Hotmail user swamped with thousands of unwanted emails, after Gmail goes down

Graham Cluley
Graham Cluley
@

 @grahamcluley.com
 @[email protected]

Email floodIf you think you receive a lot of unwanted email each day, spare a thought for Hotmail user David S. Peck of Fresno, California.

He’s the owner of an email account that received thousands of unwanted messages, as Gmail went down for a few hours last week.

As Sarah Perez from TechCrunch reported, a bizarre glitch in Google’s search results meant that users hunting for Gmail could find themselves sending an email to Peck’s Hotmail address instead.

Hotmail user receives a lot of email from Gmail users

Sign up to our free newsletter.
Security news, advice, and tips.

(I have deliberately obscured and not included Peck’s Hotmail email address in this article – I suspect he doesn’t need his details appearing any more widely on the web).

Clicking on the “Email” link in the Google search results for “Gmail” took Gmail users directly to a compose message form, pre-filled with Peck’s Hotmail address.

In time, Google confirmed that the bizarre bug was not related to the downtime which affected Gmail and Google Plus on Friday, but the timing seems unfortunate. Especially for David S Peck, who says he received thousands of unwanted messages.

Meanwhile, during the Gmail outage, rival Yahoo was hardly covering itself in glory.

Someone in the Yahoo social media time clearly thought it would be a good idea to cheekily tweet an image of the error page that Gmail users were seeing as they attempted to access their email during the outage.

Yahoo tweets about Gmail outage

Gmail is temporarily available

It clearly wasn’t an accident, as Yahoo tweeted the same message four times in rapid succession.

Twitter users were far from impressed, viewing Yahoo’s tweet as a cheap shot against its webmail rival.

https://twitter.com/lauraolin/statuses/426801926710525952

And, of course, it didn’t go unmentioned that Yahoo has had its own fair share of snafus with its email system, and that Yahoo CEO Marissa Mayer was previously a high profile executive at Google.

Clearly realising that it had made a social media blunder, Yahoo deleted the offending tweet and posted an apology to its peers at Google.

Yahoo apologises for Gmail tweet

Earlier today, a tweet that reflected bad judgment was posted and has been deleted. We apologize to @Google and the @Gmail team.

It clearly was a silly thing to do. The internet has a long memory, and next time Yahoo has a problem with its infrastructure it would hope that its competitors would show better grace than it exhibited on this occasion.

People who live in glass houses shouldn’t throw stones.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "The AI Fix" and "Smashing Security" podcasts. Follow him on Bluesky, Mastodon, and Threads, or drop him an email.

One comment on “Hotmail user swamped with thousands of unwanted emails, after Gmail goes down”

  1. the JoshMeister

    It wasn't just Yahoo! being distasteful. Maybe the tech press didn't notice, but AOL's social media team was being pretty harsh about the Gmail outage. Take a look at pretty much every tweet and retweet from @AOLMail that day. See also tweets like this one from @AOL (which, of course, was retweeted by @AOLMail):

    "Why was AOL trending on Twitter today? Find out: aol.it/1mT26x7 #ClaimYourName"
    https://twitter.com/AOL/status/426867086334636033

    The aol.it shortcut redirects to an aol.com page featuring various tweets about the Gmail outage and about how AOL Mail was working fine.

    Yeah, working fine, as long as you don't care about security. Here we are, several years after Firesheep, and AOL still doesn't give you HTTPS Web-based mail by default. There's not even a setting to enable it. No, you have to know about one of the secret URLs for its beta services (which change occasionally, so you have to keep track of them). I'm probably one of a handful of people on the planet who actually knows or cares, but here are the only current URLs that provide full HTTPS for the entire e-mail session:

    https://beta.mail.aol.com
    https://login.altomail.com/login/signin

    But there's an important caveat: On mobile devices (e.g. Safari on iOS) the first URL redirects to HTTP after the initial login (d'oh!), and the second URL doesn't work at all. AOL has promised that Alto would come to mobile eventually, but I'll believe it when it happens. As of right now, the most secure way to access your AOL mail on a mobile device is to set up IMAP over SSL in an e-mail client app:

    http://help.aol.com/help/microsites/microsite.do?cmd=displayKC&externalId=73332

    I've been tracking AOL's lack of default Webmail security for years. Here's an article I wrote back when the beta project du jour was "Project Phoenix" (now defunct—killed by an executive when someone else left the company, so I've heard from a well-placed source inside the company):

    http://security.thejoshmeister.com/2011/02/aol-project-phoenix-beta-still-lacks.html

    ~Josh
    https://twitter.com/theJoshMeister

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.