Top Navigation  
U.S. Flag waving
Office Hours Momday - Friday  8 am - 5 pm Pacific 1-800-835-2418
Facebook   YouTube   Twitter
 Home Page
 Current Issue
 Article Index
 Author Index
 Previous Issues

 Kindle Subscriptions
 Kindle Publications
 Back Issues
 Discount Books
 All Specials
 Classified Ad

 Web Site Ads
 Magazine Ads

 BHM Forum
 Contact Us/
 Change of Address

Forum / Chat
 Forum/Chat Info
 Lost Password
 Write For BHM

Link to BHM

etc. - a little of this, a little of that - by Oliver Del Signore

Google warns Gmail users about “state-sponsored” attacks on their email accounts

Thursday, June 7th, 2012

I do not use Google’s Gmail service but millions of people do, worldwide. Tuesday, Google took the unusual step of letting some users know their accounts may be the targets of “state-sponsored” attacks. Note that in this context, “state” means country, like China or the United States, and not California or Massachusetts.

Here is the post copied from their Security blog:


Security warnings for suspected state-sponsored attacks
Tuesday, June 5, 2012 12:04 PM
Posted by Eric Grosse, VP Security Engineering

We are constantly on the lookout for malicious activity on our systems, in particular attempts by third parties to log into users’ accounts unauthorized. When we have specific intelligence—either directly from users or from our own monitoring efforts—we show clear warning signs and put in place extra roadblocks to thwart these bad actors.

Today, we’re taking that a step further for a subset of our users, who we believe may be the target of state-sponsored attacks. You can see what this new warning looks like here:

If you see this warning it does not necessarily mean that your account has been hijacked. It just means that we believe you may be a target, of phishing or malware for example, and that you should take immediate steps to secure your account. Here are some things you should do immediately: create a unique password that has a good mix of capital and lowercase letters, as well punctuation marks and numbers; enable 2-step verification as additional security; and update your browser, operating system, plugins, and document editors. Attackers often send links to fake sign-in pages to try to steal your password, so be careful about where you sign in to Google and look for in your browser bar. These warnings are not being shown because Google’s internal systems have been compromised or because of a particular attack.

You might ask how we know this activity is state-sponsored. We can’t go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis—as well as victim reports—strongly suggest the involvement of states or groups that are state-sponsored.

We believe it is our duty to be proactive in notifying users about attacks or potential attacks so that they can take action to protect their information. And we will continue to update these notifications based on the latest information.


The single most important thing you can do to protect your email account, or any online account, is to have secure password.

Google “most common passwords” and check out some of the lists. Seriously, folks, “12345” or “password” as a password? No wonder so many people get hacked.

If you are one of the folks with an easy-to-remember password, please change it immediately to something long and random. Make it up or use the site I made for my relatives to use to generate secure passwords.

Either way, make it twelve to sixteen characters long, like this one  — Q~P8]b6L!h<!@1`n — which you should NOT use now that it’s been published.

You may think nobody could possibly be interested in hacking your email account but the reality is, the bad guys will use anyone’s account to distribute their spam and they are constantly testing accounts for vulnerabilities. How do you think all your friends and relatives and work contacts are going to feel when they get that first piece of spam sent from your account and realize that the spammers now have their email address to use and sell to other spammers?

Another thing your can do to help thwart spammers is to NOT forward jokes and other things to your mailing list by putting all the addresses in the TO: field where everyone can see them. If you must forward something to more than one person, put your email address in the TO: field and put all the others in the BCC: field. (Blind Carbon Copy) That way, all the recipients only see your email address.

Having your email or blog or website hacked is a royal pain in the posterior. I know, having experienced it many years ago. Now, my passwords look like the one above.

Yours should, too.

2 Responses to “Google warns Gmail users about “state-sponsored” attacks on their email accounts”

  1. charles scamman Says:

    Irrespective of password strength, people should consider e-mails in the same light as posting on a public bulletin board. No e-mail service is totally secure, even that use by the government. Yes, computer access cards with personal identification numbers and fourteen mixed character passwords help, but eventually the service will be hacked by either some computer guru, or some government agency. The US mail, first class is still the most secure way to communicate.

  2. Leonard Barnes Says:


    Anything you put on the internet can and probably will be read or seen by someone you did not intend to be able to. With that in mind I go about my daily internet usage with guarded care. Mostly.



Copyright © 1998 - Present by Backwoods Home Magazine. All Rights Reserved.