May 7, 2024

Report Wire

News at Another Perspective

Gmail bug alert: Cybersecuirty engineer discovers bug allowing spammers to bypass security look at

2 min read
11 months ago

Google rolled out blue verified checkmark to Gmail accounts that acts as a safety commonplace, allowing prospects to tell apart between the true and phishing emails. Sadly, scammers have managed to surpass the protection look at, convincing Google that their account is precise. Chris Plummer, a security architect at Dartmouth Health has discovered a bug in Gmail to dupe Google’s authoritative stamp of approval, lastly making end prospects think about that the e-mail deal with is actual.

In a Twitter thread, Plummer writes “There is most truly a bug in Gmail being exploited by scammers to tug this off, so I submitted a bug which @google lazily closed as ‘won’t restore – supposed conduct’. How is a scammer impersonating @UPS in such a convincing methodology ‘intended’.”

There is most truly a bug in Gmail being exploited by scammers to tug this off, so I submitted a bug which @google lazily closed as “gained’t restore – supposed conduct. How is a scammer impersonating @UPS in such a convincing methodology “supposed. pic.twitter.com/soMq7KraHm

— plum (@chrisplummer) June 1, 2023

“The sender found a method to dupe @gmail’s authoritative stamp of approval, which end prospects are going to perception. This message went from a Facebook account, to a UK netblock, to O365, to me. Nothing about that’s legit. Google merely doesn’t want to deal with this report in truth,” he says.

Now, Plummer reported his discovery to Google. The tech giant, initially, dismissed his discovery as ‘intended behaviour’. But as the tweet went viral, Google acknowledged the error and said:

“After taking a closer look we realized that this indeed doesn’t seem like a generic SPF vulnerability. Thus we are reopening this and the appropriate team is taking a closer look at what is going on. We apologize again for the confusion and we understand our initial response might have been frustrating, thank you so much for pressing on for us to take a closer look at this! We’ll keep you posted with our assessment and the direction that this issue takes. Regards, Google Security Team”.

Plummer says that Google has listed the flaw as a ‘P1’ (excessive priority) restore, which is presently “in progress.”

Catch all the Technology News and Updates on Live Mint.
Download The Mint News App to get Daily Market Updates & Live Business News.

More
Less

Updated: 04 Jun 2023, 06:24 PM IST

Tags:

More Stories

2 min read

Misinformation Spread Via Deepfakes Biggest Threat To Upcoming Polls In India: Tenable |

1 month ago
2 min read

Woman Falls Victim To Investment Scam, Loses Jewelry And Over Rs 24 Lakh |

1 month ago
1 min read

iPhone 15 Now Available On Flipkart With THIS Much Discount

2 months ago

You may have missed

1 min read

More than 250 injured so far in road accident on Holi, admitted to RIMS

1 month ago
2 min read

Holi celebrated in a unique way in Collector bungalow: Collector and SSP celebrated Holi with officers and employees, administered oath for free and fair voting, then took selfie in selfie point.

1 month ago
2 min read

From Punjab To MP To Maharashtra, Exodus Continues In Congress Benefiting BJP.

1 month ago
1 min read

Watch: Fresh Day Time Video Of Baltimore Bridge After Collapse; All Crew Members Are Indian, Says Ship Firm

1 month ago