Google recently introduced a new security feature, the Gmail checkmark system, which was found to have a critical flaw. This has led to Google issuing a security warning to their 1.8 billion Gmail users.
The checkmark system was introduced to help users identify verified companies and organisations through a blue checkmark, making it easier to distinguish legitimate emails from scams. However, cybercriminals have found a way to exploit this system, raising concerns about the security of Gmail.
. How hackers can exploit Gmail’s check mark verification and what it means for users
As reported by Forbes, a cybersecurity engineer named Chris Plummer found out that scammers were able to trick Gmail into thinking that their fake brands were real.Scammers have used a flaw in the checkmark system designed to build trust with Gmail users to their advantage, which could lead to users believing that the mail is from a trusted sender.
"The sender found a way to dupe Gmail's authoritative stamp of approval, which end users are going to trust. This message went from a Facebook account, to a UK netblock, to O365, to m.
At first, Google didn't believe Plummer's discovery and thought it was supposed to happen. But, after Plummer's tweets about the problem became popular, Google agreed that there was a mistake.
Initially, Google was unconvinced by Plummer's discovery and assumed it was intentional. However, after Plummer's tweets about the issue gained traction, Google reportedly acknowledged the mistake.
The company is said to have accepted their mistake to Plummer and assured him that a team was investigating it. They recognized the severity of the issue and made it a top priority by labeling it as a 'P1' fix.
Google says “sorry” for the confusion
"After taking a closer look, we realised that this indeed doesn't seem like a generic SPF vulnerability. Thus we are reopening this, and the appropriate team is taking a closer look at what is going on," Google said in a statement.
"We apologise again for the confusion, and we understand our initial response might have been frustrating, thank you so much for pressing on for us to take a closer look at this! We'll keep you posted with our assessment and the direction that this issue takes," the statement added.
As Google's recent warning highlights, it is important to remember that even advanced security features can have vulnerabilities. To ensure the safety and integrity of Gmail, ongoing vigilance is crucial, and users should be cautious when dealing with email communications.
Google recently introduced a new security feature, the Gmail checkmark system, which was found to have a critical flaw. This has led to Google issuing a security warning to their 1.8 billion Gmail users.
The checkmark system was introduced to help users identify verified companies and organisations through a blue checkmark, making it easier to distinguish legitimate emails from scams. However, cybercriminals have found a way to exploit this system, raising concerns about the security of Gmail.
.
How hackers can exploit Gmail’s check mark verification and what it means for users
As reported by Forbes, a cybersecurity engineer named Chris Plummer found out that scammers were able to trick Gmail into thinking that their fake brands were real.
Scammers have used a flaw in the checkmark system designed to build trust with Gmail users to their advantage, which could lead to users believing that the mail is from a trusted sender.
"The sender found a way to dupe Gmail's authoritative stamp of approval, which end users are going to trust. This message went from a Facebook account, to a UK netblock, to O365, to m.
At first, Google didn't believe Plummer's discovery and thought it was supposed to happen. But, after Plummer's tweets about the problem became popular, Google agreed that there was a mistake.
Initially, Google was unconvinced by Plummer's discovery and assumed it was intentional. However, after Plummer's tweets about the issue gained traction, Google reportedly acknowledged the mistake.
The company is said to have accepted their mistake to Plummer and assured him that a team was investigating it. They recognized the severity of the issue and made it a top priority by labeling it as a 'P1' fix.
Google says “sorry” for the confusion
"After taking a closer look, we realised that this indeed doesn't seem like a generic SPF vulnerability. Thus we are reopening this, and the appropriate team is taking a closer look at what is going on," Google said in a statement.
"We apologise again for the confusion, and we understand our initial response might have been frustrating, thank you so much for pressing on for us to take a closer look at this! We'll keep you posted with our assessment and the direction that this issue takes," the statement added.
As Google's recent warning highlights, it is important to remember that even advanced security features can have vulnerabilities. To ensure the safety and integrity of Gmail, ongoing vigilance is crucial, and users should be cautious when dealing with email communications.
0 Comments