Using Gmail "Dot Addresses" to Commit Fraud

2019-02-06 16:24

In Gmail addresses, the dots don't matter. The account "[email protected]" maps to the exact same address as "[email protected]" and "[email protected]" -- and so on. (Note: I own none of those addresses, if they are actually valid.) This fact can be used to commit fraud: Recently, we observed a group of BEC actors make extensive use of Gmail dot accounts to...

News URL

https://www.schneier.com/blog/archives/2019/02/using_gmail_dot.html

#fraud #gmail