Gmail Releases New Confidential Mode 

August 28, 2018

Written by wukovits

Google has introduced a new Gmail feature called “Confidential Mode,” which seeks to make sending and receiving important or sensitive emails more secure.  Unfortunately, it may have inadvertently created as many problems as it solves.

Here’s how the new feature works, and why you may be leery of using it:

To send a confidential email, compose your message as normal, and then, click the “lock” icon located at the bottom of the email screen. When this button is pressed, you’ll be presented with a number of options that will enable you to specify a self-destruct time ranging from one day to five years.  The email will auto-delete after the amount of time specified.

You’ll also be able to specify whether the email requires a password to open, and of course, giving you the ability to set that password.  Also, a message sent in Confidential mode cannot be forwarded to any other user or be printed out.

The new service works across all email systems because Confidential messages aren’t actually sent.  The user will get a notification that they’ve received a confidential mail, and a link to click to access it, which points back to Google’s own servers where the email is housed.

Given this, the sender of the message also has the ability to selectively remove access to confidential emails if one was inadvertently sent to the wrong recipient.

All of that sounds great in theory, but there’s a problem.  That’s exactly how phishing attacks work.

Security professionals have sounded the alarm that hackers will quickly begin spoofing Google’s new service, pointing the links in their messages toward their own servers.  When users are prompted to provide their login credentials to see the message, they’ll be handing access to their email account over to the hackers.  Google has not yet responded to or commented on this flaw in their new system.  Use with caution.

Used with permission from Article Aggregator

Related Articles

Some Amazon Device Features May Have Security Risks

Have you heard of Amazon Sidewalk? If not, it's definitely something you should be aware of. Depending on your point of view, the new feature, which was enabled by default on a wide range of Amazon devices by default on June 8 of this year (2021) is either...

Email Unsubscribe Scam Can Easily Fool Any User

Scammers are increasingly relying on a tried and true bit of social engineering to fool unsuspecting users into unwittingly signing up to receive a flood of additional spam email. They accomplish this by blasting out an email asking recipients if they wish to...

Update VMWare Software Immediately To Avoid Possible Attack

The US Cybersecurity and Infrastructure Security Agency recently issued a warning to all companies running VMware Vcenter Server and VMware Cloud Foundation. They are asking them to download and apply the latest security patches as soon as possible because attackers...

Send us a message

Your message was sent.

Thank you for contacting Bayou Technologies. We'll be in touch soon!

Need help? support-icon