GMail Users Warned Of Vulnerability

Uploaded on 2018-08-16 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

GMail users have been alerted about a new Google Mail feature which could be leveraged by online crooks to carry out a wave of scams, media reported.

The company, in April, unveiled its brand new design which introduced a clean new user interface and a swathe of new features including the ability to snooze a message, auto-generate smart replies and self-destruct emails in the brand new "Confidential Mode".

"It's the Confidential Mode which is at the centre of security fears," Express.co.uk reported on Saturday 21st July.

The Department of Homeland Security (DHS) reportedly issued an alert on the "potential emerging threat... for nefarious activity" with the Gmail redesign, the report said.

"We have reached out to Google to inform them of intelligence relevant to their services and to partner to improve our mutual interests in cyber security," Lesley Fulop, DHS spokesperson said.

Central to these fears was the new "Confidential Email" feature that can require users to click a link in order to access these messages.

If you're a Gmail user using the official Google Mail website, then the "Confidential Email" appears when you click to open it. It shows a date for when the content will expire and informs the users that the email can't be forwarded or downloaded.

However, its different if you're a Gmail user viewing the message as a third-party client or a non-Gmail user who receives a confidential email.

In those cases, instead of the message appearing in their browser, users have to click a button to view the email. And this is where the security fears lie.
With the Gmail redesign, scammers could send out fake versions of confidential email alerts and trick a user into entering sensitive details.

"The tech giant is committed to protecting the security of users' personal information and hence, had created "machine learning" algorithms to detect potential phishing scams that cyber criminals carry out," said Google spokesman Brooks Hocog.

Phishing scams are where cyber criminals try to trick victims into clicking on seemingly trustworthy links in order to steal sensitive personal information.

EconomicTimes

You Might Also Read: 

Secure Encrypted Email Platform PGP Is Not Secure:

Top Tips To Protect Email Accounts From Hackers:

 

« Cybersecurity In Self-Driving Cars
Hacking Your Holiday: Cyber Criminals Target Tourism »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Cyber Risk Agency

Cyber Risk Agency

Cyber Risk Agency is a cybersecurity consulting firm specializing in managing cyber risks for SMEs.

Security Brokers

Security Brokers

Security Brokers focus services and solutions with a focus on strategic ICT Security and Cyber Defense issues.

SBS CyberSecurity

SBS CyberSecurity

SBS CyberSecurity is a premier cybersecurity consulting and audit firm.

Silent Breach

Silent Breach

Silent Breach specializes in network security and digital asset protection. Services include Pentesting, Security Assessments, Incident Detection & Response, Governance Risk & Compliance.

NT Cyfence

NT Cyfence

CAT Cyfence is the IT Security services business unit of CAT Telecoms.

TCN

TCN

TCN is an advanced System Integrator and Infrastructure Company in Albania.

BlueFiles

BlueFiles

BlueFiles enables users to send encrypted files securely while maintaining full control over recipients, access periods, downloads, and printing.

SBD Automotive

SBD Automotive

SBD Automotive are specialists in automotive technology providing independent research and consultancy to help create smarter, more secure, better connected, and increasingly autonomous cars.

24By7Security

24By7Security

24By7Security are Cybersecurity & Compliance Specialists with extensive hands on experience helping businesses build a defensive IT Infrastructure against all cyber security threats.

Cythereal

Cythereal

Cythereal is the leader in predicting and preventing advanced malware attacks. Security Automation for the Overwhelmed Administrator.

MicroSec

MicroSec

MicroSec is a company specializing in IoT security. We focus on bringing enterprise grade security to IoT and embedded systems.

Alibaba Cloud

Alibaba Cloud

Alibaba Cloud is committed to safeguarding the cloud security for every business by leveraging a comprehensive suite of enterprise security services and products on the platform.

MailChannels

MailChannels

MailChannels protects companies against malicious email threats. Used by 750+ hosting providers around the world.

Lumifi

Lumifi

Lumifi provide end-to-end cybersecurity resilience solutions with a specialty in managed detection and response (MDR) services.

Harbottle & Lewis

Harbottle & Lewis

Harbottle & Lewis is a leading UK-based law firm focused on the Private Client and Technology, Media and Entertainment sectors.

DeXpose

DeXpose

DeXpose is a hybrid dark/deep web monitoring and attack surface mapping platform to help you find compromised data or exposed assets related to your organization way before threat actors.