This was expected to happen, sooner or later:
"The login information was contained in 15 URLs submitted through Google's Firefox toolbar, which lets users report Web pages they suspect to belong to phishing sites."
The good news is that "Google said it also has implemented a mechanism that detects when a submitted URL contains login data and prevents that information from getting posted to the list."
An interesting screenshot of sample data included to InfoWorld article as well. Personal information removed with black boxes by the Finjan, company behind the discovery: http://www.infoworld.com/archives/emailPrint.jsp?R=printThis&A=/article/07/01/22/HNgooglephishing_1.html |
I saw the file. 15 URL on hundreds. And when they said "login information", more than an half was just a parameter "&token="... Much buzz for nothing really serious. |
I read about this on Google Bad News, err TechCrunch. |
<< And when they said "login information", more than an half was just a parameter "&token="... >>
I saw this file recently before Google had been informed and many of the URLs had "username=" and "&password=" in the query strings. |
many, many... I don't think so. A really small percentage of the URL. And I think user changed their passwords after that, no? |
Well, that depends how you define "many" I guess. And I'm not sure whether the users changed their passwords... ;-) |
OK, so if I give you this URL: greatsite.com/nice.php?u=coolstuff&kk=78 &ps=verynice&borl=8yy9iyi7tu
would you guess that coolstuff is a Gmail ID and 8yy9iyi7tu is the password? |
One of the sample URL' is .../.boa/online_banking.html?AccessID=[removed by Finjan]...
It appears that user has enter his or hers credentials and submitted the URL to Google's database after this. Everything is possible in today's world. |