What is Google doing to protect millions of Gmail users?

Users will have the possibility to check who is receiving an email. (Unsplash)

Google He has a new verification system Email messageswhich seeks to confirm the identity of the sender of the message so that the user has certainty that he or she is receiving an official communication.

This badge comes at a time when impersonation attacks known as phishingup 50% in the last year, according to a Zscaler report, and that emails are one of the main attack methods.

The process for obtaining it is similar to that of networks such as Twitter And instagramWhere the company verifies the correctness of the information and provides verification with a blue check attached to the user’s name.

This new model was launched more than a month ago, and the company has already caught a first bug that a group made cyber criminals They were able to cheat badge acquisition procedures, communicate with users, and impersonate other companies.

Cybercriminals managed to verify a fake account.

“After taking a closer look, we realized that this, in fact, does not look like a generic vulnerability. Therefore, we are reopening the case and the relevant team is taking a closer look at what is happening, ”was Google’s response to Chris Plummer, the engineer who discovered the vulnerability.

A cybersecurity expert posted an image showing how criminals managed to obtain verification to impersonate UPS, a logistics company, and send messages to deceive users, despite the fact that the email address had obvious characteristics.

at the momentGoogle He confirmed that he was working to find a solution and that he would communicate with Plummer to inform him of the developments in the situation.

It may interest you: Cybercriminals Steal Gmail Data Through Chrome and Microsoft Edge

As is common with this type of badge, it is located right next to the sender’s name, from. Although in this case the profiles will not have to pay any subscription to get them.

See also  Eight cybersecurity tips to avoid losing mobile data this Easter

In addition to seeing a blue check, users will have the option to place their cursor over this icon to see a message confirming the profile’s official status, where criminals can place an icon that simulates verification.

Users will have the possibility to check who is receiving an email.

At the moment, this initiative is in the process of expanding, so only corporate accounts will receive verification and must be accepted before Google through the BIMI system.

This is the standard that companies must meet two security requirements. On the other hand, there is domain-based authentication, known as DMARC, which consists in preventing attackers from impersonating the brand or spoofing its domain. They will also need to get a brand logo approved through a country’s intellectual property registration process, which is only awarded to a legitimately formed organization.

It might interest you: Gmail will create entire emails and documents using artificial intelligence

platform Google It offers security tools to its users. One is to detect a malicious message and immediately send it to a file Spam emailsAvoid being notified of his arrival or being seen by the user on the homepage.

Steps to Report an Email These are the steps to follow

1. Go to Gmail from a computer or mobile device.

2. Open the malicious message.

3. Go to “Answer” and next to this option “More” call will appear, click on it.

4. A menu will be displayed and in it will be the Report Identity Theft box.

Lovell Loxley

"Alcohol buff. Troublemaker. Introvert. Student. Social media lover. Web ninja. Bacon fan. Reader."

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top