A new Gmail feature called "Confidential Email" requires users to click a link to access confidential emails - a feature described by the US DHS as a "potential emerging threat ... for nefarious activity."
A new Gmail feature called "Confidential Email" requires users to click a link to access confidential emails - a feature described as a "potential emerging threat ... for nefarious activity," in a May 24 US Department of Homeland Security intelligence note obtained by ABC News.
It warns that with this key new feature Google has created an opportunity in which "malicious cyber-actors could exploit the recent Gmail redesign," and thereby make its 1.4 billion users more susceptible to phishing attacks. The message has been distributed to law enforcement personnel and others handling cyber-security for private computer networks.
Users of "Confidential Email" access their content via a link intended to let them prevent forwarding, copying, downloading or printing of emails, set an expiration date for confidential emails, require recipients to go through a two-step security protocol; and revoke access to confidential emails including after they have been sent.The new Google logo is displayed at the Google
The concern of the DHS is that the new feature "presents an opportunity for malicious cyber-actors to mimic the e-mail message and phish unwary users.
Lesley Fulop, a Department of Homeland Security spokeswoman, is reported to have told ABC News: "We have reached out to Google to inform them of intelligence relevant to their services and to partner to improve our mutual interests in cyber-security."
Brooks Hocog, a Google spokesman says the use of filtering tools catches more than 99.9 percent of phishing attempts in Gmail, adding that the new redesign has additional measures to try to protect users from email attacks, such as emphasising security warnings in suspicious emails.