Reports earlier this week that a Google GMail “vulnerability” was being used by cyber criminals to hijack domains have been revealed to be part of a scam, themselves.

Google engineer Chris Evans explains, in a Google Online Security Blog post:

“With help from affected users, we determined that the cause was a phishing scheme, a common method used by malicious actors to trick people into sharing their sensitive information. Attackers sent customized e-mails encouraging Web domain owners to visit fraudulent Web sites such as google-hosts.com that they set up purely to harvest usernames and passwords. These fake sites had no affiliation with Google and the ones we’ve seen are now offline. Once attackers gained the user credentials, they were free to modify the affected accounts as they desired.”

It’s just one more example of how cyber crooks are getting more and more sophisticated in their ploys to steal from us. And, as such, it’s another warning that we all need to keep our eyes wide open for suspicious stuff when engaging in any online activity.

Leave a Reply