With the advent of the new email standard Brand Indicators for Message Identification (BIMI) to Gmail in 2021, users have since been able to recognize when messages arrive from legitimate senders such as Paypal or eBay, among others, by their integrated logos as an avatar, compared to those that arrive from those who try to impersonate them. through increasingly complex impersonation techniques.
But online attacks are increasing to the point that more and more individuals and organizations have been subjected to attacks, leading to theft of user accounts in a variety of services.
The blue badge reaches legitimate messages in Gmail
To enhance security with email messages, and restore trust in legitimate messages, Google just announced that they will now begin to identify legitimate email message senders by adding a blue badge mark, similar to that of Twitter, next to those senders that have adopted the BIMI standard.
Google specifies that:
Strong email authentication helps users and email security systems identify and stop spam, and also allows senders to leverage your brand trust. This increases trust in email sources and gives readers an immersive experience, creating a better email ecosystem for everyone.
A deployment that will reach all users
The measure has begun to be rolled out to both Google Workspace customers and legacy G Suite Basic and Business customers, as well as free Google account users, who will begin to have it available in a maximum of three days, without having to nothing to do about it, since there will be no configuration on the user side.
On the administrators’ side, there are some resources both so that they are up to date on the news about BIMI and instructions for configuration in their organization, in addition to warning them that:
To take advantage of BIMI for your outbound emails to Gmail and other platforms, make sure your organization has adopted DMARC and has validated your logo with a VMC, issued by a certificate authority like Entrust or DigiCert.
This is one more measure of the many measures that Google has been implementing in recent years to keep users safe from any possibility of attack they may receive, especially when impersonation attacks are the order of the day.
More information: Google