Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Google allowing 3rd-party developers to scan your Gmail: Report

Google allowing 3rd-party developers to scan your Gmail: Report

GoogleWashington : Despite assuring users to “remain confident that Google will keep privacy and security paramount”, the search giant is still reportedly allowing third-party app developers scan through Gmail accounts, the Wall Street Journal has claimed.

Google “continues to let hundreds of outside software developers scan the inboxes of millions of Gmail users who signed up for email-based services offering shopping price comparisons, automated travel-itinerary planners or other tools,” the report said late Monday.

Google was yet to comment on the report.

Gmail has nearly 1.4 billion users globally — more users than the next 25 largest email providers combined.

“Google does little to police those developers, who train their computers– and, in some cases, employees — to read their users’ emails,” the report further stated.

According to Google, it provides data only to outside developers it has vetted and to whom users have explicitly granted permission to access email.

According to the report, Google’s own employees read emails only “in very specific cases where you ask us to and give consent, or where we need to for security purposes, such as investigating a bug or abuse”.

“Email data collectors use software to scan millions of messages a day, looking for clues about consumers that they can sell to marketers, hedge funds and other businesses,” the report added, saying data miners generally have access to other email services besides Gmail.

In 2017, Google said its computers will soon stop reading the emails of its Gmail users to personalise their ads.

The Internet giant recently rolled out new features for Android users to make it easier for them to navigate their Gmail accounts and review security and privacy options.

As part of the new updates, Google introduced a new search functionality that enables users to find settings and other info they might be looking for in their account, like how to change the password.

—IANS

Gmail users receiving spams from their own accounts: Report

Gmail users receiving spams from their own accounts: Report

GmailSan Francisco : Some Gmail users have claimed that they have been receiving ads sent to them from their own accounts despite updated passwords and two-factor authentication, the media reported.

To get the messages past spam filters, the spammers have been using forged email headers to make them appear as though they are being sent via a “Canadian telecommunications company” called “Telus”, Mashable reported on Sunday.

The subject of the emails read “weight loss and growth supplements for men”.

“We are aware of a spam campaign impacting a small subset of Gmail users and have actively taken measures to protect against it,” a Google spokesperson was quoted as saying.

“We have identified and are reclassifying all offending emails as spam, and have no reason to believe any accounts were compromised as part of this incident,” he added.

Because the messages appeared to be coming from the same user, Gmail filed the message into affected users’ sent folder.

“My email account has sent out 3 spam emails in the past hour to a list of about 10 addresses that I don’t recongnise. I changed my password immediately after the first one, but then it happened again 2 more times,” a user wrote on “Google Help Forum”.

“The company’s engineering teams are aware of this and are working on a resolution,” Google employee Seth Vargo tweeted in reply to one such complaint.

—IANS

Less than 10% of Gmail users enable two-factor authentication: Google

Less than 10% of Gmail users enable two-factor authentication: Google

Gmail, GoogleSan Francisco : Despite the growth of sophisticated cyber threats globally, Google has said that less than 10 per cent of active Gmail users have enabled two-factor authentication making the remaining 90 per cent more vulnerable to cyber attacks.

According to Google engineers, compromised passwords are the top way hackers gain access to accounts and all users — especially those in the enterprises — should implement two-factor authentication immediately.

“Further, only 12 per cent of Americans use a password manager to protect their accounts,” US-based news website Techrepublic quoted Google engineer Grzegorz Milka as saying in a presentation at the Usenix Enigma 2018 security conference in California late on Saturday.

Two-factor authentication is one of the most effective ways to protect online accounts given that compromised passwords are the top way attackers gain access to accounts.

In the enterprise, if a hacker can break into the email of even one employee, it gives them not only access to company data but also ammunition for future phishing attacks — making it even more important for firms to ensure all employees have enabled two-factor authentication and gone through cybersecurity training.

The feature, which Google calls 2-step verification, requires using a second step-often a single-use key or password-along with the account password to verify a user’s identity and allow them into their account.

With Google, the second step can come in the form of a text message, a phone popup, through a Google Authenticator app or from a number of printed single-use codes.

Google first rolled out its two-factor authentication feature back in 2011, yet users have failed to adopt the safety measure in large numbers. The feature adds a few seconds to the login time but is claimed to be the best option to stay away from cyber attacks.

Milka said that Google did not make two-factor authentication mandatory for all users due to usability.

“It’s about how many people would we drive out if we force them to use additional security,” he was quoted as saying.

Google has made a number of other efforts to improve security for its users.

In January 2017, the company announced new layers of enterprise-grade security controls for “G Suite” to give users more control and visibility over sensitive information.

In October last year, it rolled out the “Advanced Protection Programme” that offers better defenses against phishing, accidental data sharing and fraudulent account access for executives and professionals in fields where confidential information is shared online.

—IANS