Staying safe onlineis simple in practice, but to this day, spam, fraudulent emails, and impersonation of legitimate entities forphishing attackscontinue to cause data breaches. While it is our foremost responsibility to surf safely, email providers like Google also shoulder the responsibility ofkeeping products like Gmail safe. The company’s latest trick involves appending blue verification checkmarks to legitimate sender email addresses.
Last year, Google tried making Gmail safer by showing people the brand’scorporate logo as the avataricon to indicate the message came from a verified and trustworthy sender. The initiative was a part of the company’s Brand Indicators for Message Identification(BIMI) system, but bad actors conveniently worked around it by creating conventional email accounts with legitimate-looking profile pictures.
Although Google’s latest step may seem unabashedly inspired by Twitter’s verification system, it could prevent impersonation. The company explains it isexpanding the BIMI systemto show a blue checkmark alongside the name of verified senders. This would make it easier for recipients to tell genuine senders apart from fraudulent ones — but note that the scheme is specifically for full-fledged businesses, and individuals cannot apply.
However, with the rampant creatorimpersonation problem plaguing YouTubeat the moment, adding a legitimate-looking checkmark next to their ID could be child’s play for phishing scammers. We also know people on Twitter can usehacks to add blue checkmarksthat look quite like the real deal, and given the rampant nature of these issues, we really wish Google used a different color for the checkmark to make the job harder for these scammers. After all, the Google logo has four colors, and the checkmark didn’t need to be blue.
That said, Google’s heart is in the right place. At the very least, this BIMI verification process for legitimate businesses will deter the bums looking to fleece easy money or other data off unsuspecting victims. The new blue verification checkmarks for legitimate businesses have already started rolling out. They should be fully operational and visible to all Gmail users by May 6.
