Google and their email service, Gmail, have become the gold standard services for both individual and some company accounts. As a global corporation, Google has maintain levels of excellence that have not been surpassed by many and the additional features such as Google Map has made them the most popular in most of South Africa. However, with the advent of such a giant, there will be perpetrators that take advantage of the wave of success. In the last number of years, the addition of the Gmail virus has instituted a new level of cyber-attack.
Gmail virus attackers have taken on a few ways to hijack a Gmail account. One of the most prevalent is the Gmail Filter Virus that makes use of the user ‘filter’ feature. This feature is an automated function for email message handling and the virus targets the settings of the filter, adding and changing the rules that are used for incoming email messages. The virus and many like it will process a specific SPAM message that they send, mark it as ‘received and read’ and will skip the inbox and instead use the recipients address book to send the message out to all of the address recipients. It will then delete the message from the ‘sent’ area, thereby accomplishing a sent message without any trail. The process occurs simply by logging into the Gmail account from any infected computer.
The various Gmail viruses usually focus on getting SPAM mail out without detection and not collecting any personal identity from the originating computer. While this may be the case in some situations, the evolution of the virus attacks are also creating an environment that includes more sophistication. As data collection continues to be elevated as a valuable commodity, the collection and then sale of personal data is the next level of execution for both the originating computer and from those that are then infected through the receipt of the virus.
Gmail viruses are becoming more popular throughout all countries and Google has stepped up their own security protocols with the addition of the Gmail Antivirus Scanner in 2005. The software scans all attachments in an email, including analysis for viruses as well as Trojans, spyware or hazardous code. If one is found, the software will attempt to fix, however if this is not possible, it will not allow the Gmail account user to download the attachment. The down side is that the software does not have the ability to read all files and in that case will offer the user a ‘warning’, which allows the user to have the option of downloading.
The popularity of Gmail accounts equates to the fact that staff members can inadvertently send any Gmail viruses to their company email account. While some IT Departments have set up security analysis programs for all incoming and outgoing emails, this is not necessarily the case for all. If the virus enters the corporate email file server, it can potentially send out the virus to all company contacts; and this can be devastating for a company.
Sharon Knowles, CEO of Da Vinci Forensics says:
‘Da Vinci Forensics works closely with IT Departments to examine and analyze all of the internal security protocols to assist in negating the accidental receipt and distribution of Gmail and other email viruses. This is part of our ‘damage control’ expertise that allows clients to understand and take action against dangerous email contained viruses and maintain company integrity.”