Technology

Scammers have discovered a way to violate Gmail’s blue verified checkmark protection

The point of trusting online sources and apps is complicated as much as we try to keep ourselves aware and safe, but these scammers still find the latest tools and techniques to barge into our sensitive information. Because of this, businesses have long worked to create tests that are simple to understand and can be used quickly to confirm an individual’s online identity, like the tiny blue checkmarks you can find next to confirmed senders in your Gmail inbox. Unfortunately, it appears that at least a few dishonest people have managed to take advantage of Google’s technology.

With technologies like BIMI (Brand Indicators for Message Identification), VMC (Verified Mark Certificate), and DMARC (Domain-Based Message Authentication, Reporting, and Conformance), Gmail gives businesses and organizations the ability to confirm their identity. Gmail will start displaying a company’s logo and that blue checkmark next to its name once it has gone through the necessary hoops to demonstrate that it is who it claims to be.

As observed by cybersecurity engineer Chris Plummer, some bad actors have found a way to violate the boundary of Google’s protection and make the message look like it came from an original source.

Plummer was troubled by what he learned, so he contacted Google to alert the corporation to this obviously problematic scenario. However, when he did, his bug report was promptly dismissed with the explanation that this was somehow “intended behavior.” Because that response didn’t pass the smell test, Plummer vented his concerns on Twitter. The reaction on social media to what he had to say was negative, and it was significant enough to reportedly cause Google to reconsider its initial rejection.

Now that Google is in charge, we’re cautiously optimistic that the issue that led to this attack will be rapidly found and fixed. Although it doesn’t look good that Plummer had to virtually drag Google into taking this seriously, we’re just satisfied by the way the company is involved in resolving the issue.

Recent Posts

Google Health: A bug is currently really annoying Pixel Watch users

An annoying software error is currently plaguing many owners of the Google Pixel Watch. The…

13 hours ago

Pixel Watch 5: Leak shows the design of the new Google smartwatch in advance

After the new Google smartphones in the Pixel 11 series, official marketing images of the…

13 hours ago

Epson is in court: first lawsuit over planned obsolescence

A French consumer protection association is taking Epson to court. The accusation is of planned…

13 hours ago

EU brings Meta to its knees: ChatGPT is running again in WhatsApp chat

After a months-long exclusion by the Facebook group Meta, the well-known AI chatbot ChatGPT has…

13 hours ago

Good news for Windows 11: Microsoft is banning advertising from search

Microsoft is fundamentally redesigning the search in Windows 11. The operating system loses advertising, forced…

13 hours ago

iOS 27 public beta is here: Apple starts the test phase for all iPhone users

Interested users can now install the first public beta version of iOS 27 on their…

13 hours ago