Today I saw an article from Computerworld on a Gmail flaw. Basically if you are logged into your Gmail account, then visit a compromised site it can let malicious folks add filters to your Gmail forwarding email or email with attachments to another place.
The lesson here. LOG OUT! When you are done with Gmail, or your Banking site, or any other site that deals with your private information and money. LOG OUT! Find the link on the page and click it BEFORE you do anything else. Particularly if it’s money related. Paul and Larry talked about the same issue over on Pauldotcom. They don’t visit any other site or check email while doing online banking. Then they log out, close their browser completely and open it again for normal browsing. Why not check email? Think how much email you get that acts like a web page (aka HTML Email). Those can cause exploits to run.
So remember. Safety first. When dealing with your private information and money. Do just that task then log out. To be extra safe close your web browser completely then open it again for less important web work. If you don’t log out your session can still be active until you restart your browser. All it will take is one spam email laden with an exploit for a popular service like Gmail or a major bank. Or even a targeted attack at folks who blog with wordpress. They could take over or spam your blog through your own logged in session. Then lots of people will wish they clicked those two words. Log Out.