Recently, there were concerns that a Gmail exploit may allow attackers to forward e-mail.
Google security engineer Chris Evans explained in a blog post that Google "mounted an immediate investigation" after the recent speculation but "results indicate no evidence of a Gmail vulnerability". With help from Gmail users Google has determined that the cause was a phishing scheme, a common method used by malicious actors to trick people into sharing their sensitive information.
Evans explains "Attackers sent customized e-mails encouraging web domain owners to visit fraudulent websites such as "google-hosts.com" that they set up purely to harvest usernames and passwords. These fake sites had no affiliation with Google, and the ones we've seen are now offline. Once attackers gained the user credentials, they were free to modify the affected accounts as they desired. In this case, the attacker set up mail filters specifically designed to forward messages from web domain providers."
Phishing attacks are becoming increasingly popular and security researchers believe social networking sites like Facebook are ideal for phishing.