Gmail has an important protection feature that displays a blue seal next to secure email account addresses, but as discovered by cybersecurity expert Chris Plummer, scammers found a way to bypass verification and inserting the “check” symbol in your fraudulent messages.
Plummer disclosed the case on his Twitter after having his complaint ignored by Google. The expert identified a malicious sender pretending to be the UPS logistics company, but a possible bug in the verification system caused the address to be perceived as legitimate by Gmail. See the screenshot below:
Introduced last month, Gmail’s blue badges for verified accounts allow Gmail users to more easily recognize messages from legitimate companies, ensuring they are protected from malware and criminals.
For this, companies must undergo a verification step using systems such as BIMI (Brand Indicators for Message Identification), VMC (Verified Mark Certificate) and DMARC (Domain-based Message Authentication, Reporting, and Conformance), that guarantee the legitimacy of messages sent to clients.
Google, which at first denied Plummer’s complaint and defended that the service was “working as it should”, now acknowledges that this is a problem in the verification systembut has yet to provide details on what the source of the crash is.
The “blue badges” have become a key symbol on any web service. Especially due to its use on social networks, this element is seen by users as a way of attesting to the security and legitimacy of a personality or company on the internet. Failing this, people could be exposed to serious threats.
wfd-invisible=”true”>#wrapperApp {-webkit-box-shadow: 0px 0px 5px 1px rgba(0,0,0,0.23);-moz-box-shadow: 0px 0px 5px 1px rgba(0,0, 0,0.23);box-shadow: 0px 0px 5px 1px rgba(0,0,0,0.23);padding: 5px;background-color: white;display: flex;height:155px;}#appImage {width: 25% ;} #appLogo {width: 154px;height: 154px;}#appDetalhes {flex-grow: 1;padding-left:1px;}#name {font-size:150%;}#price, #developer, #size { font-size:80%;}#links{flex-grow: 1;padding-left:50px;}.storeImg {width: 35px;height: 35px;margin-right:3px;vertical-align:middle;}.storeImgWindows {width: 27px;height: 27px;margin-left:3px;padding-right:6px;vertical-align:middle;}.lojasdivs {margin: 5px;margin-bottom:10px;}.lojalinkmobile {margin-right: 6px ;}.lojas {margin-right:6px;margin-top:1px;}#lojasmobile{display:none;} @media only screen and (max-device-width: 480px) { #wrapperApp {height:auto;}# appDetails {padding-left:42px;}#lojasmobile {display:block;}#lojalinkmobile {font-size:85%}#name {pading-bottom:4px;margin-bottom:4px;font-size:110%;} #price, #developer, #size {display:none;}.stores{display:none;}.lojaImg {width: 19px;height: 19px;}.lojaImgWindows{width: 19px;height: 17px;}#appLogo {width : 115px;height: 125px;} }
class=”darkreader darkreader–sync” media=”screen” wfd-invisible=”true”>
