Google Inc. (NASDAQ:GOOG) said Wednesday that it discovered a phishing scam intended to collect passwords to the personal Gmail email accounts of hundreds of specific users.
In a post to Googles official blog, Engineering Director Eric Grosse said the scam, which Google said originated in Jinan, China, targeted hundreds of Gmail users, a list which included, among others, senior U.S. government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel and journalists.
The Mountain View, Calif., based company said the goal of the scheme was to monitor email contents by using stolen passwords to allow others to access the attacked email accounts and automatically forward emails from the hacked accounts to others.
Google said it has disrupted the plot and has notified the victims and taken action to secure their accounts. The company said it had also informed relevant government authorities.
Its important to stress that our internal systems have not been affectedthese account hijackings were not the result of a security problem with Gmail itself, the company said. But we believe that being open about these security issues helps users better protect their information online.
The statement went onto suggest methods, such as two-step verification and the use of a strong password unique to Gmail, which enhance the security of Google products.
Shares of Google fell $3.42, just over half of 1% on Wednesday, closing the session at $525.60. The stock was down another $1.33 in after-hours trading.