GMail backdoor patched, time to check your filters
![ryan-naraine.jpg](https://www.zdnet.com/a/img/resize/58705b1ab848cb0209d7d7d504dffaab176d93aa/2014/07/22/4b4e2273-1175-11e4-9732-00505685119a/ryan-naraine.jpg?auto=webp&fit=crop&frame=1&height=192&width=192)
The cross-site request forgery exploit, discovered and partially disclosed by GNUCitizen's Petko D. Petkov, gave attackers an easy way to plant GMail filters to forward incoming mail to a third-party (hacker-controlled) e-mail address.
Even after Google's fix, GMail users are strongly encouraged to check their filter lists because the patch does not remove the rigged filter.
[ SEE:Bullseye on Google: Hackers expose holes in GMail, Blogspot ]
Remember, GMail filters are not the same as labels, which appear on the left pane of the GMail interface.
First, click on Settings in the top-right corner and then the Forwarding and POP tab to ensure that e-mail forwarding is either disabled or not hijacked to send your e-mail elsewhere.
Then, in the Filters tab, look carefully for any strange filter that may compromise your mailbox.