A posting on GeekCondition.com Nov. 23 warned of a flaw allowing attackers to force Gmail users to create a malicious message filter without their knowledge. As a result, the post said, attackers could hijack messages sent to a victim’s Gmail account by redirecting messages into the trash and forwarding copies to the attacker.
Google, however, explained that the source of the problem was not a flaw in Gmail, but a phishing scheme in which attackers sought to lure Web domain owners to rogue sites so their information could be stolen.
“Attackers sent customized e-mails encouraging Web domain owners to visit fraudulent Web sites such as ‘google-hosts.com’ that they set up purely to harvest user names and passwords,” Chris Evans, an information security engineer, posted on Google’s security blog.
“These fake sites had no affiliation with Google, and the ones we’ve seen are now offline,” Evans wrote. “Once attackers gained the user credentials, they were free to modify the affected accounts as they desired. In this case, the attacker set up mail filters specifically designed to forward messages from Web domain providers.”
Only a small number of users were affected by the scheme, a Google spokesperson said.