Here’s the latest invention from the Gmail labs team: a verified accounts key to help distinguish spam from a legit email. Last year, Gmail started filtering spam from fake eBay and PayPal emails, requiring actual verification from the source that an email was being sent from ebay.com. Anything that can’t be verified is rejected.
Not many people were aware of this feature, says the Gmail team, so they decided to create an actual icon for a verified account so people would recognize an email address that’s legitimate. If you turn on “Authentication icon for verified senders” from the Labs tab under Settings, you’ll start to see a key icon next to verified emails that are “super-trustworthy.”
What does “super-trustworthy” mean? Brad Taylor, Gmail’s Spam Czar, says the term includes several situations: 1. when the the sender, usually a financial institution, is a target of phishers, 2. all of the sender’s email is authenticated with DKIM, and 3. Gmail rejects any fake messages that claim to come from this sender, but actually don’t.
Gmail says that because of the arduous process for senders to make their email super-trustworthy, the feature is currently limited to just eBay and PayPal. Gmail hopes to add more senders in the future, making the key icon a more widely used and recognizable symbol for verified accounts.
oh word?
Isn’t this old news? Its been out for atleast 2 weeks i think. Nevertheless, its a very useful tool… thanks google.
I don’t know when it was added to labs but Google only announced it today. http://gmailblo...orthy-anti.html
Yahoo! Mail had this exact feature since forever…. Gmail is only playing catch up here.
Hotmail has a slightly different method of specifying “verified accounts”, but they also has had it on their UI for at least the last 5 years.
Google is playing catchup to Yahoo?
I think not. Google is leaps and bounds past Yahoo.
Google offers FREE for what Yahoo chargers its customers for.
Just look here, http://overview...ements/mailplus
“Enhancements” Yeah… Okay.
yes i think it’s a old news .because i saw it before .i don’t it’s true or not .
Anything to fight spam is appreciated. Spam and phishing.
This is a great addition to any gmail address as it will enable you to distinguish from possible fraudulent sites and has saved me from clicking on certain sites. When a site is flagged by google a message states this site is a possible fake.
Great work google and keep up the good work techcrunch. G
I’m sure I’m missing something, but wouldn’t people just emulate the visuals of the key and still phish people?
You can’t put images into your name or subject lines as far as I know, and the screenshot implies that is where the key is found. So no they can’t emulate it.
How do you think someone could go about emulating this key icon next to the subject of someones email in gmail?
I guess if they could get you to install some type of script, then someone could potentially fake the icon I suppose.
If they could get you to install a script, they’re already ON your PC, they can get all the information they need by monitoring your web access and keystrokes and not need to resort to this sort of trickery to get your information.
They say the international versions of the domains should be verified too, but I have a hoard of emails from service@paypal.co.uk, none of which have the verification. At least I can send them some feedback on that.
YAY an icon for DKIM !
more email should in my opinion be signed
trust can then be built but first you must have a way of authenticating a email is actually from who it says (and DKIM does this )
Great Stuff !
regards
John Jones
“Here’s the latest invention from the Gmail labs team”
Invention? The other Webmail folks have already implemented this. Do some research please before posting an article.
thanks for the insight guys the phishers are right now working on how to piss you better….
Anyone know if Google charges eBay/PayPay to deliver “verified” messages? If so, it brings to mind services from Goodmail launched a few years ago. Google might be getting an attaboy while Goodmail and its ISP partners were heavily criticized.
Such services have value: end users see far less spam and have more confidence in messages from their merchants, Google and the ISPs save tons by killing spam at the border *and* they become more of a trusted provider for their customers, and retailers are assured that messages to their customers are delivered. Seems like a win/win/win.
What happens if Google screws up and accidentally authenticates a phisher, leading to ID theft. Can they be sued?
Only if you have turned the beta label back on from the labs.
Why is this an opt-in feature? Shouldn’t they just roll it out to the main set of features?
Of course, I just went and turned it on (just the fact that it has PayPal on the list of two was enough)