This happens with many online services, and Gmail is no exception once the access threshold is crossed, that is, logged in, the user can perform almost any actionincluding those that may be at risk. It is true that, for example, to change the password or to set up some means of restoring the account, it is usually necessary to re-authenticate, but in the rest of the cases we are practically talking about an open bar.

This makes sense, which is to make these actions easier for the user, but the truth is that we are not talking about operations that are usually performed on a regular basis. And even translates into avoidable risksomething to consider in times like these, when cybercrime is stronger than ever and with a distinct trend to only increase in the future.

The email inbox is undoubtedly a very sweet target for these cybercriminals, so putting measures in place to guarantee permanent access to their content, mailbox access or not, is something that those responsible for said services must prioritize. And the good news is that Gmail has taken note of this threat and as a result has started rolling out substantial improvements to deal with this threat.

So as we can read on the official Google Workspace blog, Gmail starts asking for user authentication when they try to make certain settings in their email account. That is, the systemevaluates the session attempting to perform the action and displays a “Verify it’s you” message if it’s considered compromised«. Of course, this makes us think that authentication will not need to be done 100% of the time, but will be activated when something suspicious appears in the system.

These are, as we can read, the actions for which this new method of enhanced security has been introduced:

• filters : Create a new filter, edit an existing filter, or import filters.
• forwarding: Add a new forwarding address from the Forwarding and POP/IMAP settings.
• IMAP access: Enable IMAP access status from settings.

The common denominator of these actions, as you may have already deduced, is that can be used to gain access to mailbox contents without necessarily accessing the account compromised by said actions. To give a clearer example: if I access a Gmail session with an open session (that is, another person), I can configure automatic forwarding of messages that come into it to another account that I specify. The risk it brings is more than obvious.