Google Will Use Authenticated Logos to Reduce Gmail Phishing
upstart writes in with an IRC submission for RandomFactor:
Google will use authenticated logos to reduce Gmail phishing:
Google will trial a new security feature in Gmail that shows a brand's logo as an avatar to help you know an email is genuine, the company has announced. The functionality uses the Brand Indicators for Message Identification (BIMI) standard, whose working group Google joined last year, and will be tested with a limited number of senders in the coming weeks.
According to Google, authentication with BIMI can make recipients more confident about the source of an email, which scammers try and obscure to get people to click on malicious links and/or give up their personal details in a phishing attack. Google will use BIMI in conjunction with another technology, DMARC, which tries to stop scammers from forging the "from" address of an email to pretend it's coming from a legitimate source.
As Engadget notes, the technology is similar to verified badges social networks use for official celebrity and brand accounts. Google says it's using two Certification Authorities to validate who owns any particular logo: Entrust Datacard and DigiCert. Google expects to make BIMI more widely available for brands to use in the coming months.
Read more of this story at SoylentNews.