New Update Gmail: Google improves security of sensitive actions

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,283
Google announced today that it is improving protections for certain sensitive actions on Gmail to improve security for all users. The company's email service, like any other email service, is a lucrative target, as it may unlock the entire digital life of attacked users of the service.

Attackers have used various means to prolong access on Gmail. The use of email forwarding and filtering options, for instance, allowed them to forward certain important emails and hide them from the Gmail user. Attackers could filter mails from important services, such as from Amazon, Google, Apple or any other company, so that users would not receive any warnings, for example, when a third-party tried to gain access to their accounts.

Google is rolling out the change to all Google Workspace customers and all personal Google Accounts customers in the coming weeks. The full rollout should be completed before September 10, 2023.

Last year, Google introduced safeguards to better protect Google Workspaces accounts. Back then, Google implemented new safeguards for certain critical actions that could "have far reaching consequences for the account owner or the organization". Basically, what Google did was add challenges to these actions that required another step of verification.

This is now extended to certain actions on Google Mail. Google states that it has selected three sensitive actions on Gmail that receive the additional protections:
  • Email Filters -- when users create, edit or import filters.
  • Forwarding -- when users add new forwarding addresses in Forwarding and POP/IMAP settings.
  • IMAP access -- when users enable the IMAP access status from settings.
Gmail users receive critical security alerts whenever one of the listed actions are taken and Google deems it "risky" after evaluation.

If that is the case, the user will receive a verification prompt before the change is saved to the account. Google may prompt users to verify the action using 2-step verification or other means of authentication to validate the action.

Google evaluates risk factors to determine whether it should display an additional verification prompt. While the company has not revealed any specifics, it seems likely that it uses information such as locations, IP addresses, browsers, time of day and other for evaluation.

If that verification fails, for example, when the malicious user does can't complete the second verification step, a critical security alert is automatically pushed on trusted devices.

gmail security improves
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top