The security of the Gmail email service is one of Google's top concerns. Gmail accounts are associated with all Google services and products, but one of the new security features - the blue authentication badge - is being actively exploited to impersonate a user.
In early May last year, Google introduced a blue verification badge in Gmail to combat fraud; For example: phishing attacks, where companies and organizations can register in the program to verify their identity. Once approved, Google Gmail will display a blue approval mark next to the company name to confirm its identity.
The idea is to help users distinguish between emails they receive from legitimate and spoofed sources while allowing the company to build trust in the brand.
But now the feature is being exploited as a security researcher (Chris Plummer) reveals that scammers have found a way to bypass Google's protection and get the blue certificate mark. Parcel delivery and supply chain management make it easier for them to find new victims via malicious emails.
There is most certainly a bug in Gmail being exploited by scammers to pull this off, so I submitted a bug which @google lazily closed as “won’t fix - intended behavior”. How is a scammer impersonating @UPS in such a convincing way “intended”. pic.twitter.com/soMq7KraHm
— plum (@chrisplummer) June 1, 2023
Spotting fake emails is easy as Chris Plummer posted an image showing email addresses made up of random letters and numbers ending in a UPS URL. However, if you hover over the blue authentication badge, a window will appear indicating that the message came from a source that appears to be legitimate, but has been verified and found to be fraudulent.
But this is not known. What vulnerabilities do scammers use to circumvent Google's security measures? But Plummer said something was wrong with Gmail's verification system.
Plummer reports that when Google reported the problem, it initially refused to acknowledge that it was serious, dismissing the report as "artificial and intentional" and claiming that the system was working as intended. But after Plummer tweeted about the issue, the company reconsidered and wrote to him apologizing for the initial reaction.
Plummer said Google responded as follows: “Again, we apologize for the confusion and understand that our initial reaction may have been frustrating. Thank you for getting us to take a closer look at this issue!”
Plummer noted that Google has now listed the bug as P1, which means it's a high priority on his security team's to-do list and that the work is still a work in progress.
when the going gets tough,
— plum (@chrisplummer) June 1, 2023
the tough get a tweet with 100,000+ views
thank you all. pic.twitter.com/tYiOD1zvpQ
How do you avoid this movement now?
Since we don't know when Google will release a fix for this issue, it's important to be careful with any Gmail messages you're currently receiving, especially if they come from addresses marked with a blue checkmark.
Here are some tips that may be helpful:
- Double check your email addresses. If you see a bunch of random letters, numbers, and symbols in an email address, that's your first clue that something fishy is going on.
- Check the email addresses again. Hackers can impersonate someone in the company, but you can catch errors like: replacing the letter "O" with a number "0" or an uppercase letter "l" with a single number "l" (that is, the letter "L").
Also, beware of emails asking you to share financial information: the ultimate goal of a phishing attack is twofold. Firstly, tricking the recipient into installing malware on their device without their knowledge, and secondly, tricking the recipient into entering their credentials, which is common in phishing attacks.
Therefore, if you receive a message asking you to enter personal or financial information, please do not process it and check the source first. Also, make sure that your bank does not ask you to confirm your data. Personal and financial data in e-mail - e-mail or SMS.
Of course, when using the Internet, remember the cardinal rule; Do not click on a link or attachment whose source you do not know, as this is one of the classic methods used by hackers to achieve their goals. , which consists of inserting malicious links in emails or attaching malicious files as it has the ability to hide malicious files inside files such as photos, videos, documents, documents, and so on. Which can be used to install malware on your device.