The Verge: The Gmail app takes calls now, too, because Google wants it to do everything. “Google is announcing even more Workspace features today, part of an increased cadence of changes to the company’s office and communications software suite over the past year or so. Today’s announcement is a bit of a milestone, however. Although there is still the smattering of small and coming-soon updates, the bigger change is that Gmail is getting a redesign that reveals its true nature in Google’s eyes: the central hub for every Google communication app.”
Ars Technica: Microsoft Outlook shows real person’s contact info for IDN phishing emails. “This week, infosec professional and pentester DobbyWanKenobi demonstrated how they were able to trick the Address Book component of Microsoft Office to display a real person’s contact info for a spoofed sender email address by using IDNs. Internationalized Domain Names (IDNs) are domains consisting of a mixed Unicode character set, such as letters from both Latin and Cyrillic alphabets that could make the domain appear identical to a regular ASCII domain.”
TechCrunch: ProtonMail logged IP address of French activist after order by Swiss authorities. “ProtonMail, a hosted email service with a focus on end-to-end encrypted communications, has been facing criticism after a police report showed that French authorities managed to obtain the IP address of a French activist who was using the online service. The company has communicated widely about the incident, stating that it doesn’t log IP addresses by default and it only complies with local regulation — in that case Swiss law. While ProtonMail didn’t cooperate with French authorities, French police sent a request to Swiss police via Europol to force the company to obtain the IP address of one of its users.”
Krebs on Security: Gift Card Gang Extracts Cash From 100k Inboxes Daily. “Some of the most successful and lucrative online scams employ a ‘low-and-slow’ approach — avoiding detection or interference from researchers and law enforcement agencies by stealing small bits of cash from many people over an extended period. Here’s the story of a cybercrime group that compromises up to 100,000 email inboxes per day, and apparently does little else with this access except siphon gift card and customer loyalty program data that can be resold online.” Really interesting read.
PCWorld: Beware this new phishing attack that’s after your passwords!. “A classic bit of internet security advice just bit the dust. For ages, email users were told to hover their mouse over a link to see where it led—if you saw the URL of a legitimate website, you were in the clear. But on Tuesday, Microsoft shared details on a kind of phishing attack it’s seeing more frequently: Email with links that contain a known website at the start, but actually redirect to a malicious page.”
Make Tech Easier: 6 Disposable and Throwaway Email Providers You Can Try. “Has your email address become a target for spam and scams? One solution is to create a temporary email address, one that you can use to register, shop, sign up, etc., without worrying about your real, permanent email address getting bombarded with junk. Fortunately, there are plenty of sources for disposable or throwaway email addresses that help you avoid the spam and scams.”
Thunderbird 91 lands: Now native on Apple Silicon, swaps ‘master’ for ‘primary’ password, and more (The Register)
The Register: Thunderbird 91 lands: Now native on Apple Silicon, swaps ‘master’ for ‘primary’ password, and more. “Mozilla’s Thunderbird is a cross-platform, open-source email client. Its future looked uncertain in 2015 when Moz CEO Mitchell Baker said ‘sooner or later paying a tax to support Thunderbird will not make sense as a policy for Mozilla.’ Early last year, though, matters improved, with the formation of a wholly-owned subsidiary, MZLA Technologies Corporation, to manage the project.”
CNET: How to use Apple’s Hide My Email feature to kick spammers out of your inbox. “Some spam is sent with malicious intent, but a lot of it boils down to harmless email clogging up your inbox, creating a cacophony of advertisements you don’t want to see, and plenty of time-consuming work to delete or unsubscribe. Apple is taking aim at email spam with a new tool called Hide My Email, which aims to thin out your inbox by keeping email spam from showing up in the first place.? Note that this is a premium service, not free.
Bleeping Computer: DuckDuckGo’s new email privacy service forwards tracker-free messages. “DuckDuckGo is rolling out an email privacy feature that strips incoming messages of trackers that can help profile you for better profiling and ad targeting. Users of the service get a free ‘@duck.com’ email address that cleans messages of trackers and forwards them to your normal inbox.”
CanIndia News: J&K Police approaches Google for email details of arrested PDP leader Parra. “Jammu and Kashmir Police has approached Google and US authoritiees, asking them to preserve the e-mails allegedly sent by arrested Peoples Democratic Party youth wing President Waheed Parra to Pakistan-based terror groups.”
9to5 Google: New Gmail with Google Chat tabs rolling out for free accounts, here’s how to turn on. “Last year, Google announced that the future of Gmail will see Chat messaging and group Rooms join the existing Meet video calling integration. This is already available to enterprise Workspace users, and Google is now letting personal Gmail accounts get this ‘integrated workspace.’” Isn’t this something GMail had several years ago, or was that a different integrated chat?
Krebs on Security: Fintech Giant Fiserv Used Unclaimed Domain. “If you sell Web-based software for a living and ship code that references an unregistered domain name, you are asking for trouble. But when the same mistake is made by a Fortune 500 company, the results can range from costly to disastrous. Here’s the story of one such goof committed by Fiserv [NASDAQ:FISV], a $15 billion firm that provides online banking software and other technology solutions to thousands of financial institutions.”
Ars Technica: Mimecast says SolarWinds hackers breached its network and spied on customers. “Email-management provider Mimecast has confirmed that a network intrusion used to spy on its customers was conducted by the same advanced hackers responsible for the SolarWinds supply chain attack.”
Politico: The Pentagon had an email security problem. The pandemic fixed it.. “In December, the Pentagon quietly adopted a security measure for ensuring that its email conversations with outsiders would be encrypted — more than a decade after many private companies and other institutions had done the same. Attempts to permanently fix the flaw didn’t gain momentum until last year, when DoD officials realized that the weakness was exposing electronic conversations with a host of civilian agencies and companies developing Covid-19 vaccines.”
MakeUseOf: 5 Free Email Tools to Clean Your Inbox and Make Gmail Better. “The internet has hundreds of social networks, thousands of chat apps, and millions of ways to connect with people, but good old email isn’t going anywhere. Your email inbox still rules your personal and professional life, so it’s in your best interest to learn all the tips and tricks to get the most out of email. The good news is that all you need are a few free apps and browser extensions.”