Google to use authenticated logos to reduce phishing attacks
Gulf Business
Now Reading
Google to use authenticated logos to reduce phishing attacks
Gulf Business
  • Sign up

Google to use authenticated logos to reduce phishing attacks

Scammers hijack the logos of popular brands to trick people to click on malicious links or share personal details

Avatar
by
July 28, 2020

Google is trialling a new security feature in Gmail that has the potential to greatly reduce the threat of phishing emails.

The functionality uses the Brand Indicators for Message Identification (BIMI) standard to enable companies to validate ownership of their corporate logos directly with Google.

Google will then display the verified brands’ logos in the Gmail avatar slot — regardless of who the sender’s email client or service provider is. This makes it easy for Gmail users to identify verified emails.

“The introduction of BIMI by Google is a great step in helping to prevent users from falling victim to phishing attacks, as the solution validates corporate logos of brands and securely transmits them to Google,” said Hany George, security specialist for Mimecast Middle East.

Scammers hijack the logos of popular brands to trick people to click on malicious links and/or give up their personal details in a phishing attack.

According to Verizon’s 2020 Data Breach Investigations report, 22 per cent of breaches in 2019 involved phishing. The report also says 96 per cent of phishing attacks use email as the vector.

Organisations will need to authenticate mail using Domain-based Message Authentication Reporting and Conformance (DMARC).

However, experts contend this is not a be-all and end-all as far as preventing phishing attacks is concerned.

Read: Why businesses within the Middle East need to guard against a “new normal” wave of cyberattacks

Layered security is still a much more effective way of securing an organisation, said George.

“Organisations still need a system that automatically detects and stops a brand or third-party supply chain from being impersonated and this is not what BIMI does,” he added.

The risk with relying too heavily on BIMI is also that users will become complacent and forget about the importance of security awareness, warned George.

“Users still need to be educated regularly around risks and security controls, even with the use of BIMI. It’s a useful tool as it provides a visual indication through the use of logos. But it’s still important to use an email security solution that can tag the messages with a lot more detailed information in both subject line and body of the email, making it a lot more granular,” George said.

For example, it’s not only subject lines that should be marked as suspicious but the sender’s email address and their name, George noted. “While BIMI is important, it’s only one small piece of the security puzzle.”

Tags

You might also like

Google
Google’s court loss to Epic Games may cost billions
Sam Altman of OPENAI
Microsoft, OpenAI tie-up comes under antitrust scrutiny
AI
Europe agrees landmark AI regulation deal
Gemini - Sundar Pichai, chief executive officer of Alphabet Inc., during the Google I/O Developers Conference in Mountain View, California, US, on Wednesday, May 10, 2023. Google introduced a new large language model, used for training artificial intelligence tools like chatbots, known as PaLM 2, and said it has already woven it into many of the internet search company’s marquee products. Photographer: David Paul Morris/Bloomberg
Google just released Gemini: It’s ‘most capable AI model’ yet
GCC
Industry
Insights
Lifestyle
Other
About us
Advertise With Us
Privacy Policy
Contact Us
Subscribe

© 2021 MOTIVATE MEDIA GROUP. ALL RIGHTS RESERVED.

Scroll To Top