Skip to main content

Homeland Security is worried about Gmail’s confidentiality mode

Image used with permission by copyright holder

One of the most intriguing features in the 2018 update of Google’s Gmail service was confidentiality mode. While it might improve the security of email contents for some users though, the Department of Homeland Security (DHS) is concerned that it could lead to more users than ever before being caught out by phishing scams.

Confidentiality mode works by not sending the actual contents of an email, but sending an email with a link to said content and requiring a password to access. The idea is that users can protect the data they’re trying to communicate with someone on the other end. While that sounds fine in theory, in practice it means clicking on links within emails, which any security expert will tell you is fraught with danger and it’s where phishing hackers make the bulk of their attacks.

Recommended Videos

A couple of months on from Google’s early rollout of confidentiality mode and other new features, the DHS has been in contact with the tech giant to try and work on a solution to the problem. Google’s response, according to ABCNews, has been to say that it believes no additional security risks have been created with the implementation of the new feature.

Please enable Javascript to view this content

That may well be the case for Gmail users, who experience a typical email scenario when receiving confidential emails. However, should that email be sent to someone outside of the Google sphere of influence, a placeholder message and link to the original content is provided instead. According to the DHS, that “presents an opportunity for malicious cyber actors to mimic the email message and phish unwary users.”

Google claims that it has a stellar track record in blocking phishing attempts, suggesting that as many as 99.9 percent of all attempts are caught out by its machine learning and image scanning technologies. However, the potential threat with confidentiality mode isn’t in phishing attacks targeting Gmail users, but in going after those outside of Google’s services. By sending links in emails, Google could be setting a precedent that makes people less wary of unsolicited emails containing links that they need to click.

Keeping away from email links is just one of the many top tips for staying safe online.

Jon Martindale
Jon Martindale is a freelance evergreen writer and occasional section coordinator, covering how to guides, best-of lists, and…
Gmail client-side encryption adds security for businesses
Google services (YouTube, Gmail, Chrome, Duo, Meet, Google Podcasts) icons app on smartphone screen.

Google has made client-side encryption (CSE) available for a number of its Workspace applications after introducing the function in beta mode last December.

Detailing the feature in a blog post on Tuesday, Google announced that client-side encryption would allow professional users to send data in Gmail and Calendar apps in such a way that no one except those in the organization and the recipients can access or read the content. Google as an entity is not even able to access data sent or created through Gmail or Calendar as it would be encrypted before reaching its servers. This is yet another way Google is using AI to the benefit of customers the brand said.

Read more
Searching for emails in Gmail is about to get much faster
A Macbook with Google Chrome opened to a Gmail inbox.

Gmail will soon use machine learning to optimize its search profile and yield better results in its email client. The brand detailed on its Google Workspace Updates blog that it has developed a new machine learning model that will be able to identify the intent of email searches and deliver more contextual results.

It is also expected to be able to create personalized suggestions based on prior searches.

Read more
Gmail is getting a major visual change, but you can opt out
A Macbook with Google Chrome opened to a Gmail inbox.

Gmail has a new look, which brings together Chat, Meet, and other Google apps in a single navigation pane for easier access. The new look is rolling out to a wider audience starting today, but if you don't like it, you can easily revert back to classic Gmail.

First announced in January, the new Gmail layout is different from the classic layout since it eliminates the need to use different tabs for various Google apps. These get combined into one area in a list view at the top left of the screen, removing it from underneath your inboxes. You can specify which apps you want to include in the new view, or keep to a Gmail-only configuration. This is intended to help you get work done faster, but switching back to the old style is made easy, too.

Read more