{"id":494931,"date":"2023-06-06T09:44:20","date_gmt":"2023-06-06T07:44:20","guid":{"rendered":"https:\/\/mybroadband.co.za\/news\/?p=494931"},"modified":"2023-06-06T09:44:20","modified_gmt":"2023-06-06T07:44:20","slug":"scammers-duping-gmails-verification-checkmark-system","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/security\/494931-scammers-duping-gmails-verification-checkmark-system.html","title":{"rendered":"Scammers duping Gmail&#8217;s verification checkmark system"},"content":{"rendered":"<p>Cybersecurity researchers Chris Plummer discovered a Gmail bug that lets malicious actors masquerade as verified companies to scam users, according to his <strong><a href=\"https:\/\/twitter.com\/chrisplummer\/status\/1664075886545575941?s=20\" target=\"_blank\" rel=\"noopener\">post<\/a><\/strong> on Twitter.<\/p>\n<p>In a post on Twitter, Plummer berated Google for seemingly showing no interest in addressing the issue.<\/p>\n<p>&#8220;Nothing about this is legit,&#8221; he said. &#8220;Google just doesn&#8217;t want to deal with this report honestly.&#8221;<\/p>\n<p>Plummer said he received an email from a supposedly-verified United Postal Service (UPS) email address that &#8220;went from a Facebook account to a UK netblock, to O365&#8221; to his inbox.<\/p>\n<p>The email was a scam attempt, and the sender&#8217;s contact \u2014 rvrERrch5@kelerymjrlnra.ups.com \u2014 featured the blue verification checkmark and the UPS logo.<\/p>\n<p>&#8220;The sender of this email has verified that they own kelerymjrlnra.ups.com and the logo in the profile picture,&#8221; the verification message reads.<\/p>\n<p>He expressed frustration at Google&#8217;s security team, who apparently denied any problem and responded &#8220;won&#8217;t fix \u2014 intended behaviour&#8221; when Plummer submitted the bug.<\/p>\n<p>However, Google appears to have changed its tune. Plummer shared a more recent response he received from the Alphabet-owned company.<\/p>\n<p>&#8220;After taking a closer look we realised that this indeed doesn&#8217;t seem like a generic SPF [sender policy framework] vulnerability. Thus we are reopening this and the appropriate team is taking a closer look at what is going on,&#8221; it said.<\/p>\n<p>&#8220;We apologise again for the confusion and we understand our initial response might have been frustrating, thank you so much for pressing on for us to take a closer look at this!&#8221;<\/p>\n<hr \/>\n<h3 class=\"my-4\">Now read: <a href=\"https:\/\/mybroadband.co.za\/news\/security\/494917-cyberattack-onslaught-feared-after-popular-file-transfer-software-gets-hacked.html\" rel=\"bookmark\">Cyberattack onslaught feared after popular file transfer software gets hacked<\/a><\/h3>\n","protected":false},"excerpt":{"rendered":"<p>After initially dismissing the bug, Google has backtracked and is looking into the the Gmail flaw.<\/p>\n","protected":false},"author":341076,"featured_media":450646,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27],"tags":[86945,407,86941,86943],"class_list":["post-494931","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-chris-plummer","tag-gmail","tag-gmail-verification","tag-google-security-team"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/494931"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/341076"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=494931"}],"version-history":[{"count":1,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/494931\/revisions"}],"predecessor-version":[{"id":494955,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/494931\/revisions\/494955"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/450646"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=494931"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=494931"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=494931"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}