Google Inbox spoofing vulnerability lets attackers fake email recipients HTC...

Google Inbox spoofing vulnerability lets attackers fake email recipients HTC... xda-developers Apr 29, 2018 9:00 AM • by Max Weinbach Google Inbox spoofing vulnerability lets attackers fake email recipients Be careful what you click on. Eli Grey is a security researcher who has found a vulnerability in Google Inbox allowing for an attacker to create a mailto link that spoofs the recipient of an email. He found this vulnerability on May 4th, 2017, almost a year ago, and reported it to Google privately. After following up on March 16th of this year and the bug still being unresolved, he decided to publicly disclose this vulnerability. What happens is that generally, mailto links are used to automatically populate the content of an email to save users some time. We use a mailto link on our tip page to make it easier for users to send us a tip. Email clients such as Gmail or Google Inbox are supposed to parse these links and pre-compose the email draft with whatever information is present in the mailto link. For example, you could click a link to send PayPal customer support an email and it would show support@paypal.com in the outgoing recipient box. What Eli Grey discovered is that you can construct a mailto link to spoof the email recipient in Google Inbox. This means that even though the draft email might say you are sending an email to support@paypal.com, it could be sending it to an entirely different address. The only way you would know is if you inspected the mailto link or expanded the "to" field before sending the email. As an example, this mailto link will place support@paypal.com in the "to" box but if you actually send an email here it will instead go to scammer@phishing.fakewebsite (obviously not a real email address.) Fortunately, this vulnerability doesn't seem to affect Gmail or Outlook, so if you use those services you don't have to worry. Regardless, this is a prime example of why you should always inspect the links to anything you are about to click. Last year, a very clever Google Docs phishing scheme rocked the world because of how convincing it was to even most observant technologically savvy users. Avoiding a repeat of these schemes requires being vigilant, and never becoming too comfortable when it comes to your own personal security. Android Advices Apr 9, 2018 7:02 PM • by Pavan Kumar B.C HTC U12+ specifications leaks online with 8GB RAM and f/1.5 aperture camera Earlier HTC U12+ images leaked with dual front and rear camera setup and now, detailed specifications of this upcoming flagship device have revealed many of its hidden features. The handset is expected to become official early next month and is also expected to score 110 points on DXO mark surpassing the Huawei's P20. The smartphone will be coming with features like Edge Sense 2, USonic with Active Noise Cancellation, 3D audio recording, HTC BoomSound, and Hi-Res audio playback. The U12+ from HTC will be IP68 rated for water resistance and also supports Qualcomm Quick Charge 4+ along with Wireless charging technology. According to the rumored specifications, it will be featuring a 5.5-inch Quad HD+ (2880 x 1440 pixels) Super LCD 6 display with Corning Gorilla Glass 5 protection on top. Under the hood, there will be an Octa-Core Qualcomm Snapdragon 845 SoC coupled with Adreno 630 GPU and 8 GB of RAM. The onboard storage is limited to 128GB which can be extended further up to a maximum of 2TB via microSD card slot. It will come out of the box with Android 8.0 Oreo with HTC Sense UI. There are 12MP HTC UltraPixel 4 rear cameras with f/1.5 aperture dual LED flash and OIS and a secondary 16MP rear camera. There will be an 8MP + 8MP dual front camera set for better selfies. It will come with connectivity options like 4G VoLTE and Bluetooth v5.0, GPS, A-GPS and more. Apart from there are other features like USB-C audio, HTC USonic with Active Noise Cancellation, HTC's BoomSound Hi-Fi edition, Hi-Res audio certified, USB Type-C and NFC. There is a 3420mAh Qualcomm Quick Charge 4+ fast charging battery also to power the handset. Are you excited to see this device? Do you own any devices from HTC previously? Comment in the section below and stay tuned to Android Advices and we will get back with more news and updates on the same. Via This email has been sent by Froze ONE (isnanmm0@gmail.com). It is the potion result of 'Tech: Topic watch' from the dashboard 'Personal Dashboard', tab 'Tech > Android'. Unsubscribe © Netvibes 2005-2018 | Terms of service | Privacy Policy Find Netvibes also on: Facebook Twitter Google+ Flickr

Share on Facebook

Share on Twitter

Share on Google+

Share on LinkedIn

Subscribe to receive free email updates: