Home » Technology » Scammers have discovered a way to violate Gmail’s blue verified checkmark protection

Scammers have discovered a way to violate Gmail’s blue verified checkmark protection


The point of trusting online sources and apps is complicated as much as we try to keep ourselves aware and safe, but these scammers still find the latest tools and techniques to barge into our sensitive information. Because of this, businesses have long worked to create tests that are simple to understand and can be used quickly to confirm an individual’s online identity, like the tiny blue checkmarks you can find next to confirmed senders in your Gmail inbox. Unfortunately, it appears that at least a few dishonest people have managed to take advantage of Google’s technology.

With technologies like BIMI (Brand Indicators for Message Identification), VMC (Verified Mark Certificate), and DMARC (Domain-Based Message Authentication, Reporting, and Conformance), Gmail gives businesses and organizations the ability to confirm their identity. Gmail will start displaying a company’s logo and that blue checkmark next to its name once it has gone through the necessary hoops to demonstrate that it is who it claims to be.

As observed by cybersecurity engineer Chris Plummer, some bad actors have found a way to violate the boundary of Google’s protection and make the message look like it came from an original source.

Plummer was troubled by what he learned, so he contacted Google to alert the corporation to this obviously problematic scenario. However, when he did, his bug report was promptly dismissed with the explanation that this was somehow “intended behavior.” Because that response didn’t pass the smell test, Plummer vented his concerns on Twitter. The reaction on social media to what he had to say was negative, and it was significant enough to reportedly cause Google to reconsider its initial rejection.

Now that Google is in charge, we’re cautiously optimistic that the issue that led to this attack will be rapidly found and fixed. Although it doesn’t look good that Plummer had to virtually drag Google into taking this seriously, we’re just satisfied by the way the company is involved in resolving the issue.

Lucia Coleman

I’m a communication enthusiast and junior editor-reporter at Research Snipers, I have completed a degree in Mass Communication but am very enthusiastic about new technology, games, and mobile devices. I have the main interest in Technology and games.

2 thoughts on “Scammers have discovered a way to violate Gmail’s blue verified checkmark protection

Leave a Reply