Google GMail changes icon display for unauthenticated senders to help prevent whaling and phishing

Raza Rizvi

Google has just announced a change to the display by Gmail of the sender icon/picture for unauthenticated senders.

Back in July I wrote an article (Going phishing for whales? A cautionary tale (tail!)) that gave a real-world example of a company that had suffered financial loss through a successful whaling/phishing email thread.

The customer used Google Apps for email and was, in part, fooled by the display of the regular icon for the spoofed user. Today Google announced changes that might have made a material difference to that particular accounts person and their ability to be fooled –

The change makes use of two well established verification mechanisms for email – SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail). The adoption of both of these by Google might also act as a kicker for companies to start using at least one to help authenticate the mails their users send, and to highlight spoofed emails sent by the bad guys.

Admittedly it is a subtle change but it is a change for the better. Well done Google!If you would like to find out more about protecting your business from whaling attacks, please visit the activereach web page on phishing simulation.