Nevertheless, at Xecure Lab, we regularly scan our personal Gmail accounts too for APT emails (our XecMail has a plugin for it) and there were no signs of APT attacks in our record recently. Surprisingly, we had chance to witness this Google state-sponsored attackers warning message:
We speculated Google did the analysis not from "inside" by scanning the emails, e.g. looking for APT document exploit, but from "outside" by probably monitoring account login attempts involving known malicious sources or traffic protocols.
Anyway, we followed the Protect yourself now instructions, a few suggestions were given:
1. Watch out before you click a link.
2. Use a strong password.
3. Update software to the latest.
4. Enable 2-step verification.
Great, only the last one was something new at that moment, and we would like to give it a try.
With 2-step verification, Google will send SMS code to your phone when login sucessfully but with any strange device:
Oops, that means one has to repeat the above 2-step verification several times once a month, if not everyday. We also tried the "Call your phone" alternative instead of sending text, the call was from the phone number +1 (650) 353XXXX.
Lastly, when we changed the password in Google account, we'd have to go through the whole 2-step verification again. Right, a trade-off between security and convenience. ;-)