This year Gmail had made one of the most significant revamp of its website and brought in a slew of new features which were liked by the majority of users. Among the new features, some popular ones were the snooze, smart reply and the Confidential Mode. However, as per a recent report from Express.co.uk, a potential security threat has surfaced on Gmail’s Confidential Mode which might risk user’s privacy and security. The Department of Homeland Security (DHS) has also issued an alert on the same matter.
The publication said, "It's the Confidential Mode which is at the centre of security fears.” Another statement came from a DHS spokesperson, Lesley Fulop who said: "We have reached out to Google to inform them of intelligence relevant to their services and to partner to improve our mutual interests in cybersecurity.” DHS has also remarked that the Confidential Mode in the Gmail remains a “potential emerging threat... for nefarious activity.”
Notably, whenever a user sends a mail using the Confidential Mode to the recipient, then the email comes with a timestamp telling the users when the email is going to self-destruct. The email also comes with a note which explains that the recipients that the mail cannot be forwarded to other users or downloaded. The feature was appreciated by people who wanted to convey sensitive information over Gmail.
However, the problem arises when the confidential mode mail is sent to recipients who are not users of Gmail and use another mail client. Such users are required to click on a link to access the email sent via the Confidential Mode. This the part which the DHS has claimed to be risky keeping in mind the security of the users. By the method of clicking on links, scammers may drag users to phishing pages which might take data by pretending to be an authentic source. Scammers might also trick users into entering sensitive information by sending a fake version of confidential emails.
Google spokesperson, Brooks Hocog has also said about the matter "The tech giant is committed to protecting the security of users' personal information and hence, had created "machine learning" algorithms to detect potential phishing scams that cybercriminals carry out.”