Google: The Recent Gmail Issue Not a Vulnerability, just Phishing
Article by George Norman
On 26 Nov 2008
The Gmail world kicked off this week with news of a vulnerability in the mail client which could allow an attacker, if he got his hands on your Gmail cookie, to set up certain filters (without your knowledge of course) which would automatically forward your incoming mail back to him. While the whole world speculated this to be a Gmail security vulnerability, Google has come out to say that it is not; this is nothing more than an elaborate phishing attack.

“Attackers sent customized e-mails encouraging web domain owners to visit fraudulent websites such as "google-hosts.com" that they set up purely to harvest usernames and passwords. These fake sites had no affiliation with Google, and the ones we've seen are now offline. Once attackers gained the user credentials, they were free to modify the affected accounts as they desired. In this case, the attacker set up mail filters specifically designed to forward messages from web domain providers,” say Chris Evans from Gmail.

Advertising

Once the issue came to light, the Google security team wasted no time in addressing it, since this is what Google does – fixes problems quickly. The thing is that as long as you follow a simple set of rules, you will stay safe online, which is crucial, especially if you consider that window of opportunity between the time a flaw, vulnerability or security issue is discovered and the time it is fixed.

After you have finished reading your mail, chatting, or composing outgoing mail, it is not enough to simply close the browser application. What you should do is log out. Do this every time you are not using your Gmail account.

This next one is a no-brainer, but you would not believe how many people are tricked by it: do not visit shady, unscrupulous sites. Go only for trustworthy sites that are not spreading malware or trying to steal your confidential info. Enable the “https-only” feature.

If you are using Firefox 3.0.4, make sure that the adequate security options are active: “Tell me if the site I’m visiting is a suspected attack site”, “Tell me if the site I’m visiting is a suspected forgery”. It might also prove wise to install a security add-on, something like NoScript.



Tags: Google, Gmail
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 17 Aug 2017
With the blockbuster movie season upon us, Sony decided to celebrate the occasion with a sale: the Attack of the Blockbusters Sale that offers discounts of up to 50% (60% if you’re a PlayStation Plus member) on a ton of PS4 video games.
By George Norman on 17 Aug 2017
Samsung’s new T5 portable solid-state drive (PSSD) uses the latest 64-layer V-NAND technology, offers between 250GB and 2TB of storage capacity, has a lightweight and shock-resistant design that’s smaller than the average business card, and delivers industry-leading transfer speeds of up to 540 MB/s.
Related News
By George Norman on 03 Apr 2017
Any other day of the year, Google is a serious and focused company that doesn’t mess around. But on April 1st, all seriousness goes out the window and Google shows that it has a fun side and that it loves to pull pranks.
By George Norman on 17 May 2017
Google once again drew our attention to the fact that the way people watch TV is fundamentally changing. This time, Google highlighted the fact that watching YouTube on a TV screen is on the increase, with 2 out of 3 YouTube viewers saying that they watch YouTube on their TVs.
By George Norman on 21 Jun 2017
Fidget spinners, the toys that the internet loves to hate, have managed to grab Google’s attention. The search engine is offering a virtual fidget on desktop as well as mobile. Simply search for "spinner" and Google Search will bring up a fidget spinner quick answer card.
By George Norman on 27 Apr 2017
The new McAfee has a new mobile app to offer: McAfee Mobile Booster (Boost & Clean). But since the new McAfee isn’t really new, neither is this mobile app. So to get things started, the first important...
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
Google: The Recent Gmail Issue Not a Vulnerability, just Phishing
HTML Linking Code