Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Email Security

Gmail to Warn When Messages Take Unencrypted Routes

Google plans to ramp up security at its free email service by letting users know when messages arrive via unencrypted connections that could be prone to snooping or tampering.

“These warnings will begin to roll out in the coming months,” Elie Bursztein and Nicolas Lidzborski of the Gmail security team said in a blog post this week.

Google plans to ramp up security at its free email service by letting users know when messages arrive via unencrypted connections that could be prone to snooping or tampering.

“These warnings will begin to roll out in the coming months,” Elie Bursztein and Nicolas Lidzborski of the Gmail security team said in a blog post this week.

“While these threats do not affect Gmail to Gmail communication, they may affect messaging between providers.”

The announcement came with study results indicating that email encryption is on the rise, along with measures to thwart spam and fraud by better authenticating messages.

However, Google said that it found regions of the Internet where email encryption was being covertly thwarted and also uncovered malicious servers programmed to essentially hijack Gmail messages by giving them bogus routing information.

“While this type of attack is rare, it’s very concerning as it could allow attackers to censor or alter messages before they are relayed to the email recipient,” Bursztein and Lidzborski said in the post.

Google, Yahoo and other online firms have been moving to boost encryption of websites and email in an effort to boost privacy amid growing concerns about hacking and surveillance.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.

Compliance

Government agencies in the United States have made progress in the implementation of the DMARC standard in response to a Department of Homeland Security...

Email Security

Many Fortune 500, FTSE 100 and ASX 100 companies have failed to properly implement the DMARC standard, exposing their customers and partners to phishing...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cybercrime

Enterprise users have been warned that cybercriminals may be trying to phish their credentials by luring them with fake emails that appear to be...

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Cloud Security

Proofpoint removes a formidable competitor from the crowded email security market and adds technology to address risk from misdirected emails.