Gmail 'vulnerability' revealed as phishing scam
Published: 27 Nov 2008 12:52 GMT
Reports that a purported Gmail vulnerability was being used by unauthorised third parties to hijack domains turned out to be nothing more than a phishing scam, Google announced on Tuesday.
The alleged vulnerability reportedly allowed an attacker to set up filters on users' email accounts without their knowledge, according to a proof of concept posted on Sunday at the blog Geek Condition. In the post, Geek Condition's 'Brandon' wrote that the vulnerability had caused some people to lose their domain names registered through GoDaddy.com.
However, after consulting those who claimed to be affected by the so-called vulnerability, Google determined they were victims of a phishing scam. Google information security engineer Chris Evans explained in a blog: "Attackers sent customised emails encouraging web-domain owners to visit fraudulent websites such as 'google-hosts.com' that they set up purely to harvest usernames and passwords.
"These fake sites had no affiliation with Google, and the ones we've seen are now offline. Once attackers gained the user credentials, they were free to modify the affected accounts as they desired."
A Google representative contacted ZDNet UK's sister site, CNET News.com, early on Monday to confirm the company was trying contact 'Brandon' to get more information on his claim, but there was no word whether that blogger helped Google arrive at its conclusion.
While this security breach was apparently unrelated to Gmail's operation, Google reminded users to enter Gmail sign-in credentials only at web addresses starting with "https://www.google.com/accounts", and not to ignore warnings their browsers may raise regarding certificates.
Did you find this article useful?
3 out of 3 people found this useful
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
