Foreign Hackers Target Thousands of Gmail Users Every Month

For four years, Google has been notifying Gmail customers when they come under attack from hackers who may be working for foreign governments. The company has long remained vague about the the way it detects and identifies these hackers—“we can’t reveal the tip-off,” the company tells users—and about the number of notifications it routinely sends. Until now.

When these warnings were introduced, they appeared as thin red bars tacked to the top of users’ inboxes. But just a few months ago, Google redesigned the notifications to be considerably more in-your-face: Now, they take up the entire screen, announcing themselves with an angry red flag. “Government-backed hackers may be trying to steal your password,” the alert reads, advising users to enable two-factor authentication.

The new alert says that fewer than one in a thousand Gmail users are targeted by foreign hackers—but for a product with more than a billion active users, that could still be a really big number. (0.1 percent of 1 billion is 1 million.)

On Monday, Google provided its most precise estimate ever of the number of cyberattacks it detects that target Gmail users. Speaking at Fortune’s Brainstorm Tech conference in Aspen, Colorado, Google Senior Vice President Diane Greene said the company notifies 4,000 users each month of state-sponsored cyberattacks,Reuters reported.

Google began delivering notifications about state-sponsored hacking attempts long before its peers, but starting last year, Microsoft, Twitter, Facebook, andYahoo said they would send similar notifications to their compromised users as well.

Intelligence officials have repeatedly identified state-sponsored hacking as one of the foremost threats to the U.S. in speeches and congressional hearings. In a “worldwide threat assessment” delivered to the Senate Armed Services Committee last year, James Clapper, the director of national intelligence, said that cyberattacks are “increasing in frequency, scale, sophistication and severity of impact.”

The Justice Department has aggressively brought charges against several groups of state-sponsored hackers this year, adding two Syrians and seven Iranians to the FBI’s most wanted list for cybercrime in the span of weeks. With its campaign to “name and shame” the hackers, the FBI says it wants to hold countries that support hackers accountable.

Google’s notifications, like those of its peers, don’t name the country where the suspected cyberattacks come from. But if the notifications get recipients to change passwords and activate two-factor authentication, the hackers behind them could find their jobs getting a little harder.