As we already know that Google has launched verified tick on Gmail to show the authenticity of the emails sent from brand and to identify spammers. This is definitely a very helpful feature for the gmail users to identify any spam emails. But as per a latest report by Chris Plummer, a Security Architect shows that spammers might have found a way to bypass the gmail blue tick or found a way to get a blue tick in some alternative way and sent emails which look like an email sent from a brand. See below example for the same.
Read more about the Gmail Blue Tick Feature here
Brands can verify their brand identity and can claim the blue tick via various platforms like Domain-based Message Authentication, Reporting, and Conformance (DMARC) and Verified Mark Certificate (VMC) and Brand Indicators for Message Identification (BIMI). If any company follows the process and verifies their brand authenticity, emails from that particular brand can be seen with a brand logo and a blue verified tick.
As per the post shared by Chris Plummer, it is seen that a scammer has sent an email with the brand logo of UPS and a random email address with the verified tick bypassing the Google’s security process to verify the brand. Which enables the spammers to send emails which look like legit email from a brand and can misguide the readers and will become difficult to identify the spam emails.
We hope Google will address the issue and fix any gaps in this process to make the system secure. Given the extensive use of the internet and smartphones, we have already seen a spike in the cyber crimes, every users should be very cautious while accessing any website, downloading any application, clicking any link or download an attachment.