Other Technology | June 5, 2023
Scammers have taken their deceptive strategy to the next level by exploiting the coveted blue checkmark in Gmail. The trust we place in this badge has become their secret weapon to prey on unsuspecting users. In fact, people have already started falling into their trap…
In today’s digital world, Gmail has established a set of secure tools for businesses and organizations to demonstrate their authenticity. These systems include BIMI (Brand Indicators for Message Identification), VMC (Verified Mark Certificate), and DMARC (Domain-based Message Authentication, Reporting, and Conformance). By meeting the necessary requirements, companies can obtain recognition, which translates to displaying their brand logo alongside the coveted blue verification checkmark, thereby strengthening their online credibility.
Unfortunately, scammers have found a way to exploit this valuable badge. They have managed to deceive unsuspecting users by impersonating legitimate companies that have obtained the verified blue checkmark. Capitalizing on the trust placed in this badge, scammers manipulate its appearance to make users believe they are interacting with authentic and trustworthy businesses.
In fact, a Twitter user has raised an alert about a recent email with a suspicious address, posing as the UPS company and displaying a blue checkmark next to the name.
Concern and outrage grew when the recipient of the email, aware of the gravity of the situation, decided to reach out directly to Google to alert them about this problematic behavior. However, they were informed that this abuse of the blue verification badge was somehow “intentional behavior.” This response not only proved confusing but also raised suspicions about the security measures in place for verified accounts.
The tweet has highlighted the need to urgently and effectively address this issue. User pressure and the online community have pushed Google to take the concerns raised seriously and reconsider their initial approach to tackling this concerning vulnerability in the identity verification system.
While Google hasn’t revealed all the details of their verification process, there are some general requirements and steps that companies must follow to obtain this distinctive badge. Firstly, the blue verification checkmark is available for Google Workspace customers as well as legacy G Suite Basic and Business customers. This means that companies using these platforms have the opportunity to obtain the verification checkmark without incurring additional costs.
The process of obtaining the verification checkmark involves authenticating the identity of the company and verifying its brand logo. Google sets specific requirements to demonstrate ownership and validity of the company. This may include providing information and documentation about the company, such as legal records, tax identification, and other details that verify its authenticity.
Additionally, Google conducts a thorough verification of the brand logo to ensure that it is legitimate and associated with the corresponding company. This is important to prevent identity theft and ensure the integrity of the blue verification badge.
Meanwhile, it is crucial for users to be aware of this issue and remain vigilant when interacting with emails and communications displaying the blue verification badge, carefully verifying the authenticity of the companies before sharing sensitive information.