Google Gadgets can be misused
The domain used to host small Google Gadget applications written by Web developers could be misused by phishers, reports InfoWorld quoting a Web security researcher.
By INDIATIMES NEWS NETWORK |
SAN FRANCISCO: The domain used to host small Google Gadget applications written by Web developers could be misused by phishers, reports InfoWorld quoting a Web security researcher.
Google Gadgets are little programmes that gather information on the Web and then display them on multiple Web pages. They are used to give Webmasters an easy way to display everything from sports scores to astronomical data on their sites.
According to researchers, these programmes can also be misused by phishers to get around anti-phishing filters. Attackers could create a phishing site on the gmodules.com domain and then send that URL to victims. Since Google's gmodules.com domain is trusted by anti-phishing filters, victims might land up on the phishing site without being warned by their browser's filtering software.
Security researcher Robert Hansen told InfoWorld that he reported the issue to the company's security team, however, he was told that what he sees as a flaw is simply part of the site's expected behavior.
Google Gadgets are little programmes that gather information on the Web and then display them on multiple Web pages. They are used to give Webmasters an easy way to display everything from sports scores to astronomical data on their sites.
According to researchers, these programmes can also be misused by phishers to get around anti-phishing filters. Attackers could create a phishing site on the gmodules.com domain and then send that URL to victims. Since Google's gmodules.com domain is trusted by anti-phishing filters, victims might land up on the phishing site without being warned by their browser's filtering software.
Security researcher Robert Hansen told InfoWorld that he reported the issue to the company's security team, however, he was told that what he sees as a flaw is simply part of the site's expected behavior.
Download
The Economic Times Business News App for the Latest News in Business, Sensex, Stock Market Updates & More.
The Economic Times Business News App for the Latest News in Business, Sensex, Stock Market Updates & More.
Download
The Economic Times News App for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.
The Economic Times News App for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.
ADVERTISEMENT
