---

Simple Gmail Spoofing Leaves Users Open To Targeted Attacks

Gmail shows no warning as it delivers legitimate-looking spoofed emails seemingly coming from an existing Gmail.com address, even though they come from a non-Gmail server. This fact can be misused by attackers who want to trick their targets into clicking on a malicious link or download a malicious attachment, as the likelihood of them doing so rises considerably if the spoofed email seems to have been sent from a known sender.