Pretend to be Someone Else in Android’s Gmail App

Earlier this week, an independent security researcher by the name of Yan Zhu discovered that it was possible for a user to make their email look like it was sent by someone else using Google’s Gmail app on Android devices. I know what you’re thinking, that this is a perfect opportunity for unwanted and dangerous phishing emails, and you’d be 100% correct.

Yan decided to reach out to Google telling the about the bug in their Gmail app and received a reply shortly after from the company saying that it wasn’t a security vulnerability (screenshot below).

1447444003426424.jpg

Fast forward only four days later and an article pops up on the same website where I found this information saying that “Google is working to fix an unusual bug that allows anyone to pretend to be someone else in the Gmail app for Android, after the company initially dismissed it as ‘not a security vulnerability.'” I personally think it’s quite strange that a tech giant like Google would take lightly to this situation in the first place.

This would have most likely been addressed by Google immediately if only someone pretended to be Larry Page or Sergey Brin using this simple exploit. Now that would have been great.

Source 1, Source2

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s