A person from New Hampshire recently found a security bug on a Google email platform that more than a billion people use. The company is now working on fixing the bug as quickly as possible.
Chris Plummer, a cybersecurity engineer in Manchester, said that last week he got a Gmail message that looked like it came from a confirmed source but seemed strange.
Plummer said, “There was nothing in the message’s body.” “But the message did have a UPS logo that had been added by Google.”
The email also had a proof mark, a new way to show that Google has checked the email address. Plummer said that it seemed more important than most junk mail.
“I almost certainly knew this was a bug in Gmail,” he said. “This could have let strangers pretend to be a well-known company like UPS and trick Google into thinking the message was real.”
Plummer told Google about the mistake. He said that the company initially didn’t care about his concern. But Plummer also posted about his results on Twitter. When his tweet got much attention, the company returned and fixed the bug.
“Google changed their minds completely, which was crazy,” he said. “Someone from Google reached out to me and told me, “Listen, we’re sorry about this; we made a mistake.”
Plummer said this story will show that email scams can affect even the biggest sites.