Pin Me

Google's Gmail exhibits flaw in its privacy system

written by: richmonjames•edited by: Aaron R.•updated: 7/3/2008

While Gmail is often regarded as the most proficient email system on the market, a new research conducted by the Information Security Research Team reveals a major flaw in its employment.

  • slide 1 of 1

    If you’ve been following the online industry for a substantial length of time, you probably have witnessed the extensive development of the Google organization. Google has progressed from a basic start-up search engine to an efficient, multi-channel online service provider. As the current zenith of online activity, Google has consistently endowed consumers with magnanimous service, one of which has evolved into one of the most proficient network mailing systems.


    Gmail, a Google email service which contends with more entrenched systems such as Yahoo Mail and Hotmail, has demonstrated its attractiveness, progressing from a start-up into a stand-out service in only a couple of years. Google launched Gmail as a simple beta email provider, though it always presented a glimpse of where it wanted the service to end up. Though Gmail has now surpassed this experimental phase, it still exhibits apparent difficulties in its employment. Presumably, it may seem improbable to expect a quality organization such as Google to maintain a product with prominent privacy defects; but recent reports confirm such a problem in the Gmail service.

    According to the research conducted by the Information Security Research Team (INSERT)1, this particular defect leaves Gmail rather susceptible to spammers, opening a new critique of Gmail’s user security system . This method of attack allows a spammer to contact the system as a “middle man”, dispatching promotion messages in bulk via Google SMTP in a relatively unidentifiable fashion. Through a loophole, the attack evades the safeguards in place for identity frauds, permitting the deployment of unlimited spam communications.

    This issue is a potential hindrance, contributing to an increase in spam. Currently, the amount of spam being sent by email providers is approaching %95 of total email traffic. Gmail’s deficiency only adds to this issue, creating an effortless exchange for spamming. In addition, the ambiguity creates an easy technique for identify thieves and hackers -- an impasse which can result in a fury of online mayhem.

    In connection with Gmail’s high regard in the communications industry, many providers are deficient in the detection of fraudulent messages from Gmail accounts. While spam is often blacklisted out of inbox mail, Gmail is generally considered a legitimate source of professional communication. Even if mail sent from a Gmail account is fraudulent, the messages are often missed by spam scanners.

    Google has already commenced its course of action in regards to the presented situation.  And while Google will likely resolve the issue brusquely, the dilemma still presents a potential problem for future communication markets. In many occasions, while a loophole may be secured, the error opens up prospective for a continuum of analogous issues. Operators and clients alike should take heed of this concern, as it may likely serve as a platform for prospective email frauds.  

    1.        For more information on research conducted by the INSERT agency, visit -htp://