With the Gmail redesign, scammers could send out fake versions of confidential email alerts and trick users with a dangerous phishing scam. "It's the Confidential Mode which is at the centre of security fears," Express.co.uk reported on Saturday.
The Department of Homeland Security (DHS) reportedly issued an alert on the “potential emerging threat...for nefarious activity” with the Gmail redesign.
"We have reached out to Google to inform them of intelligence relevant to their services and to partner to improve our mutual interests in cybersecurity," Lesley Fulop, DHS spokesperson said. Central to these fears was the new "Confidential Email" feature that can require users to click a link in order to access these messages.
If you're a Gmail user using the official Google Mail website then the "Confidential Email" appears when you click to open it. It shows a date for when the content will expire and informs the users that the email can't be forwarded or downloaded.
However, it’s different if you’re a Gmail user viewing the message in a third-party client or a non-Gmail user who receives a confidential email. In those cases, instead of the message appearing in their browser, users have to click a button to view the email. And this is where the security fears lie.
ABC News reported the DHS warned this feature created an opportunity where "malicious cyber actors could exploit the recent Gmail redesign." Scammers could send out fake versions of confidential email alerts and trick a user into entering sensitive details.
