Escalating Gmail/Spamming Attacks 139
We've been getting submissions about an uptick in compromised Gmail accounts in the last few days, but nothing that could be substantiated. Robert McMillan did a bit of digging and now reports in PC World that "Google is investigating a growing number of reports that hackers are breaking into legitimate Gmail accounts and then using them to send spam messages. The problem started about a week ago but seems to have escalated over the past few days. ... [I]n forum posts, Gmail users note that the hackers appear to be sending spam via Gmail's mobile interface — which gives mobile-phone users a way to check their Gmail accounts — and wonder if there may be a bug in the mobile interface that is allowing criminals to send the spam. ... Google says there's no Gmail bug. ... 'Spammers may sometimes use a mobile interface to access accounts they have already compromised because it's simpler for bots to use this method at large scale.'" Here's how to tell if your Gmail account has been accessed by bad guys, and what to do about it.
Re:Breaking in? (Score:2, Insightful)
The problem with that analogy is that the vast majority of door locks have complexity equivalent to 'password123'.
Re:Where are your filters now? (Score:3, Insightful)
Except that many did, and those solutions were dismissed because they won't work.
Re:GMail's Security is Crap (Score:4, Insightful)
Yet 30 seconds on the phone if you were a Google Apps customer and - BANG! - that email would be back under your control. I guess it's the "you get what you pay for" thing.
And yes, I do recognise that your personal info and email messages to datamine is in fact worth something (and therefore a form of payment) but I guess Google doesn't.
Re:Recovery Options Slim to None (Score:3, Insightful)
This is why I don't like having the same cookies/login for multiple sites. I use a Yahoo email for Google Calendar and Google Voice for exactly that reason. But this reminds me to download/archive my calendar. (I know someone who lost their gmail account and there calendar went bye-bye too.)
I wonder if sharing it with another account would insure against that risk?
In my case, I don't put all my eggs in one basket.