Chris Evans, Google's Information Security Engineer and Tech Lead, has rejected the Gmail vulnerability rumored widely that would cause domain thieves recently. After investigation, it is found that the cause was a rather simple phishing scheme that fooled domain's owners to visit fake websites such as "google-hosts.com" and collected usernames/passwords of Gmail accounts. After gaining the user credentials, the attacker set up mail filters specifically designed to forward messages from web domain providers and consequently gain the controls of the domains. There ...