On Wednesday morning, at approximately 6:30 AM, I was checking my e-mail and drinking coffee. Suddenly, I received a series of e-mail bouncebacks (the e-mail equivalent of a snail mail “return to sender”). Why? I hadn’t sent an e-mail since Tuesday night.
When I opened the original message, I realized that someone had been using my Gmail account to send SPAM messages without my permission. The e-mails, which went out to basically everyone I had ever e-mailed using my Gmail account (hundreds of addresses), had the subject “hi!” and contained the following body text:
hi
How is everything going?
I want to share something with you : http://www.kcnshop.com/
On this website ,you can find many new and origianl electronic
products .Because of New Year 2010, they are holding sales promotion
activity, all the product are sold at a discount.
And i have bought some products from this web, low cost and good
quality ,and the delivery is on time .
If you need some, visit this website . Hurry up,because the promotion
activity only keeps 1 month .
Hope everything goes well.
Greetings!
My first reaction was confusion, my second reaction was embarrassment, and my third reaction was anger. Were these actually being sent directly from my account, I wondered? I checked my “Sent Mail” folder. Indeed, “I” had sent hundreds of e-mails with the above message.
A quick search in Gmail Help directed me to the last account activity details link at the bottom of my inbox. At 3:30 AM and again just a few minutes before I signed into my own account, an IP address from Beijing, China was using my e-mail address.
First, I changed my password. Then, I reported the incident to Google. Finally, I sent a mass e-mail blast to everyone copied in those e-mails, apologizing for the annoyance and explaining the situation. The whole ordeal sucked about 45 minutes out of my morning.
Flashback: In 2006, Google launched google.cn and agreed to censorship of some search results, according to BBC. The Chinese government doesn’t want its citizens to have free access to information online. However, Google is no longer willing to censor its results. The Chinese government is not happy about this.
When I told friends and family about the creepy e-mail hacking incident, a lot of people joked that it may have something with the Google – China fight. According to a CNN article, “…the company and at least 20 others were victims of a “highly sophisticated and targeted attack” originating in China in mid-December, evidently to gain access to the e-mail accounts of Chinese human rights activists.”
In addition, students and human rights activists at Stanford University are coming forward with reports of similar Gmail hacks. According to the Stanford Daily, “When Tenzin Seldon ‘12 logged into her Gmail account from New York over winter break, she had no idea that someone else was also logged into her account — from China…Seldon, a regional coordinator of New York-based Students for a Free Tibet, is one of dozens of human rights activists whose Gmail account had been spied on by a third party in China, according to a Jan. 12 statement from Google.”
I’m not an outspoken human rights activist so I’m not really sure why anyone in China would be interested in hacking my account. Given all this information, I’m actually flattered that some hacker asshole chose me, but I’m sure the process is more randomized than this.
I wonder if incidences of human right activist hacks are coincidences or if someone in China is actually targeting specific accounts linked to advocates of free speech. How could they really know? How could they choose a specific few from millions of Gmail accounts?
Though I was annoyed and baffled by the incident overall, I am actually glad that this happened to me. Without this experience, I might not be so particularly interested in global free speech issues exacerbated by the Internet, especially in regard to Google in other countries.
I hope that my story inspires you to think about this issue and also to BE MORE CAREFUL with Gmail and your online identity – check your recent activity (instructions here) at least once a day, just to make sure that no one else is logging into your account.
Further reading, recommended by my friend Jennifer (check out her new blog The Hyperlocalist, which is devoted to debunking the business of hyperlocal journalism):
from Remarks on Internet Freedom by Hillary Rodham Clinton
But the internet is a network that magnifies the power and potential of all others. And that’s why we believe it’s critical that its users are assured certain basic freedoms. Freedom of expression is first among them. This freedom is no longer defined solely by whether citizens can go into the town square and criticize their government without fear of retribution. Blogs, emails, social networks, and text messages have opened up new forums for exchanging ideas, and created new targets for censorship.
With the spread of these restrictive practices, a new information curtain is descending across much of the world. And beyond this partition, viral videos and blog posts are becoming the samizdat of our day.
As in the dictatorships of the past, governments are targeting independent thinkers who use these tools.
from Authority, Meet Technology: Will China’s Great Firewall Hold?
China aspires to be considered a trustworthy global economic leader, but plenty of companies doing business in that country share Google’s frustration at having to abide by different rules in the Middle Kingdom.
How will the China Internet skirmish shake out? What lessons or cautionary tales does China’s experience offer repressive governments and their tech-savvy opponents in places like Iran and Cuba? What, if anything, should the Obama administration do to keep the Web free, worldwide?
(Photo by 刘云天)
Censorship and cyber-sabotage suck ass!
Remember when Twitter crashed last summer? That was the Russians going after one dude — ONE DUDE — who disagreed with their policies on Georgia. So one guy disagrees with The Kremlin, and the whole Twitterverse suffers? Assholes!
The same goes for your hacked Gmail account. China and Google are playing this game of slap and tickle. In the meantime, you can’t conduct business via email AND you have to smooth over an intrusion that wasn’t your fault to begin with. Why? Because China — a nation of 2 billion people (or whatever) — can’t take criticism from a couple of Beijing University co-eds.
China and Russia need to chill out so that we can all get on with our cyber-lives.
(BTW, thanks for the shout out!)
i have a same experience today 29/06/2010,which google says suspicious activity on ur account,and it contain information that my mail accessed from australia, then i locate the ip address given with that, that shows some service provider form beijing,cn. i dont know how to inform about this to google,pls hit me a reply
yeah.. my gmail is hacked by chinese too.. -_-