Google warned nearly 12,000 users globally including 500 users in India during July-September this year, about “government-backed” attackers snooping on them via phishing attempts.
In a blog, on November 27, Google said that its Threat Analysis Group (TAG) works to counter attacks by government-backed groups. These groups were spread across 50 countries and it is not yet clear as to whether the attacks were governments’ attempt to spy on their citizens or other countries’ citizens.
The snooping attempts were made to collect intelligence, stealing intellectual property, targeting dissidents and activists, spreading coordinated disinformation, and destructive cyber attacks.
The company did not provide more information on who the targeted Indians maybe but merely said that it encourages all “high-risk users” like “journalists, human rights activists and political campaigns” to enrol in Google’s ‘advanced protection programme’.
According to Google, the snooping attempts were majorly done with the help of “credential phishing emails”. Phishing email means the attackers will send an email masquerading as a mail from Google seeking all the credentials from the users. Once the user enters the password, the hijackers will get complete access to his mail.
The rate of these attacks has not changed significantly in the past two years, as the number is similar to the same period in 2018 and 2017.
Countries such as the US, Canada, Afghanistan, and South Korea received the most number of user warnings, with some of them facing more than 1,000 warnings, Google stated.
The surveillance and phishing threats have been making headlines lately after WhatsApp revealed that more than 1400 users globally were hacked by spyware – Pegasus sold by Israel’s NSO Group. WhatsApp has sued NSO in a US court.
The most alarming takeaway of the whole incident was that the NSO Group revealed that Pegasus was only sold to government agencies.
