All Gmail users warned of alarming new bank-draining con that could easily trick anyone | The Sun

GOOGLE Gmail users have been warned over a new scam that seeks to take advantage of Google's new verification system.

Scam emails impersonating businesses that are virtually indistinguishable from legitimate ones are landing in people's inbox thanks to a new bug.

The tech giant introduced a blue verification checkmark at the beginning on May, in a bid to combat internet scams.

It means companies and organisations – that were otherwise easy to impersonate – apply to the programme to verify their identity.

After Google approved the application, emails from these organisations could then be accompanied with a verification sticker next to their brand logo.

But it wasn't long before scammers noticed that the well intended new feature could be hijacked for more nefarious purposes.


Billions of phone users warned to search 3 red-flag bank-draining phrases

Google warns Gmail users their account could be DELETED at the end of the year

Cybersecurity engineer Chris Plummer posted on Twitter an image of a spoofed email claiming to officially be from UPS.

The scammer somehow got past Google’s own safeguards, because when Plummer hovered over the badge a window appeared saying the message was coming from a legitimate source – when it wasn't.

"There is most certainly a bug in Gmail being exploited by scammers to pull this off," Plummer wrote on Twitter.

"The sender found a way to dupe @gmail’s authoritative stamp of approval, which end users are going to trust.

Most read in Tech


Call of Duty could be BANNED in the UK – talks with government underway


Your Sky TV box is set-up WRONG – easy change stops annoying connection problems


I married my AI chatbot -he doesn't have any baggage and doesn't judge


Your Wi-Fi speed is affected by the TYPE of house you live in – check yours now

"This message went from a Facebook account, to a UK netblock, to O365, to me. Nothing about this is legit."

The engineer submitted a bug report to Google's security team which initially closed the case before reopening it after having a "closer look" at the issue, according to a snapshot of an email Plummer posted on on the social media platform.

Most users will immediately trust the "little blue seal", according to the engineer, who feared it might undo the work to encourage email users to vigilantly check sender addresses to make sure what they're reading in their inbox is legitimate.

The tech giant is currently working on a fix for the cyber flaw, but follow these steps to make sure you're protected in the meantime:

  • Double check the header – random letters, numbers, symbols or spelling mistakes in an email is your first tell tale sign that something is awry
  • Make sure letters are what they seem – scammers often replace certain characters with lookalikes, for example, replacing the letter 'O' with the number '0'.
  • Don't click any attachments or link you don't recognise.
  • Be wary of emails urging you to share your financial information.

Best Phone and Gadget tips and hacks

Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered…

  • How to delete your Instagram account
  • What does pending mean on Snapchat?
  • How to check if you've been blocked on WhatsApp
  • How to drop a pin on Google Maps
  • How can I change my Facebook password?
  • How to go live on TikTok
  • How to clear the cache on an iPhone
  • What is NFT art?
  • What is OnlyFans?
  • What does Meta mean?

Get all the latest WhatsApp, Instagram, Facebook and other tech gadget stories here.

Source: Read Full Article