123ArticleOnline Logo
Welcome to 123ArticleOnline.com!
ALL >> Computers >> View Article

Google Cautions Military And Government Personnel Of Spear Phishing Attack

Profile Picture
By Author: eccuni
Total Articles: 211
Comment this article
Facebook ShareTwitter ShareGoogle+ ShareTwitter Share

Recently, Google unearthed a major spear phishing campaign. Cybercriminals reportedly collected passwords of hundreds of Gmail users. The affected accounts include those of Chinese political activists, senior government officials of United States (U.S), and Asian countries, South Korea in particular, military officials and journalists. According to Google, the purpose of the spear phishing attack seems to be monitoring the contents of the targeted users. The offenders allegedly used the extracted passwords to gain unauthorized access to the Gmail accounts, and altered the forwarding and delegation settings. While the e-mail service provider has said that the latest attack supposedly originated from Jinan, China, the company has not provided any evidence to collaborate the same. Information security professionals of the company were successful in disrupting the account hijacking campaign and have initiated steps to secure the accounts of the affected individuals. The company has also notified the affected users.

In case of a spear phishing attack, cybercriminals send specially crafted e-mails to target individuals ...
... or employees affiliated to an organization, with the intention of gaining access to privileged information. Spear phishing e-mails are often hard to detect as they appear to come from a legitimate source such as peers, subordinates, system administrators, supervisors or stakeholders.

Government, military, defense and intelligence personnel often face spear phishing attacks. Last year, several U.S government employees and contracted professionals were targets of a more sophisticated spear phishing attack. They apparently received a Christmas greeting card, which appeared to come from White House. On clicking the greeting link, the targeted individuals received a prompt to open a .zip file. Individuals, who opened the file, inadvertently downloaded a Zeus Trojan in their computer systems without their knowledge. Ironically, the cleverly crafted e-mail was even successful in tricking some cyber security professionals. Security professionals may benefit from distance learning and online university degree programs to update their skills sets to deal with evolving sophisticated threats.

Employees must be wary of responding to e-mails urging urgent action and seeking personal, official and financial information. In case of suspicion, they must verify the authenticity of the e-mail with the concerned institutions or authority. Individuals must forward spoofed e-mails to relevant legal authorities and report abuse. This will enable concerned authorities to initiate remedial action. Fake Unique Resource Locators (URLs) look strikingly similar to legitimate web addresses of a company, but may have proxy names and numbers as prefix or suffix or have incorrect spelling of the company. Individuals must enter log in credentials on a secure e-mail account page, which begins with https. Google has urged users to make use of the two-factor verification process to avoid unauthorized access to e-mail accounts. The e-mail service provider has also asked Internet users to regularly check forwarding and delegating accounts settings. The company has also urged users to take cognizance of the red warning related to suspicious activity, displayed above the inbox. E-learning, online degree and training programs on cyber security may help employees in understanding security threats and improve their abilities to detect social engineering attacks.

Computer systems of government, military and defense personnel may contain information pertaining to offenders, strategies, and other sensitive data concerning national security. Exposure of such information may have adverse implications. Professionals qualified in IT degree or computer science degree degree programs may help organizations in implementing best practices in IT security and securing IT infrastructure.

Total Views: 315Word Count: 565See All articles From Author

Add Comment

Computers Articles

1. 00al556 Ibm 550-watts Platinum Power Supply For X3650 M4: Reliable And Energy-efficient Power For Enterprise Servers
Author: Server Tech Central

2. Iot Identity And Access Management (iam) Market : Driving Secure Innovation In Connected Ecosystems
Author: Umangp

3. Why Should You Plan Blinkit Onboarding Before Market Expansion And How Can Zane Marketing Help You Grow Faster
Author: Zane Marketing

4. Customer Identity And Access Management (ciam) Market : Strengthening Security And Customer Trust
Author: Umangp

5. How To Start Your Website Redesign Project?
Author: brainbell10

6. Sap Compliance In Manufacturing: Closing The Gaps Grc Leaves Behind
Author: Mansoor Alam

7. Speech Analytics Market : Unlocking Actionable Insights From Customer Conversations
Author: Umangp

8. Data Preparation Tools Market: How Ai And Cloud-based Solutions Are Transforming Modern Data Workflows
Author: Umangp

9. How To Setup And Create Instagram Ads?
Author: brainbell10

10. Why Digital Business Cards Are The Future Of Professional Networking
Author: WhyTap

11. End To End Sataware Product Development Is The Process Of Identifying Market Opportunities To Hire Flutter Developer, Connecting User Needs And Requir
Author: brainbell10

12. Dynamics Nav To Business Central Upgrade Guide
Author: brainbell10

13. Data Governance Framework: Building Trust In The Digital Age
Author: Umangp

14. A Complete Guide To Dynamics 365 Warehouse Management
Author: brainbell10

15. Conversational Ai In Intelligent Contact Centers: Market Outlook And Future Growth To 2028
Author: Umangp

Login To Account
Login Email:
Password:
Forgot Password?
New User?
Sign Up Newsletter
Email Address: