Google is rolling out a sweeping redesign of its popular Gmail service, but federal cybersecurity authorities warn that a key new feature on the system could make its 1.4 billion users more susceptible to dangerous phishing attacks that compromise users’ vital personal information.
The Department of Homeland Security issued an intelligence note, obtained by ABC News, warning users of the “potential emerging threat … for nefarious activity” with the new Gmail redesign. Because the new feature — called “Confidential Email” — requires users to click a link in order to access confidential emails, according to the DHS alert issued May 24, Google has essentially created an opportunity where “malicious cyber actors could exploit the recent Gmail redesign.”
The intelligence note was distributed to law enforcement personnel and those who handle cybersecurity for private computer networks. It was published as part of DHS’ ongoing effort to emerging threats that could pose a danger to critical computer infrastructure like the computer networks operated by government agencies, banks and major businesses.
“We have reached out to Google to inform them of intelligence relevant to their services and to partner to improve our mutual interests in cybersecurity,” Lesley Fulop, a Department of Homeland Security spokeswoman, told ABC News.
DHS has raised concerns, Google officials said, though stressing that the new features pose no additional security risk beyond what people are already exposed to online.
“Confidential Email” gives recipients access to content via a link and is designed to allow users to prevent the forwarding, copying, downloading or printing of emails; set an expiration date for confidential emails so the email is no longer accessible after that date; protect emails by allowing users to require recipients to go through a two-step security protocol; and revokes access to confidential emails – even after they have been sent — so they can no longer be accessed by the recipient.