Today my gmail account was commandeered by a spammer, and spam emails were sent from it to many mailing lists, along with all my contacts. This then led to my account being locked out (I’m still currently locked out at this time).
Not only does this remind me of the vulnerability I feel when I’m not able to access my google services, but it also bring me to the point to tell you all to CHANGE YOUR GOOGLE ACCOUNT PASSWORD ASAP.
I say this, because I wanted to see how many people have been having this type of issue, and the issue seems to be wide spread, and it’s not yet 100% known if it’s linked to account leaks in December or not, but as always changing your password wouldn’t hurt.
Here are a few links that I’ve conjured up while trying to figure this issue out:
http://blogs.zdnet.com/mobile-gadgeteer/?p=3062
http://www.google.com/support/forum/p/gmail/thread?tid=77127463d8f40cb6&hl=en
http://www.securelist.com/en/blog/217/Mass_hack_attack_or_a_Gmail_bugi
I honestly believe it’s an issue with the mobile platform, as I was using the mobile Gmail for my Black Berry. My attack which came from a mobile device (all attacks are from mobile device / bot) happened from an IP address in Canada.
Update: More on the issues from nytimes, reporting on the 20th of some of the breach:
http://www.nytimes.com/2010/04/20/technology/20google.html
I never used a phone to access my gmail account, but it happened to me anyway. I did find that POP was enabled in my account, so I wonder if that’s part of the hack — enabling mobile access if it’s not enabled.
Same thing happened to me last month. Eleven spammers from China killed my 6-year Gmail account! Google finally got back to me a month later, allowing me to change my password. But needing to purchase things online, I opened a new account. For the first time, I was surprised at how much info (accounts, receipts, forum passwords, etc.) was tied to that account over the years. Though I had recent local backups, it was like any other “crash” experience — a real pain.