Gmail Not Handling Messages Properly that Arrive from Impersonated @gmail.com Id
Renato Marinho a security researcher with Morphus Labs a Brazilian security company tells how Google Mail is not warning or filtering possibly sketchy electronic mails arriving from certain impersonated @gmail.com address. He posts his observations that although the electronic mail looks as arriving from one authentic account of Gmail, in reality it arrives via one server which does not function for Gmail. This' what spammers can exploit or worse still hackers seek harming with.
Apparently, the sole indication of illegitimacy in the impersonated or spoofed electronic mail is the server through which the Gmail id came which is not Google's. Unfortunately, this indication is invisible with e-mails within Gmail application on Android or the iOS. Softpedia.com posted this online dated February 9, 2017.
With the help of a setup, Marinho showed to ZDNet how the impersonated @gmail.com e-mail landed inside users' inbox instead of the spam mail folder. In connection with this no security warning has come from Gmail.
Marinho explains that e-mails arriving from @gmail.com ids don't get filtered via Gmail anti-spam within one particular circumstance.
Marinho further says that the above loophole can pose potential problem; however according to Google, the issue needn't be considered a security flaw as there is therefore no disturbance to the integrity or confidentiality that data of Gmail users carry. Marinho got in touch with Google regarding the particular issue.
Another aspect of the e-mails dispatched through the spoofed @gmail.com is that although the messages would bypass Gmail's filters devoid of any obstruction, Yahoo would not let the messages enter its account holders' inboxes, while Microsoft Outlook would transfer them into its Spam folder.
Marinho thus contends that the more we as e-mail users trust our provider there is inevitably reduced tendency for us to notice the inherent dangers. So it is chiefly advisable that we reconsider this 'trust judgment.' For, extremely reputable services can even become unsuccessful, as a result, we require being cautious throughout for avoiding dangers, he writes.
All said and done it remains a mystery why Gmail does not stop these e-mails alternatively conceal them inside its Spam folder.
» SPAMfighter News - 15-02-2017