Hacking Epidemic: No Joke, Lock Down Your Gmail Now

More

Two days ago my wife's Gmail account was taken over, with quite sweeping effects. SEE UPDATE BELOW. Yesterday I mentioned the two simple steps Gmail users could take to minimize the chance of such an attack, or recover more quickly if it happened.

Just in the past hour, I have received phishing messages from the Gmail accounts of two three four five six other friends -- starting with one in California and one in Texas -- whose accounts must have been hacked in just the same way. The (implausible) "I've been mugged in Madrid, Spain!" pitch is almost identical to the one that went out from my wife's account. The messages have also been jiggered in a way similar to (but with an interesting difference from) hers. In all cases, the "Reply To:" address has been changed on these messages, so that if you hit Reply your response goes not to the sender but to a dummy address. For my wife's case, the dummy address was a Gmail account that was a slight misspelling of her name. In these two new cases, the return address is @ymail.com  rather than @gmail.com -- that is, a Yahoo mail rather than Gmail account.  A message appearing to come from MyFriend@gmail.com would direct its replies to MyFriend@ymail.com. These alterations are normally concealed, but you can see them if you press the "Show details" button in Gmail.

These California friends of mine do not know the Texas friend. One of them has never corresponded with my wife. So this isn't just some ripple effect spreading from her network of contacts. I am getting these messages because I happen to be in both all of their address lists. At least anecdotally, something bigger would appear to be going on. Perhaps a new Gmail hack or password-capture system? Related to the mammoth Epsilon hack? Each sounds unlikely, but who knows. 

But even if this is purely anecdotal and coincidental, why take a risk? If you use Gmail, protect yourself now. Change your password. Now. If you can, switch to two-step verification, as explained yesterday. Be absolutely sure you have extra "password recovery contacts," also as explained yesterday. Also, when you are on the "mail settings" of Gmail making these changes, check the "Forwarding / IMAP" tab to make sure your mail is not being forwarded someplace you don't want.

This is all a minor nuisance. Believe me, it is less of a nuisance than the ones you will be dealing with if the entire contents of your archived mail are in someone else's hands. More about this later.

Here is the phishing note just now from one of my friends' accounts, slightly altered from the one sent when my wife's account was taken over:

>>I'm sorry for this sudden request, It's because things actually got out of control. I'm Madrid, Spain. I came down here for a confrenece, i was mugged and all my belongings including cellphone and credit card were all stolen at "GUN POINT". It's such a traumatic experience for me. I need your help flying back home as i am trying to raise some money.

I've  contacted my bank but the best they could do was to send me a new card in the mail which will take 2-4 working days to arrive here from [my friend's real home town, in Texas]. I need you to lend me some Money to sort my self out of this predicament, i will pay back once i get this over with because i need to make a last minute flight.
 
Western Union or MoneyGram is the fastest option to wire funds to me. Let me know if you need my details(Full names/location) to effect a transfer. You can reach me via hotel's desk phone and  the number is, +34 981 600916891.

 Waiting to hear from you,
[My friend's real nickname] <<

Do. It. Now.

UPDATE: In response to some queries, at least in my wife's case this is not just a matter of innocently spoofing her email address as the "from" line of phishing messages. Someone else had complete control of all her online data for a number of hours, with harmful consequences I will detail later. Maybe that has not happened to the people I've heard from today, but if it has, it's something you want to avoid for yourself.

Presented by

James Fallows is a national correspondent for The Atlantic and has written for the magazine since the late 1970s. He has reported extensively from outside the United States and once worked as President Carter's chief speechwriter. His latest book is China Airborne. More

James Fallows is based in Washington as a national correspondent for The Atlantic. He has worked for the magazine for nearly 30 years and in that time has also lived in Seattle, Berkeley, Austin, Tokyo, Kuala Lumpur, Shanghai, and Beijing. He was raised in Redlands, California, received his undergraduate degree in American history and literature from Harvard, and received a graduate degree in economics from Oxford as a Rhodes scholar. In addition to working for The Atlantic, he has spent two years as chief White House speechwriter for Jimmy Carter, two years as the editor of US News & World Report, and six months as a program designer at Microsoft. He is an instrument-rated private pilot. He is also now the chair in U.S. media at the U.S. Studies Centre at the University of Sydney, in Australia.

Fallows has been a finalist for the National Magazine Award five times and has won once; he has also won the American Book Award for nonfiction and a N.Y. Emmy award for the documentary series Doing Business in China. He was the founding chairman of the New America Foundation. His recent books Blind Into Baghdad (2006) and Postcards From Tomorrow Square (2009) are based on his writings for The Atlantic. His latest book is China Airborne. He is married to Deborah Fallows, author of the recent book Dreaming in Chinese. They have two married sons.

Fallows welcomes and frequently quotes from reader mail sent via the "Email" button below. Unless you specify otherwise, we consider any incoming mail available for possible quotation -- but not with the sender's real name unless you explicitly state that it may be used. If you are wondering why Fallows does not use a "Comments" field below his posts, please see previous explanations here and here.
Get Today's Top Stories in Your Inbox (preview)

Tracing Sriracha's Origin to a Seaside Town in Thailand

Ever wonder how the wildly popular hot sauce got its name? It all started in Si Racha.


Elsewhere on the web

Video

Where the Wild Things Go

A government facility outside of Denver houses more than a million products of the illegal wildlife trade, from tigers and bears to bald eagles.

Video

Adults Need Playtime Too

When was the last time you played your favorite childhood game?

Video

Is Wine Healthy?

James Hamblin prepares to impress his date with knowledge about the health benefits of wine.

Video

The World's Largest Balloon Festival

Nine days, more than 700 balloons, and a whole lot of hot air

Writers

Up
Down

More in Technology

From This Author

Just In