Google changes email authentication after spoof shows a bad delivery for UPS


Google says it has fixed a flaw that allowed a scammer to impersonate delivery service UPS on Gmail, after the data-hoarding web behemoth labeled the phony email as authentic.

The problem stemmed from an issue in an email authentication program called Brand Indicators for Message Identification (BIMI) that aims to protect email users from brand spoofing and phishing attacks claiming to be from a trusted org. BIMI also protects senders from reputational damage if their names and logos are used in a cyber attack.

BIMI, and email providers that support it – including Google – do this via email authentication standards: Sender Policy Framework (SPF)Domain-based Message Authentication, Reporting, and Conformance (DMARC), and DomainKeys Identified Mail (DKIM). BIMI requires participating brands to adopt DMARC along with either SPF or DKIM.

Google started supporting BIMI in July 2021, and it implemented the blue checks for verified senders last month.

Read more…