GMail Users Warned Of Vulnerability

Uploaded on 2018-08-16 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

GMail users have been alerted about a new Google Mail feature which could be leveraged by online crooks to carry out a wave of scams, media reported.

The company, in April, unveiled its brand new design which introduced a clean new user interface and a swathe of new features including the ability to snooze a message, auto-generate smart replies and self-destruct emails in the brand new "Confidential Mode".

"It's the Confidential Mode which is at the centre of security fears," Express.co.uk reported on Saturday 21st July.

The Department of Homeland Security (DHS) reportedly issued an alert on the "potential emerging threat... for nefarious activity" with the Gmail redesign, the report said.

"We have reached out to Google to inform them of intelligence relevant to their services and to partner to improve our mutual interests in cyber security," Lesley Fulop, DHS spokesperson said.

Central to these fears was the new "Confidential Email" feature that can require users to click a link in order to access these messages.

If you're a Gmail user using the official Google Mail website, then the "Confidential Email" appears when you click to open it. It shows a date for when the content will expire and informs the users that the email can't be forwarded or downloaded.

However, its different if you're a Gmail user viewing the message as a third-party client or a non-Gmail user who receives a confidential email.

In those cases, instead of the message appearing in their browser, users have to click a button to view the email. And this is where the security fears lie.
With the Gmail redesign, scammers could send out fake versions of confidential email alerts and trick a user into entering sensitive details.

"The tech giant is committed to protecting the security of users' personal information and hence, had created "machine learning" algorithms to detect potential phishing scams that cyber criminals carry out," said Google spokesman Brooks Hocog.

Phishing scams are where cyber criminals try to trick victims into clicking on seemingly trustworthy links in order to steal sensitive personal information.

EconomicTimes

You Might Also Read: 

Secure Encrypted Email Platform PGP Is Not Secure:

Top Tips To Protect Email Accounts From Hackers:

 

« Cybersecurity In Self-Driving Cars
Hacking Your Holiday: Cyber Criminals Target Tourism »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Advent IM

Advent IM

Advent IM is one of the UK’s leading independent cyber security specialists, with a unique approach to providing holistic security management solutions.

CloudDNA

CloudDNA

CloudDNA deliver solutions that enable users and devices to connect over high performance, secure, efficient, scalable cloud networks.

HDI Global SE

HDI Global SE

HDI Global SE provides customised insurance solutions for industrial and commercial clients worldwide including Cyber Liability insurance.

Salient CRGT

Salient CRGT

Salient CRGT is a leading provider of health, data analytics, cloud, agile software development, mobility, cyber security, and infrastructure solutions.

Calian Group

Calian Group

Calian is a diverse Canadian company offering professional services in areas including Advanced Technologies, Health, Learning and IT & Cyber Solutions.

Coalition

Coalition

Coalition combines comprehensive insurance and proprietary security tools to help businesses manage and mitigate cyber risk.

Jumio

Jumio

Jumio’s end-to-end identity verification and authentication solutions fight fraud, maintain compliance and onboard good customers faster.

NetSecurity

NetSecurity

NetSecurity is a Brazilian company specializing in Information Security. We provide Managed Security Services (MSS), network security solutions and other specialist services.

Zerodium

Zerodium

Zerodium is the leading exploit acquisition platform for premium zero-days and advanced cybersecurity research.

Crypto Valley Association

Crypto Valley Association

Crypto Valley Association is an independent, government-supported association established to build the world’s leading blockchain and cryptographic technologies ecosystem.

Prompt

Prompt

Prompt supports the creation of partnerships and the setting up of industrial-institutional applied R&D projects for all ICT sectors.

Russell Reynolds Associates

Russell Reynolds Associates

Russell Reynolds Associates is a global leadership advisory and search firm with functional expertise in Digital Leadership, Data & Analytics, and Compliance.

Abu Dhabi Gov Digital

Abu Dhabi Gov Digital

Gov Digital (formerly Abu Dhabi Digital Authority - ADDA) enable, support and deliver a digital government that is proactive, personalised, collaborative and secure.

ISO WISH

ISO WISH

Take your Business to the Next Level with ISO Certification in UAE.

Queen Consulting & Technologies

Queen Consulting & Technologies

Queen Consulting & Technologies specialize in providing IT support, management, and Security to Gov’t Contractors, CPAs, and Nonprofits.

FatPipe Networks

FatPipe Networks

FatPipe’s network optimization solutions along with robust native security and SASE-based protection provides organizations all they need for super network performance and security.