Gmail verification system: Last month, tech joint Google announced a new feature in Gmail in which a verified sign appears next to the sender’s name. With this, the person would know that the email has come from a verified place and the message sent can be trusted. This feature uses brand indicators such as VMC and DMARC to identify the sender.
Meanwhile, the news is that hackers have found a loophole in this feature and somehow they are easily getting blue ticks on Gmail by penetrating Google’s verified system. Chris Plummer, a cyber security engineer, shared a screenshot on Twitter in which he said that the sender somehow managed to bypass Google’s security system and get the blue tick to make his message appear authentic. The engineer also shared this information with Google. Although initially the company denied that there was any problem or bug in the verification. But later when this post went viral through Twitter, the company responded to the engineer and wrote that our team is investigating it.
There is most certainly a bug in Gmail being exploited by scammers to pull this off, so I submitted a bug which @google lazily closed as “won’t fix – intended behavior”. How is a scammer impersonating @UPS in such a convincing way “intended”. pic.twitter.com/soMq7KraHm
— plum (@chrisplummer) June 1, 2023
stay safe like this
- If you also ever receive a message on Gmail from a verified account and it says something to take immediate action like payment, address update or anything else, then ignore this mail and do not reply to it. Also, do not open those links which are given in the mail.
- Do check the sender’s email as well. If typos, extra symbols or strange domains are used in it, then understand that it is fake.
- Do not click on any unknown link. If the link or person looks familiar, then take any action directly by visiting the official website or call the person and get complete information about it first.
News Reels