By: Caroline McCarthy | Source: news.zdnet.com

Google has acknowledged the presence of a phishing hole on its Public Service Search application and has blocked access to the service until the problem is fixed.

It has been noticed that the customizable code in Google’s Public Service Search, which enables nonprofit institutions like universities to install ad-free Google search functions on their Web sites at no cost, could be used to create a page hosted on the google.com domain.

Scammers could then use this to build fraudulent Google pages to lure people into handing over personal information. The problem is demonstrated by creating a false "Gmail Plus" page: When unsuspecting visitors to the page tried to use their Gmail password to log in, the site delivered a "You (could have) gotten served!" message.

Search giant Google confirmed the existence of the security hole in a statement posted on its blog. The company has temporarily disabled all login access to Public Service Search clients and has placed a moratorium on new sign-ups. The search functions on current clients’ Web sites, however, remain intact. According to Google, a temporary fix has been installed in the service, with a more permanent one in the works.

The Public Search Service phishing hole was particularly alarming because it used real Google URL, similar to the case of a PayPal Flaw found earlier this summer. Many safeguards against phishing depend on being able to identify a fraudulent domain posing as a legitimate one.

Phishing remains a growing online crime, despite attempts by major Web companies to curtail it with browser warnings and add-ons. Recent trends have shown that phishers are beginning to expand their horizons.

Spread the word: bookmark it/ readit

Source: instantposition.com

LINKS CHECKER TOOL

This tool will spider any URL and return the links found on that page with the anchor text used for those links. This is useful to validate the contents and number of links on any web page.

Try this tool at instantposition.com

Spread the word: bookmark it/ readit

By: Loren Baker | Source: searchenginejournal.com

Google AdSense seems to be letting select publishers serve Google AdSense ads in newsletters and mass commercial emailings. Test has been carried out by placing Google AdSense in Constant Contact powered emails and the ads were served and targeted almost perfectly.

So, if Google AdSense does work in HTML emails and Google has figured out ways to adjust AdSense click costs via Smart Pricing, why not just allow all email publishers the right to run AdSense ads?

Possibly because email spam is more out in the open on the Internet than AdSense powered Splogs and the public backlash against Google Ads in spam mails could be crippling.

On the other hand, a trusted email publisher working with the AdSense team to throw out some targeted mailings could lead to a new revenue stream for both Google and their Premium Publisher mail partners.

Oh yes, Google’s normal stance on AdSense in emails?

No Google ad or Google search box may be displayed on any domain parking websites, pop-ups, pop-unders, or in any email.

Spread the word: bookmark it/ readit