Rising hacking activity in Iran have led Google to warn of Gmail account hacks. Leading up to the elections, Eric Grosse, Google’s security engineering VP, noted of the Gmail account hacks.
Many phishing attemptst have been coming out of a specific internet cafe in Iran, according to a post on the Google Online Security Blog.
For almost three weeks, we have detected and disrupted multiple email-based phishing campaigns aimed at compromising the accounts owned by tens of thousands of Iranian users. These campaigns, which originate from within Iran, represent a significant jump in the overall volume of phishing activity in the region. The timing and targeting of the campaigns suggest that the attacks are politically motivated in connection with the Iranian presidential election on Friday.
The phishing emails look like the one below. The technique used is quite common, apparently. A link in the email is provided to the user to perform account maintenance. The link itself leads to a spoofed Google sign-in page. That page will then steal a user’s username and password when they attempt to log in.
Google noted that the Chrome browser is used to detect such phishing attacks, including Gmail account hacks. The attacks seem to be originating from the same group which was active in 2011. The presidential attacks are taking place tomorrow in Iran.
Gmail account hacks and phishing attempts happen all the time, but this presented a significant surge in a specific region, Grosse notes in his blog post.
Grosse ends his post pointing out some security measures users can apply to keep their Gmail accounts safe. One of the measures noted is the two-step verification method: it involves both your password and a phone on which you will receive a code to be able to log in to your account.
Back in 2011, we posted some tips on keeping your email address as secure as possible. Check them out: you’ll never know when they’ll be useful to you.