Gmail verification scam
An updated Gmail scam has started circulating online, preying on the service’s freshly introduced verification mechanism. To counter online fraud like phishing attempts, Google launched blue checkmark verification in May. Once approved, Gmail will show the aforementioned blue checkmark next to the company logo. Businesses and organisations can apply to the programme to verify their identity. However, criminals are utilising this technology to target individuals. Chris Plummer, a cybersecurity expert, shared a screenshot of a fake email purporting to be from UPS on Twitter. It appears that the fraudster managed to get past Google’s own security measures.
The bogus email was rather simple to see. Plummer displays a header with an email address that is largely made up of random characters and digits and ends with a UPS URL. However, if you mouse over the checkmark, a box stating that the message is authentic will appear. Unknown is how the malicious actor managed to bypass the security measures. According to Plummer, fraudsters are taking advantage of a weakness in Gmail to fool the platform’s “authoritative stamp of approval.” The evil guys then bounce between many sites before focusing on their victim.
When he first reported the issue to Google, the search engine giant apparently blew it off, claiming the system was operating as planned. The IT giant, however, performed a U-turn in the days following Plummer’s discovery and declared it is presently working on a cure.
It makes sense to take some preventative measures up until then to safeguard yourself. First, check the header again. A lot of weird characters, digits, and symbols. Second, verify the header’s spelling once again. To deceive individuals, some con artists would substitute lookalikes for certain characters. For instance, the letter “O” will be changed to the number “0” and the capital “I” will be changed to a lowercase “l” (that’s a “L”). Gmail’s Be suspicious of any emails asking you to update your account information or provide financial information in order to receive a refund that you did not request. Of course, avoid clicking on any unfamiliar links or attachments. To better secure your personal information, make sure to look at TechRadar’s ranking of the top identity theft prevention apps for June 2023.
Finally, the newly implemented verification method for the service is being used by the new Gmail scam. This method is being used by criminals to target individuals. Check the heading and spelling in the header again, be suspicious of emails asking for your financial information, and avoid clicking on any links or files you don’t recognise as a way to protect yourself.