Have you ever received an email from Google, warning you about your Gmail account being the playground for government-backed hacking activity? What did you do — hit the panic button? Well, you can completely chill down since there is nothing to worry about.
Introduced back in 2012, this is a standard procedure followed by Google to make people aware that their Gmail accounts are or have been targetted by government-backed hackers. But, the tech giant has today reiterated its commitment to the said initiative in light on recent events (ahem..Yahoo!) and lack of stringent cyber security measures.
Several journalists have also reported an increase in such warnings, reading “government-backed hackers may be trying to steal your password,” since the U.S Presidential elections. And you’re not alone in receiving warnings through an email notification or a banner at the top of your Gmail web client. How does this warning system actually work, though?
Google has detailed the complete process of monitoring suspicious activity and sending out warnings via its community support blog post. The tech giant says that the warning represents the fact that some state-sponsored attacker tried gaining access to your account through phishing, malware or harmful attachments. These are designed to trick you into opening a link to malicious or fake websites to steal your personal information or passwords.
The tech giant says that it has developed tools to monitor and detect such intrusions, but information about the same isn’t disclosed to the users. And there’s a strong reason behind it. If Google reveals too much, then attackers will also have to upgrade the attack tactics. Gmail already has measures in place to protect you from accessing such malicious documents or links. The platform either dumps the emails in Spam or marks the attachment or link as suspicious, instructing you to take caution while opening them — if you want to.
But, take note, you receiving this warning doesn’t necessarily mean that your account has been compromised by a widespread attack. Google is just making sure that you update your security preferences to protect your data from being nabbed by notorious hackers. It further adds that the warnings are sometimes sent to groups of at-risk users and not necessarily in real-time. Talking about the same, Shane Huntley, a member of Google’s Threat Analysis Group says,
The notice does not necessarily mean that the account has been compromised or that there is a widespread attack. Rather, the notice reflects our assessment that a government-backed attacker has likely attempted to access the user’s account or computer through phishing or malware, for example.
Now, the next question you would have is — how do I secure my account and prevent it from state-sponsored attackers?
Google, in the support blog post, says that the Security Checkup will walk you through a series of steps to limit any damage to your account. And further, the tech giant believes that the following steps could help you better handle your security and privacy:[mks_accordion] [mks_accordion_item title=”Enable two-step verification”] As you must be already aware, the 2-step authentication feature provides you with an extra layer of security by sending a second password to your smartphone.
[/mks_accordion_item] [mks_accordion_item title=”Install Google Authenticator”] This acts as a companion to the 2-step authentication feature. Google Authenticator enables the user to receive codes when you don’t have an internet connection or mobile service.
[/mks_accordion_item] [mks_accordion_item title=”Always use up-to-date software”] You should remember to regularly update your software, especially the internet browser, operating system, plugins, and document editors. This will enable you to prevent malicious software from taking shelter in your PC.
[/mks_accordion_item] [mks_accordion_item title=”Set up a Gmail security Key”] This is the strongest form of 2-step verification to protect your account from hijackers. This is a physical key, which sells at about $20, and helps you authenticate your account via USB or wireless options like Bluetooth or Wi-Fi. These can be used for multiple websites or accounts.
With regards to the same, Huntley continues to add,
An extremely small fraction of users will ever see one of these warnings, but if you receive this warning from us, it’s important to take action on it.