Google sent 12,000 warnings to users in 149 countries that they were targeted by government-backed attackers during the three-month period from July to September this year. Out of these 12,000 warnings, about 500 were sent to users in India.
This is consistent with the number of warnings sent in the same period of 2018 and 2017, Google said.
“We’ve had a long-standing policy to send users warnings if we detect that they are the subject of state-sponsored phishing attempts, and have posted periodically about these before,” Shane Huntley from Google’s Threat Analysis Group wrote in a blog post on Wednesday.
Over 90 percent of these users were targeted via “credential phishing emails”. These are usually attempts to obtain the target’s password or other account credentials to hijack their accounts.
“We encourage high-risk users – like journalists, human rights activists, and political campaigns – to enroll in our Advanced Protection Program (APP), which utilizes hardware security keys and provides the strongest protections available against phishing and account hijackings. APP is designed specifically for the highest-risk accounts,” Huntley said.
In a typical such attack, an attacker sends a phishing email with a security alert lure from “Goolge” suggesting the user secure their account.
The user clicks the link, enters their password, and may also get asked for a security code if they have two-factor authentication enabled, allowing the attacker to access their account.
Google’s Threat Analysis Group works to counter targeted and government-backed hacking against Google and its users.
“In the past, we’ve posted on issues like phishing campaigns, vulnerabilities and disinformation. Going forward, we’ll share more technical details and data about the threats we detect and how we counter them to advance the broader digital security discussion,” Huntley said.