This article was published 15 years ago

Google says security flaw in Gmail does not exists domain was hijacked on November 2. The site admin is convinced that their domain was hijacked through a security flaw in GMail because they use Gmail as their email provider.

I wasn’t planning to publish anything about the incident or cracker (person who steals domains) and how he managed to pull it off unless I was completely sure about it myself. I had a good feeling it was a Gmail security flaw but wanted to confirm it before posting anything about it on MakeUseOf. We love Gmail and giving them bad publicity is not something we would ever want to do.

So why write about this now then?

Several things have happened in the last two days that have made me believe that Gmail has a serious security flaw and everyone should be aware about it. Especially during the times when individuals like Steve Rubel tell you How To Make Gmail Your GateWay To The Web. Now, don’t get me wrong here, Gmail is an AWESOME email program. The best probably. The problem is that it might not be a reliable one when it comes to security. That being said, it doesn’t necessarily mean that you will be better off with Yahoo or Live Mail.

Google conducted an investigation into the incident and concluded that the domain were hijacked by other means and not through a security flaw in Gmail.

“With help from affected users, we determined that the cause was a phishing scheme, a common method used by malicious actors to trick people into sharing their sensitive information,” Evans wrote. “Attackers sent customized emails encouraging web domain owners to visit fraudulent websites such as “” that they set up purely to harvest usernames and passwords.”

Another reason not to click on email that your not familiar with.