Skip to content

July 23, 2018

Homeland security is worried about Gmail’s confidentiality mode

by John_A

One of the most intriguing features in the 2018 update of Google’s Gmail service was confidentiality mode. While it might improve the security of email contents for some users though, the Department of Homeland Security (DHS) is concerned that it could lead to more users than ever before being caught out by phishing scams.

Confidentiality mode works by not sending the actual contents of an email, but sending an email with a link to said content and requiring a password to access. The idea is that users can protect the data they’re trying to communicate with someone on the other end. While that sounds fine in theory, in practice it means clicking on links within emails, which any security expert will tell you is fraught with danger and it’s where phishing hackers make the bulk of their attacks.

A couple of months on from Google’s early rollout of confidentiality mode and other new features, the DHS has been in contact with the tech giant to try and work on a solution to the problem. Google’s response, according to ABCNews, has been to say that it believes no additional security risks have been created with the implementation of the new feature.

That may well be the case for Gmail users, who experience a typical email scenario when receiving confidential emails. However, should that email be sent to someone outside of the Google sphere of influence, a placeholder message and link to the original content is provided instead. According to the DHS, that “presents an opportunity for malicious cyber actors to mimic the email message and phish unwary users.”

Google claims that it has a stellar track record in blocking phishing attempts, suggesting that as many as 99.9 percent of all attempts are caught out by its machine learning and image scanning technologies. However, the potential threat with confidentiality mode isn’t in phishing attacks targeting Gmail users, but in going after those outside of Google’s services. By sending links in emails, Google could be setting a precedent that makes people less wary of unsolicited emails containing links that they need to click.

Keeping away from email links is just one of the many top tips for staying safe online.

Editors’ Recommendations

  • Gmail’s new confidential mode is finally rolling out. Here’s how to use it
  • Timehop data breach may have compromised 21 million email addresses
  • Massive Gmail redesign rollout will begin in earnest in July
  • 92 million accounts at DNA testing service MyHeritage have been hacked
  • How to recall an email in Gmail

Read more from News

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Note: HTML is allowed. Your email address will never be published.

Subscribe to comments

%d bloggers like this: