Gmail exploit lets attackers forward your email to them

Gmail exploit lets attackers forward your email to them

Summary: Philipp Lenssen spotted a post by Brandon at GeekCondition that explains the general idea behind an attack that can be used to set up filters in your Gmail account without your knowledge. It's important to be aware of these kind of things so you can better protect yourself.

SHARE:

Philipp Lenssen spotted a post by Brandon at GeekCondition that explains the general idea behind an attack that can be used to set up filters in your Gmail account without your knowledge. It's important to be aware of these kind of things so you can better protect yourself.

In order for this to work, someone has to first steal your Gmail cookie -- bad guys are always looking for new ways to do this, and according to Brandon, there is at least one (but probably several) outstanding methods that can be used to get your cookie.

As long as you practice safe browsing techniques, the risk of your Gmail account being compromised is significantly lower. Here are some things you can do to protect yourself.

  1. When you aren't using your Gmail, log out. Staying logged in is handy, but it makes these kind of attacks possible.
  2. Don't visit websites you don't trust. That sounds pretty obvious, but it's just as important as making sure your Gmail account is logged out when you're not using it.
  3. Use NoScript if your browser is Firefox. This adds an additional (and very powerful) layer of security between you and the bad guys. There's nothing similar for Internet Explorer or Google Chrome that I'm aware of.

It's important to note that these problems aren't limited to Gmail -- any website that uses cookies to authenticate requests can be taken advantage of the same way. Taking the security measures above will help protect all your online accounts too.

Topics: Collaboration, Browser, Cloud, Google

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

6 comments
Log in or register to join the discussion
  • What about timeouts?

    Shouldn't the values in the cookie become invalidated after a certain period of time? Seems obvious to me. Especially for users who enabled the SSL only feature.

    I'm not talking about the cookie expiring, I mean whatever it is using to "authenticate" you.

    Google needs to start learning the tricks from the banks.
    T1Oracle
  • Ok....what does this have to do with Gmail???

    This is cookie hijacking. There are much more dangerous things you can do with this than forward email. You can get into someones bank account before the session times out...or their credit card accounts.

    What does this have to do with Gmail specifically?
    storm14k
  • RE: Gmail exploit lets attackers forward your email to them

    On a hotel open access i had my Yahoo address book hijacked, used to send a spam to all my friends and then erased. I've seen other reports of the same thing. Spam directed you to a "good website" that 's s chinese electronics store address that's reportedly a scam.
    mikebrinn
  • RE: Gmail exploit lets attackers forward your email to them

    Use Outlook as your Gmail client
    tenrun@...
  • RE: Gmail exploit lets attackers forward your email to them

    Use Outlook as your Gmail client?
    tenrun@...
  • RE: Gmail exploit lets attackers forward your email to them

    Just fyi, it looks like this was due to phishing, not
    any flaw in Gmail. The Gmail team posted more info
    here:
    http://googleonlinesecurity.blogspot.com/2008/11/gmail
    -security-and-recent-phishing.html
    MattCutts