Gmail gets hijacked by hackers in China

Internet users in China are facing a phishing attack — put in place by hackers — when they attempt to access Gmail, according to a report by Fast Company.

When users visit Gmail.com, they’re redirected to a site that looks exactly the same, but at a different address (http://124.117.227.201/web/gmail/), where they’re asked to re-enter their login information. Like all phishing attacks, the hackers are interested in gathering Gmail user login information, as well as any other information they can sift out of email accounts.

The server behind the attack originated from Ürümqi in Northwest China, but beyond that it’s unknown who’s behind it. Fast Company points to one conspiratorial report that speculates state-run ISPs China Telecom and Unicom may be behind the phishing attack, and that it’s meant to make users lose faith in Gmail.

Given Google’s recent spats in China, that explanation may not seem so hard to believe. The company threatened to pull out of China entirely earlier this year, after it detected a “highly sophisticated and targeted attack” in its Beijing offices. Google remained in the country, but it stopped censoring searches by forwarding users from its Chinese site (Google.cn) to its Hong Kong site (Google.hk).

Fast Company also points to a conveniently timed announcement this morning of a new search engine by the Xinhua News Agency and the telephone carrier China Mobile — both of which are state-run companies. It’s expected to focus on mobile searches, which could be a threat to Google’s current No. 3 mobile search position in China.

According to a Google spokesperson, Gmail isn’t the only site being targeted like this: “This phishing attempt is not unique to Gmail and should not be misconstrued. As always, users should be careful about where they share their personal information, and should avoid clicking through warnings about suspicious sites. We encourage Gmail users to visit https://mail.google.com directly.”

blog comments powered by Disqus