Search This Blog

Tuesday, July 8, 2008

Pixar's tightknit culture is its edge

link -> Pixar's tightknit culture is its edge

Fighting phishing with eBay and PayPal

link -> Fighting phishing with eBay and PayPal
Posted by Brad Taylor, Software Engineer and Gmail Spam Czar

Phishing messages are a form of spam that attempt to deceive recipients to gain access to their personal information. A classic one is a message that appears to come from PayPal and attempts to get someone's PayPal password in order to drain his or her account. These fraudulent messages often look very official and can fool people into responding with personal information.

Gmail does its best to put a red warning label on phishing messages, but it can be hard for us to know sometimes and we can't be 100% perfect. So, for the fraction of a time when Gmail misses it, you may end up squinting three times and turning the message sideways before suspecting that it's phishing. Wouldn't it be better if you never saw phishing messages at all, not even in your spam folder? Since 2004, we've been supporting email authentication standards including DomainKeys and DomainKeys Identified Mail (DKIM) to verify senders and help identify forged messages. This is a key tool we use to keep spam out of Gmail inboxes. But these systems can only be effective when high volume senders consistently use them to sign their mail -- if they're sending some mail without signatures, it's harder to tell whether it's phishing or not. Well, I'm happy to announce today that by working with eBay and PayPal, we're one step closer to stopping all phishing messages in their tracks.

Now any email that claims to come from "" or "" (and their international versions) is authenticated by Gmail and -- here comes the important part -- rejected if it fails to verify as actually coming from PayPal or eBay. That's right: you won't even see the phishing message in your spam folder. Gmail just won't accept it at all. Conversely, if you get an message in Gmail where the "From" says "" or "," then you'l

Monday, July 7, 2008

Remote sign out and info to help you protect your Gmail account

link -> Remote sign out and info to help you protect your Gmail account
Posted by Erwin D'Souza, Gmail Engineer

Your email account can contain a lot of personal information, from bank alerts to love letters. Email that, I'm sure, you don't always want other people to see. We understand how important your Gmail accounts are to you, so we're adding a new layer of information and control. With this new feature, you can now track your recent sessions and you can also sign yourself out remotely.

If you are anything like me, you probably sign in to Gmail from multiple computers. I, for example, occasionally sign into my Gmail account from a friend's house when I need to check an important email. Usually I remember to sign out, but every once in a while I wonder if I really did. Now I no longer have to wonder.

At the bottom of your inbox, you'll see information about the time of the last activity on your account and whether it's still open in another location:

Using the above example, a quick glance at the footer while I'm at work shows that my account is indeed open in one other location. But I recognize the IP address - it's my computer at home. Turns out I left my Gmail account open when I left home in a hurry this morning.

Your IP address, or Internet Protocol address, is a number associated with your computer when you connect to the Internet. Some of you might want to know your IP address numbers (more info on finding out your IP address below) for an extra layer of control. For others who don't want to think about IP information, you don't need to.

Continuing with the above example, I can see more details about my recent activity by clicking on the Details link:

Featured Windows Download: gAttach Fully Integrates Gmail into the Windows Desktop

link -> Featured Windows Download: gAttach Fully Integrates Gmail into the Windows Desktop