{
	"id": "29efd94d-6ecf-450d-b051-5cce5f0b46a2",
	"created_at": "2026-04-06T01:29:43.580189Z",
	"updated_at": "2026-04-10T13:11:45.166686Z",
	"deleted_at": null,
	"sha1_hash": "6ae6cc8f5327ed0deb5d4eb1b67f25f0f3712284",
	"title": "Ensuring your information is safe online",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 76917,
	"plain_text": "Ensuring your information is safe online\r\nBy Posted by Eric Grosse, Engineering Director, Google Security Team\r\nPublished: 2011-06-01 · Archived: 2026-04-06 01:13:32 UTC\r\nThe Internet has been an amazing force for good in the world—opening up communications, boosting economic\r\ngrowth and promoting free expression. But like all technologies, it can also be used for bad things. Today, despite\r\nthe efforts of Internet companies and the security community, identity theft, fraud and the hijacking of people’s\r\nemail accounts are common problems online. Bad actors take advantage of the fact that most people aren’t that\r\ntech savvy—hijacking accounts by using malware and phishing scams that trick users into sharing their\r\npasswords, or by using passwords obtained by hacking other websites. Most account hijackings are not very\r\ntargeted; they are designed to steal identities, acquire financial data or send spam. But some attacks are targeted at\r\nspecific individuals. Through the strength of our cloud-based security and abuse detection systems*, we recently\r\nuncovered a campaign to collect user passwords, likely through phishing. This campaign, which appears to\r\noriginate from Jinan, China, affected what seem to be the personal Gmail accounts of hundreds of users including,\r\namong others, senior U.S. government officials, Chinese political activists, officials in several Asian countries\r\n(predominantly South Korea), military personnel and journalists. The goal of this effort seems to have been to\r\nmonitor the contents of these users’ emails, with the perpetrators apparently using stolen passwords to change\r\npeoples’ forwarding and delegation settings. (Gmail enables you to forward your emails automatically, as well as\r\ngrant others access to your account.) Google detected and has disrupted this campaign to take users’ passwords\r\nand monitor their emails. We have notified victims and secured their accounts. In addition, we have notified\r\nrelevant government authorities. It’s important to stress that our internal systems have not been affected—these\r\naccount hijackings were not the result of a security problem with Gmail itself. But we believe that being open\r\nabout these security issues helps users better protect their information online. Here are some ways to improve your\r\nsecurity when using Google products:\r\nEnable 2-step verification. This Gmail feature uses a phone and second password on sign-in, and it\r\nprotected some accounts from this attack. So check out this video on setting up 2-step verification.\r\nUse a strong password for Google that you do not use on any other site. Here’s a video to help.\r\nEnter your password only into a proper sign-in prompt on a https://www.google.com domain. We will\r\nnever ask you to email your password or enter it into a form that appears within an email message. Here’s a\r\nvideo with more advice.\r\nCheck your Gmail settings for suspicious forwarding addresses (“Forwarding and POP/IMAP” tab, Fig. 1)\r\nor delegated accounts (“Accounts” tab, Fig. 2).\r\nhttps://googleblog.blogspot.com/2011/06/ensuring-your-information-is-safe.html\r\nPage 1 of 2\n\nFig. 1\r\nFig. 2\r\nWatch for the red warnings about suspicious account activity that may appear on top of your Gmail inbox.\r\nReview the security features offered by the Chrome browser. If you don’t already use Chrome, consider\r\nswitching your browser to Chrome.\r\nExplore other security recommendations and a video with tips on how to stay safe across the web.\r\nPlease spend ten minutes today taking steps to improve your online security so that you can experience all that the\r\nInternet offers—while also protecting your data. *We also relied on user reports and this external report to\r\nuncover the campaign described.\r\nSource: https://googleblog.blogspot.com/2011/06/ensuring-your-information-is-safe.html\r\nhttps://googleblog.blogspot.com/2011/06/ensuring-your-information-is-safe.html\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://googleblog.blogspot.com/2011/06/ensuring-your-information-is-safe.html"
	],
	"report_names": [
		"ensuring-your-information-is-safe.html"
	],
	"threat_actors": [
		{
			"id": "aa73cd6a-868c-4ae4-a5b2-7cb2c5ad1e9d",
			"created_at": "2022-10-25T16:07:24.139848Z",
			"updated_at": "2026-04-10T02:00:04.878798Z",
			"deleted_at": null,
			"main_name": "Safe",
			"aliases": [],
			"source_name": "ETDA:Safe",
			"tools": [
				"DebugView",
				"LZ77",
				"OpenDoc",
				"SafeDisk",
				"TypeConfig",
				"UPXShell",
				"UsbDoc",
				"UsbExe"
			],
			"source_id": "ETDA",
			"reports": null
		}
	],
	"ts_created_at": 1775438983,
	"ts_updated_at": 1775826705,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/6ae6cc8f5327ed0deb5d4eb1b67f25f0f3712284.pdf",
		"text": "https://archive.orkl.eu/6ae6cc8f5327ed0deb5d4eb1b67f25f0f3712284.txt",
		"img": "https://archive.orkl.eu/6ae6cc8f5327ed0deb5d4eb1b67f25f0f3712284.jpg"
	}
}