Posted on November 20, 2018 at 7:12 AM
Gmail is undoubtedly one of the most popular email platforms that generally offered security to its users; however, an error has resulted in greater ease for phishing attacks.
Gmail platform has enjoyed great popularity and its number of users is always increasing thanks to its friendly and easy to use interface, and it has always been characterized as one of the safest options for sharing information via email. Its popularity means that any news about an error ends up causing a stir and that was exactly what happened when software developer Tim Cotten warned of an error in the platform.
An error that implies ‘high-level abuse’
The error discovered by Tim Cottenen the structure belonging to the header ‘From:’ belonging to this platform makes it possible to arbitrarily add an email address in the field where the sender is located, this failure implies that another address can be added recipient which would result in deception in relation to the content of the emails that are sent.
This failure means that the emails sent in this way are lodged in the “Sent Folder” of the users, without the latter having sent this content, which makes it easy for many unsuspecting people to fall into the trap and open links or malicious files that can steal your information and even damage your equipment.
In this way, if the person who has breached the security of your email sends something, this will be stored immediately in your sent mail tray, which will make you think that you sent the information. Once you open the mail and try to see what was “sent” will give access to your mail and/or PC to malicious software that is intended to violate the security of your data
A useful tool for hackers and phishing
This flaw in the Gmail system has turned out to be a tool that has facilitated phishing by hackers because it does not require more effort and it is easy to confuse unsuspecting users who without any malice fall into the trap when viewing an email in your inbox they do not recognize having sent.
It is an easy way to get spam emails to a larger number of users since they do not filter but rather land immediately in the sender’s tray.
It should be noted that these emails stored directly in the sent folder seem to have already been opened, which makes it much easier to confuse whether or not it is an email sent by the person. However, in these cases, the subject appears in bold.
Total silence of the company
Even today Gmail has not commented on the matter, even though the error was reported by Cotten immediately. There has been no official communication to let users know what happened with the failure and what Gmail is doing to repair it and to continue guaranteeing the security of the data and information shared through this platform.