Today's Gmail Hacking Installment: Protect Your Friends, Too!

As I reported in last month's chronicle of a hacking attack, my wife's Gmail account was taken over a few months ago; all of her correspondence, photos, records, etc from a six-year stretch was zeroed out; and she has spent much of her time since then dealing with the consequences.

And, as I have mentioned, oh, a few million times by now, if you don't want this to happen to you, you will:
   (a) start using Gmail's "two-step" authentication system;
   (b) make sure that any account that matters to you has its own unique password, one that you've never used on any other site; plus
   (c) consider backing up your "cloud" data locally, for instance using Eudora, Thunderbird, or any other email handler to copy your online archives onto your own hard disk. Details on these and other fronts in the posts collected here.

But wait, there's more! You can also help other users. A little while ago, this message showed up in my wife's Gmail inbox, having made its way past the normal spam filters, Click for larger if you can't read it:

GoPhishingJ1.png


The obvious point is: this is a phishing message, and a crude one at that, which you shouldn't reply to. Duh. The less obvious point is that you should use the "Report Phishing" button on Gmail, which comes up as part of the "Reply" menu, rather than just deleting this and moving on.

Why does this matter? For reasons of scale, nearly all of the spam-filtering and fraud-detection efforts by Gmail or other systems are "algorithmic." That is, they're based on automatic scanning of messages to match their contents to known fraudulent patterns. It's a matter of probabilities, which is why the filters aren't perfect. Some new forms of spam are cleverly enough prepared to escape the automatic matching; some "real" messages use enough suspect words or patterns to get trapped or flagged.

So the fine-tuning depends heavily on judgments by real, human users, who start flagging messages as spam, or retrieving them as "not spam." Each of those decisions sends a signal back to Google's (or another company's) algorithms -- and the signal gets extra weight, since it reflects a human judgment of where an algorithm has failed. These are the counterparts of "Like" or "Share" or "+1" signals in social media, and in this case they can quickly shift detection to a pattern the algorithms would have taken longer to catch up with.

The easiest way to handle an obviously fraudulent message is just to delete it. But if you spend two more seconds to click the "Report Phishing" button, you can reduce the likelihood that you or anyone else will see a similar message again. As our friends at the TSA would put it, If you see something, say (or click) something.
Presented by

James Fallows is a national correspondent for The Atlantic and has written for the magazine since the late 1970s. He has reported extensively from outside the United States and once worked as President Carter's chief speechwriter. His latest book is China Airborne. More

James Fallows is based in Washington as a national correspondent for The Atlantic. He has worked for the magazine for nearly 30 years and in that time has also lived in Seattle, Berkeley, Austin, Tokyo, Kuala Lumpur, Shanghai, and Beijing. He was raised in Redlands, California, received his undergraduate degree in American history and literature from Harvard, and received a graduate degree in economics from Oxford as a Rhodes scholar. In addition to working for The Atlantic, he has spent two years as chief White House speechwriter for Jimmy Carter, two years as the editor of US News & World Report, and six months as a program designer at Microsoft. He is an instrument-rated private pilot. He is also now the chair in U.S. media at the U.S. Studies Centre at the University of Sydney, in Australia.

Fallows has been a finalist for the National Magazine Award five times and has won once; he has also won the American Book Award for nonfiction and a N.Y. Emmy award for the documentary series Doing Business in China. He was the founding chairman of the New America Foundation. His recent books Blind Into Baghdad (2006) and Postcards From Tomorrow Square (2009) are based on his writings for The Atlantic. His latest book is China Airborne. He is married to Deborah Fallows, author of the recent book Dreaming in Chinese. They have two married sons.

Fallows welcomes and frequently quotes from reader mail sent via the "Email" button below. Unless you specify otherwise, we consider any incoming mail available for possible quotation -- but not with the sender's real name unless you explicitly state that it may be used. If you are wondering why Fallows does not use a "Comments" field below his posts, please see previous explanations here and here.

The Best 71-Second Animation You'll Watch Today

A rock monster tries to save a village from destruction.

Video

The Best 71-Second Animation You'll Watch Today

A rock monster tries to save a village from destruction.

Video

The Case for Napping at Work

Most Americans don't get enough sleep. More and more employers are trying to help address that.

Video

A Four-Dimensional Tour of Boston

In this groundbreaking video, time moves at multiple speeds within a single frame.

Video

Who Made Pop Music So Repetitive? You Did.

If pop music is too homogenous, that's because listeners want it that way.

Video

Stunning GoPro Footage of a Wildfire

In the field with America’s elite Native American firefighting crew

More in Technology

From This Author

Just In