Yan Zhu, dealing with every day programming, has discovered a vulnerability in Gmail mobile application enabling impersonate any person.
The trick is simple but extremely effective. Just that using a mobile Gmail will change our account name, eg. To “” windykacja@allegro.pl ”. Double symbols are intentional – if so, we will describe account e-mail recipient receives a message from “windykacja@allegro.pl”. What’s more real e-mail address from which you send the message, it will be hidden.
Google in October received from Zhu information about the vulnerability. The company’s specialists told, however, that does not concern safety issues.
Motherboard emphasizes that there is indeed a whole bunch of ways to manipulate similar addresses, it usually Gmail captures them. I placed crafted messages in the Spam folder. Zhu method, which only works on Android version of Gmail, helped steer clear of such protection. And that’s why it can be considered potentially hazardous.
How to achieve the Zen in your mailbox? 7 best practices
(montages R.Kędzierski / Giuseppe Milo
No comments:
Post a Comment