Archive for January, 2008

Google fixes phishing bug

Friday, January 18th, 2008

Google recently fixed their “open redirector” in Google Maps, used by “phishing” sites to make attack URLs appear to be Google URLs.

PhishTank then marked the exploits formerly using it as “off line”, and SiteTruth automatically upgraded Google’s rating from to Do not enter to .

The number of major sites with security vulnerabilities exploited by phishing attacks has dropped from 171 problem domains in early December 2007 to only 54 domains today. We’ve been talking to PhishTank, the Anti-Phishing Working Group, the press, and some of the vulnerable sites to focus attention on this problem. It’s on its way to being solved.