Site icon Liquidmatrix Security Digest

Flaw Turns Gmail Into Spamming Machine

Uh boy. The spammers are at it again.

From CNET:

A “serious security flaw” in Gmail turns Google’s e-mail service into a spamming machine, according to a recent security report.

INSERT, the Information Security Research Team, has created a proof of concept that exploits the “trust hierarchy” that exists between mail service providers. By exploiting a flaw in the way Google forwards messages, a spammer can send thousands of bulk e-mails through Google’s SMTP service, bypassing Google’s 500-address bulk e-mail limit and identity fraud protections.

The report notes that with the rising volume of spam, e-mail providers have turned to whitelists and blacklists to help root out IP addresses of known spammers. Because, Gmail falls into the trusted whitelist category, messages are allowed “carte blanche” to bypass spam filtering.

So, that’s why I’ve won so many lotteries that I never entered 🙂

Article Link

Exit mobile version