Vulnerability in Gmail can help with theft of domains

Recently in the Internet there was an information that vulnerability in Gmail service which was considered for a long time already eliminated, actually is not eliminated completely. Therefore your account can become a potential victim of theft and harmful attacks. About presence of this vulnerability it became known in December, 2007 when David Airey has suffered from theft of his own web site. Later Google has declared that the problem has been solved, however, seemingly, it still exists. Problems begin when you enter into your Gmail account and then visit a harmful web site. It is not important, whether you click on the link from the account or not, the harmful site in any case is capable to get access to your internal “identification cards”.

For this purpose the site steals from you a certain cookie-file, and further without your participation creates inquiry to Gmail, resolving to service to create the filter for your account. Last redirects your electronic emails to the other mailbox. And the filter gets access not only to electronic letters already received by you, but also to all letters in the future. In a case if in parametres Gmail is specified to use your contact data for any domain registration your domain also can steal and keep before repayment reception. Tools of restoration of an account and password reinstallation on your account that occurs without your permission and the permission are for this purpose used.

You may ask, how to struggle with it? Check up filters of the mailbox and be convinced that IMAP it is switched off. Do not use Gmail as the a contact box for reception/sending of the important information. Also it is necessary for you to change input parametres in all important boxes which at you can be. Registering the domain, be convinced that have passed to private registration.

Do not open the link in emails, be not convinced yet of the person of the one who has sent them. Other idea of struggle consists in enciphering of connection of your browser. The given possibility can be included on the main page of options of your account in Gmail. Also under some data users Firefox can download expansion NoScript which reduces probability to become a victim of such attacks. Unfortunately, researches Google yet have not revealed vulnerability presence in Gmail. Therefore, while you should be protected independently.

Bookmark this page

Related posts

• Windows 7 UAC vulnerability (0)
• The USA are not ready for a cyberwar (0)
• The USA and Lithuania unite against cyber criminals (0)
• The critical error in Microsoft Word (0)
• Security patches for Adobe Flash Player (0)