Spammers managed to circumvent Gmail spam filter
Since Saturday, Gmail help forum filled up with the reports of concerned users claiming that their accounts were hacked and currently being in use for distributing spam. The massive users' commotion started when Gmail users with accounts secured by two-factor authentication revealed spam emails from via telus.net concerning themes like weight loss, supplements, loans, and similar. According to Gmail spam witnesses, the emails reside in the Send folder.
My email account has sent out three spam emails in the past hour to a list of about ten addresses that I don't recognize.
Password change does not help to stop a host of spam emails
Gmail spamming has been somewhat common and repeatedly occurs once or twice a year. In fact, Google has a well-developed track record of filtering spam, which, for the most part, allows Gmail users forget about spam.
However, it turns out that spammers managed to evade Gmail spam detection filter by exploiting a yet unknown glitch. The most alarming factor is that the Gmail inbox spamming affected accounts, or most of them, have two-factor authentication enabled. It means that the secured accounts, in this particular case, became a target and a downside.
According to witnesses, password change does not solve the problem. The intrusive spam emails were sent to the account making the users helpless:
I changed my password immediately after the first one, but then it happened two more times.
Gmail spamming 2018 creates an impression as if the users send spam messages to themselves
The current spam campaign is not a typical one since all malicious emails lie in the “Sent” folder. Each email is being sent by the user with a Me marked along with the profile icon. The subject line was reported to contain catchy slogans like “Easy way to lose weight,” “Loose weight in two weeks,” “Increase hair growth with this miraculous product,” and similar.
Despite the fact that the Gmail's spam emails seem to be sent by “Me,” opening the email reveals the telus.net to be the distributor.
As a response, Google released an official statement claiming that the misleading emails have nothing in common with TELUS, which is a Canadian national telecommunications company providing wireless and Internet services, as well as TV and Home Phone services.
TELUS spokesperson also responded to the issue rejecting the accusations of a planned Gmail account attacks and emailed spamming.
We are working with our 3rd party vendors to resolve the issue, and are advising our customers not to respond to any suspicious emails.
Google acknowledged the mysterious Gmail spamming on Twitter
The first reports about Gmail users supposedly spamming themselves occurred on Saturday. Google was quick to respond to the issue on Twitter:
We are aware of a spam campaign impacting a small subset of Gmail users and have actively taken measures to protect against it. This attempt involved forged email headers that made it appear as if users were receiving emails from themselves, which also led to those messages erroneously appearing in the Sent folder. We have identified and are reclassifying all offending emails as spam, and have no reason to believe any accounts were compromised as part of this incident.
According to a researcher Renato Marinho, the culprit of the issue may be that Gmail does not filter emails that come from spoofed but still valid addresses.
While the company is under investigation of the vulnerability that crooks might have exploited, Google warns Gmail users to be cautious and report any suspicious email as spam. For this purpose, the user has to open Gmail, find suspicious email or emails, mark them, and click the button “Report spam.” If you have more questions regarding Gmail emails, please visit Help Center.