Usenix Enigma It has been nearly seven years since Google introduced two-factor authentication for Gmail accounts, but virtually no one is using it.
In a presentation at Usenix's Enigma 2018 security conference in California, Google software engineer Grzegorz Milka today revealed that, right now, less than 10 per cent of active Google accounts use two-step authentication to lock down their services. He also said only about 12 per cent of Americans have a password manager to protect their accounts, according to a 2016 Pew study.Read more
Here’s a surprise announcement from Google: It will stop scanning the inboxes of Gmail’s free users for ad personalization at some point later this year. Google already doesn’t do this for business users who subscribe to its G Suite services, but until now, it routinely scanned the inboxes of its free users to better target ads for them.
It then combined that information with everything else it knows about its users to build its advertising profiles for them. Diane Greene, Google’s senior VP for Google Cloud, says the company made this decision because it “brings Gmail ads in line with how we personalize ads for other Google products.”Read more
The Gmail phishing attack that played out across Google's billion-user email platform Wednesday afternoon was "particularly insidious" and created by someone with considerable skill, say cybersecurity experts.
The scam involved sending users a malicious link from what looked like a familiar contact; when users clicked it and logged on, the hacker gained access to their Gmail credentials, thereby getting the keys to the kingdom for a user's entire online life — and enabling the virus to replicate itself. While Google says it has fixed the problem, it still remains a mystery who may have launched the worm that quickly made the rounds online.Read more
Hardly a day goes without headlines about any significant data breach. In past year, billions of accounts from popular sites and services, including LinkedIn, Tumblr, MySpace, Last.FM, Yahoo!, VK.com were exposed on the Internet.
Now login credentials and other personal data linked to more than one Million Yahoo and Gmail accounts are reportedly being offered for sale on the dark web marketplace. The online accounts listed for sale on the Dark Web allegedly contain usernames, emails, and plaintext passwords. The accounts are not from a single data breach; instead, several major cyber-attacks believed to have been behind it.Read more
In reality, however, the age of instant messaging, cloud storage and collaboration features means that there isn't really any need for sending attachments by mail in the first place, and given that even with legitimate intent, they create multiple copies which clog up servers, businesses still operating this way need to rethink their approach anyway.Read more
A security researcher has discovered an interesting loophole in Gmail Android app that lets anyone send an email that looks like it was sent by someone else, potentially opening doors for Phishers.
This is something that we call E-mail Spoofing – the forgery of an e-mail header so that the email appears to have originated from someone other than the actual source. However, an independent researcher discovered a similar bug in official Gmail Android app that allowed her to hide her real email address and change her display name in the account settings so that the receiver will not be able to know the actual sender. How to Send Spoofed Emails via Gmail Android App?Read more
Google is rolling out a new ad format in Gmail to all advertisers today. A few years ago, Google launched a new kind of native ad in Gmail that sat at the top of the inbox and mostly looked like a regular email. For the most part, that was a pretty unobtrusive way of displaying ads though some people were rather annoyed by them.
Starting today, Google is making it easier for all advertisers to buy these ads. Google tells us that the native Gmail ad format has actually been in beta testing since 2013. Clearly I’ve never clicked on these ads. We’ve updated this post to reflect this. Advertisers can now buy these new Gmail ads directly from AdWords.Read more
Security researchers have discovered a potential way to steal users Gmail credentials from a Samsung smart fridge. Pen Test Partners discovered the MiTM vulnerability that facilitated the exploit during an IoT hacking challenge at the recent hacking conference.
The hack was pulled off against the smart fridge, part of Samsung’s line-up of Smart Home appliances which can be controlled via their Smart Home app. While the fridge implements SSL, it fails to validate SSL certificates, thereby enabling man-in-the-middle attacks against most connections. The internet-connected device is designed to download Gmail Calendar information to an on-screen display.Read more
About a decade ago, spam brought email to near-ruin. The contest to save your inbox was on, with two of the world’s biggest tech companies vying for the title of top spam-killer. Microsoft boasted that its spam filters were removing all but 3 percent of the junk messages from Hotmail, the company’s online email service at the time.
Google responded by claiming that its service, Gmail, removed all but about one percent of spam messages, adding that its false positives rate was also about one percent. It was a point of pride for the two companies, particularly Microsoft, whose Hotmail service once carried such a poor reputation for spam.Read more
It’s no secret to anyone to know that Google keeps every bit of data it collects about each of its users. This data includes, but is not limited to, search phrase history, links clicked, Gmail conversations and so on.
All data is kept and processed “in their ordinary course of business,” which obviously includes spam filtering, selecting relevant ads for users and the individual tuning of search results. This last piece is still not obvious to most users, but for the last few years each of us has had our very own Google. If you find something funny or unexpected, or you see your own website on the first page of search results, don’t rush to show this to your friends.Read more