Google... Gmail hacked...

Here’s The Fake Gmail Site Chinese Hackers Used To Steal U.S., Activist Data - Andy Greenberg - The Firewall - Forbes has a comparison of a fake Gmail login page used for "spear phishing" vs. the real one. The differences are pretty subtle and I doubt I'd be able to spot anything amiss if it were presented to me, esp. given that there are subtle changes to Gmail all the time.

I guess it's not that hard for a user to get confused by this (from contagio: Targeted attacks against personal accounts of military, government employees and associates):

 

The key to avoiding this sort of trap is to never, ever log into any account from a link sent via email.

For example, say that you get an email from your bank suggesting you need to verify your balance. Generally I would immediately delete this sort of message, but let's say we think it might be legitimate and we decide to check our bank account. Rather than click on the embedded link, close the email, open your browser, and manually navigate to the bank page.

An embedded link might point to a false server, and sometimes they are very hard to spot. Navigating on your own or via your stored bookmarks is safe as long as the DNS is not compromised. If DNS gets compromised, all bets are off.

Tom

 

I pay almost all of my bills online, but I refuse to get my bills via email for this exact reason.

 

Agreed but it seems they were receiving what looked like legit mail from someone they knew w/an attachment. When they tried to view or download the attachment, they got thrown to a fake Gmail login page instead of the normal behavior. I'm guessing they figured it was a Gmail glitch, so they happily entered their credentials.

Yep, compromised DNS would be a very bad thing. It wouldn't surprise me if China has poisoned their DNSes too, given that they have the "great firewall".

 

Sorry, personal peeve of mine... no one was hacked here, especially not google. In common usage, the term "hacked" indicates a severe breach of computer network security, often through the usage of exploits or vulnerabilities in code.

This was a job of social engineering, where a fraudulent third party got users to willing give up their username and password. There was no hacking - just directing people to a website they thought was something else.

 

Why would "prominent" people be using Gmail anyway?