1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Protecting Gmail in a global world

Discussion in 'Google Online Security Blog' started by RSS, Mar 24, 2015.

  1. RSS

    RSS New Member Member

    [​IMG]
    Last week we announced support for non-Latin characters in Gmail—think δοκιμή and 测试 and みんな—as a first step towards more global email. We’re really excited about these new capabilities. We also want to ensure they aren’t abused by spammers or scammers trying to send misleading or harmful messages.

    Scammers can exploit the fact that , , and ο look nearly identical to the letter o, and by mixing and matching them, they can hoodwink unsuspecting victims.* Can you imagine the risk of clicking “ShppingSite” vs. “ShoppingSite” or “MyBank” vs. “MyBɑnk”?

    To stay one step ahead of spammers, the Unicode community has identified suspicious combinations of letters that could be misleading, and Gmail will now begin rejecting email with such combinations. We’re using an open standard—the Unicode Consortiums “Highly Restricted” specification—which we believe strikes a healthy balance between legitimate uses of these new domains and those likely to be abused.

    We’re rolling out the changes today, and hope that others across the industry will follow suit. Together, we can help ensure that international domains continue to flourish, allowing both users and businesses to have a tête-à-tête in the language of their choosing.

    Posted by Mark Risher, Spam & Abuse Team

    *For those playing at home, that's a Myanmar letter Wa (U+101D), a Gujarati digit zero (U+AE6) and a Greek small letter omicron (U+03BF), followed by the ASCII letter 'o'.
    [​IMG]
    [​IMG] [​IMG]

    Continue reading...
     

Share This Page