Google dismisses Gmail flaw as phishing scam
Thursday, November 27, 2008
Google has debunked claims that a critical security flaw had resulted in Gmail users losing their accounts.
On the company's security blog, it was reported that while reports had circulated that a flaw in the way that account registration requests from third party sites are handled had resulted in consumers being locked out of their accounts, investigation had shown that users had in fact been targeted in a phishing scam.
"Attackers sent customized e-mails encouraging web domain owners to visit fraudulent websites such as "google-hosts.com" that they set up purely to harvest usernames and passwords," a representative for the search giant stated.
It was added that the sites had no affiliation with Google and all those identified had since been taken offline.
To ensure continued email security, the firm urged people to make sure all sessions were conducted over HTTPS.
In other recent announcements, Google security researcher Oliver Fisher has pointed out that while some sites may be trusted and seemingly benevolent, search results may still flag them as insecure if it is thought that the site has been compromised by malware.
Related News:
FBI: Law firms and PR agencies high on hacker target lists - 11.18.2009
Using complex email scams, cyber criminals are increasingly targeting sensitive information held by law firms and public relations companies, according to an FBI advisory released earlier this month.
Phishing email takes numerous forms - 11.17.2009
The practice of impersonating authoritative websites and sources in order to convince victims to divulge personal information - known as phishing - has come a long way from the Nigerian "419" scams that popularized the technique in the public mind. Modern phishing is becoming increasingly dangerous in part because attacks can come from a variety of sources.
Email filtering technology working overtime, but spam won't go quietly - 11.16.2009
While modern email filtering systems can block 95 to 99 percent of spam messages, according to Tech Target, mountains of unsolicited email are still delivered every day, accounting for the vast majority of all emails sent.
Phishing scam targets investors, spoofs finance agency - 10.9.2009
The Financial Industry Regulatory Agency (FINRA), an independent regulator of brokerages, is warning investors that they may be targeted by a phishing scam through emails claiming to come from the agency.
Phishing scammers leak Windows Live Hotmail passwords to web - 10.6.2009
Hackers posted thousands of passwords from Windows Live Hotmail email accounts to a website over the weekend, in what Microsoft said was the result of a phishing campaign targeting the free webmail service.
|
