In its latest posting at the official Google blog, Google says that the Internet can be used for good or bad, and that 'despite the efforts of Internet companies and the security community, identity theft, fraud and the hijacking of people's email accounts are common problems online'.
Of course, there are plenty of companies who will offer you protection from malware - Symantec, Kaspersky, TrustDefender, AVG and many others, but part of the problem is that 'most people aren't that tech savvy', sayeth Google, which presumably shows that people might know they need protection of some kind but don't know how to effectively use it, or even how to install it and keep it updated - even though most security products aim to be as easy to use as possible.
Google notes that social engineering, along with malware, is used to 'trick users into sharing their passwords, or by using passwords obtained by hacking other websites'.
Talking up the 'strength of [its] cloud-based security and abuse detection systems' (augmented by external user reports), Google says it 'recently uncovered a campaign to collect user passwords, likely through phishing'.
Apparently originating from Jinan, China, Google says the campaign was against 'the personal Gmail accounts of hundreds of users including, among others, senior U.S. government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel and journalists.'
The goal 'seems to have been to monitor the contents of these users' emails, with the perpetrators apparently using stolen passwords to change peoples' forwarding and delegation settings'.
Google says it then 'detected and has disrupted this campaign to take users' passwords and monitor their emails', notifying 'victims' and securing their accounts, as well as notifying 'relevant government authorities.'
Google also wants to 'stress that our internal systems have not been affected'”these account hijackings were not the result of a security problem with Gmail itself. But we believe that being open about these security issues helps users better protect their information online.'
Google then offers some tips on improving your security when using Google products, including the enabling of 2-step vertification, which sends an SMS message with an additional code for sign-in, meaning that someone in possession of your user ID and password no longer has enough information to successfully log into your account.
Unsurprisingly, Google also recommends you use its browser, Google Chrome.
More on Google's safety tips can be found here.