Google is certain that the latest hacking attempt comes from Jinan, China as a phishing scam to obtain gmail passwords. This type of attack happens all the time, but since senior level US government officials, military personnel and political activists were targeted the intent seems much more sinister. The attacks were common phishing schemes that are not very sophisticated opening speculation that this was testing the water and that the information may be used for broader attacks.
If someone has your username and password, they can hijack your account. Not only will they have access to your email, but they can change account settings, forward email and send email as you. If you are unaware that your account has been compromised, the hacker can play havoc with your information and identity.
Certainly, you have heard these warnings: create a strong password, don’t divulge username and password information especially from email requests, use a good anti-virus, have malware protection and keep a good backup. This cannot be stressed enough – create a strong password for your important accounts. Next, use a two-step verification or authentication whenever possible. This is another way to prove it is you. Google uses a strategy where they will send a unique code to your phone that is required to sign in. The problem with this security measure is that it is not convenient as it takes another step and more time. Often users choose convenience over security.
When you use more than one email address and if you send to a mobile device, be sure that you use security measures that adequately protect your information. The more valuable the information, the more protection is needed. and just like physical security, use barriers as deterrents. In the digital and virtual world, barriers are passwords, tokens, PINs and other information that only you will know.
To learn more about the Google 2-step verification, go tohttp://www.google.com/support/a/bin/answer.py?answer=175197