Thursday, December 27, 2007

Hacked GMail Filters

If you, like I do, use GMail, then you need to do yourself a favor and check your filters. There was a vulnerability, which has since been fixed, that would allow a user to add a filter to your GMail account if a user visited a malicious website while logged into their GMail account. In this case, a filter was created to forward all e-mail from this users domain host to an account for the purpose of stealing his domain, which the hacker successfully did and then held his domain for ransom.
WARNING: Google’s GMail security failure leaves my business sabotaged
Now my domain name was being held to ransom, and the hacker was taunting me. What I had spent more than a year building into a sound marketing plan had been severed at the knees.
As I said, the vulnerability has been fixed, however, if the filter already exists in your account, then e-mail could still be leaving your GMail account without your knowledge. Do yourself a favor and check your filters today.

Powered by ScribeFire.

No comments: