2011-07-01
Abstract
Gmail users get helping hand in avoiding phishing scams.
Copyright © 2011 Virus Bulletin
Users of Google’s webmail service Gmail are to be given an extra helping hand in avoiding phishing scams thanks to new a feature that displays additional information about the sender of the email.
If an email arrives from a sender with whom Gmail believes the user has not communicated previously, the entire email address will be displayed next to the sender name. Gmail will continue to display the full address until it has ascertained that the sender is genuine (e.g. the user has sent replies to the email or has added the sender to their address book).
Meanwhile, if Gmail determines from the message headers that an email was sent via a third-party, it will display the sender name followed by ‘via’ and the third-party domain name. This should give users a heads up that a message that appears to be from someone they know has not actually been sent by them. Organizations that use third-party mailing services can avoid this flag by publishing SPF records that include details of the mailing services they use, or by signing messages with a DKIM signature associated with their domain.
Google has also addressed the spate of Gmail phishes by adding a warning to messages that appear to have come from a Gmail account but whose authentication data is missing. The warning reads ‘This message may not have been sent by [sender]@gmail.com’. These warnings should give users cause to stop and carefully consider the content of the email before following any links or sending personal information. A ‘report phishing’ link is also provided.
By introducing these simple measures, Gmail hopes to significantly reduce the number of its users falling victim to phishing scams – other email services would do well to follow suit.
