Gmail's Blue Checkmarks Pose Security Threat to 1.8 Billion Users
Originally Published 2 years ago — by 9to5Google
Scammers have already found a way to abuse Gmail's new blue checkmark verification system, which was introduced to help prevent scam emails. The system uses Brand Indicators for Message Identification (BIMI) and DMARC to verify both the logo and the domain attached. However, a senior cybersecurity architect for Dartmouth Health has revealed that it's possible to fake these badges. Google has responded by requiring senders to use the DomainKeys Identified Mail (DKIM) authentication standard to qualify for blue checkmarks, which will be rolled out by the end of this week.