After almost three years of continued harping by the security community, too many 'Web Based Email' (WebMail) providers are -still- vulnerable to very well documented[1] security flaws, specifically, the 'Referer Bug'.