I’ve been using Gmail for over two years now, for a wide variety of reasons (like conversations and inbox archiving for instance). Apparently, so do a lot of domain owners, who woke up one day to find that their online properties were stolen.

Here’s a summary: a hacker manages to gain access to a Gmail account, just enough to modify its Filters. The end result is that any emails sent by the domain registrar—including ones sent due to a “Forgot my Password” request—are forwarded to the hacker. This allows said hacker to grab control of the domain, and demand money for its return.

Thanks to online WhoIS services, which reveal the owner of a website and their email, pulling it off seems relatively easy. I’m honestly not sure if Gmail really suffers from a security flaw, but you can check out the complete details here—and check your Gmail filters just to be safe. It takes only a few seconds after all.

Post from: The Gadget Blog