This site uses cookies to improve your experience and to provide services and advertising. By continuing to browse, you agree to the use of cookies described in our Cookies Policy. You may change your settings at any time but this may impact on the functionality of the site. To learn more see our Cookies Policy.
#Open journalism No news is bad news

Your contributions will help us continue to deliver the stories that are important to you

Support The Journal
Dublin: 11 °C Wednesday 3 June, 2020

China may have been spying on Gmail accounts

Gmail users begin to see red banners on their pages warning them that IP addresses in China were attempting to log in.

Google's Chinese website,, has redirected all users attempting to make a search to the site for Hong Kong.
Google's Chinese website,, has redirected all users attempting to make a search to the site for Hong Kong.

GOOGLE HAS BEGUN placing striking red banners on the Gmail accounts of users who it believes were the subject of attempted logins by China.

Users affected by the attempted hi-jacking of the accounts have been met with a red banner at the top of the Gmail inbox, reading the IP address of the user attempting to log into the account:

Warning: We believe your account was recently accessed from: China (***.***.***.***).

The banner also advises the affected users to change their Gmail passwords.

Such prompts are not necessarily new: Google has offered users a prompt at the bottom of a user’s Gmail profile advising them of simultaneous logins elsewhere for over a year, while Facebook also warns users when people attempt to log into an account from another country, and asks them to suggest whether such a login may have been maliciously motivated.

However, Gmail’s move is the first time that Google users have been so significantly prompted about attempted logins into their accounts.

Furthermore, it seems that only Chinese login attempts appear to trigger the striking red bar – indicating that Google may believe the attempted logins are not from ordinary Chinese internet users, but rather from state agencies.

Researchers believe that a second wave of the attacks, known as the ‘Aurora attacks’, has kicked off within the last few weeks.

  • Share on Facebook
  • Email this article

About the author:

Gavan Reilly

Read next: