steps, advising Gmail users on how to protect themselves to reduce the chances of their account being hacked.
1. Set up two step verification - this provides an extra layer of security by sending a verification code to the users’ mobile when they login
2. Check if your Gmail messages are being forwarded without your permission - users should check their "Forwarding and POP/IMAP" settings to ensure that emails aren’t being forwarded to an unknown account without their authorisation
3. Verify where your Gmail account is being accessed from - check is someone has been accessing your account at unusual times of day or from an unusual location
4. Choose a unique, hard-to-crack password - avoid using the same password for multiple sites and do not use a dictionary word
5. Secure your computer with up-to-date anti-virus software and security patches
"These five steps are really easy and they apply to all users of cloud hosted email accounts in order to improve the security of their data online," said Cluley. "However one thing that people should be asking themselves, is why are they storing sensitive information in cloud based accounts in the first place? The recent news headlines claim that senior US political and military officials were being targeted by these hackers, but surely they shouldn’t be storing confidential or sensitive information in their webmail account. Users should always think about the data that they are storing in their web email, because if it’s only protected by a username and password, it may actually be less secure than your regular work email system provides."