In a note distributed to law enforcement and spotted by ABC News, the Department of Homeland Security cautioned that 'Confidential Mode' presented an entirely-new route for phishing attacks.
Google is one of the most successful tech companies in history. It seems like most everything it touches turns to gold.
It began as a simple search engine in the late 1990s but has become a force to be reckoned with over the years. Think of everything Google has to offer nowadays. From its own line of smartphones, to Google Maps, to the very popular Chrome browser, there are plenty of success stories to talk about.
Gmail has also taken off as one of the world's leading email services. There are nearly 1.4 billion people worldwide who use Gmail. Now for the bad news. A Gmail redesign could put all of those people at risk of attacks from cybercriminals.
Google recently added a new feature in its Gmail redesign. The feature is called "Confidential Mode" and the Department of Homeland (DHS) says it could present an emerging threat.
DHS agents cautioned that hackers pretending to be someone else to gain access to users' personal information are likely to send-out mass scam messages containing fraudulent versions of these confidential links.
DHS officials are so concerned about the update that they circulated a warning to other U.S. law agencies and government cybersecurity workers. Confidential Mode lets you set an expiration date on sensitive emails and add two-factor authentication to messages.
Here's the problem: To access sensitive messages, you must click a link inside an email. Do you see where this is going?
Yep, DHS officials think this will lead to criminals ramping up phishing attacks. The fear is they will start sending phishing emails, pretending to be from Google that contain malicious links.
If you click on the malicious link, the criminal will be able to access personal information that could lead to all kinds of problems. Stolen credentials, draining bank accounts and identity theft to name a few.
“Those who spend a lot of time on email systems or perusing the internet need to keep up to date on different cyberthreats that are out there,” Cohen said. “One person can place at risk an entire information system. So it’s very important people don’t click on links when receiving suspicious emails, especially if they don’t recognize the sender.”
Cybercriminals are extremely sophisticated with their attacks these days. They have technology at their disposal that help them spoof messages to look legitimate, like it was actually sent by the official company. That's why phishing scams have become a favorite tool for criminals over the past few years.
Google responded to DHS by saying its new feature doesn't pose any additional security risk beyond what people who use the internet already are exposed to.
Remember - If your company uses Gmail for your corporate email then be aware that your information may not be as private as you think. Google has confirmed developer access and continues to allow hundreds of outside software developers scan the inboxes of millions of Gmail users who signed up for email-based services offering shopping price comparisons, automated travel-itinerary planners or other tools. Google does little to police those developers, who train their computers—and, in some cases, employees—to read their users’ emails, a Wall Street Journal examination has found. Facebook has also allowed outside developers gain access to its users’ data for years.
All content provided on our website is for informational purposes only. Strive Tax & Accounting, LLC makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site, will not be liable for any errors or omissions in this information nor for the availability of this information and will not be liable for any losses, injuries, or damages from the display or use of this information. Strive Tax & Accounting, LLC does not represent or endorse the accuracy or reliability of any information content distributed through, or linked, downloaded or accessed from any of the services contained on this website, nor the quality of any information or any other material displayed, purchased, or obtained by you because of an advertisement or any other information’s or offer in or in connection with the services herein. Any reliance upon the information shall be at your own risk. Strive Tax & Accounting, LLC reserves the right, in its sole discretion and without any obligation, to make improvements to, or correct any error or omissions in any portion of the service or the materials. The information is on an ‘as is’ basis, and Strive Tax & Accounting, LLC expressly disclaims and all warranties, express or implied, with respect to the information presented and assumes no obligation to inform the reader of any changes in tax laws or other factors that could affect the information contained herein.