Latest
Iran blamed for cyberattack on UK parliament
When hackers attacked UK parliament email accounts in June, it was tempting to blame Russia. After all, it's been rather busy lately. However, it looks like people were pointing their fingers in the wrong direction. The Times has learned that British intelligence has pinned the campaign on Iran -- it'd be the country's first cyberattack against the UK, in fact. While the actual damage was relatively limited (about 30 Members of Parliament were compromised out of roughly 9,000 total accounts), the intrusion supports beliefs that Iran has become a serious player in cyberwarfare after years of being little more than a target. Officials aren't commenting on the attack, but there are a few theories as to why Iran would take this risk.
Jared Kushner uses private email for White House business
You don't have to be a former presidential hopeful to draw heat over using private email for work. Politico has revealed that presidential senior adviser (not to mention son-in-law) Jared Kushner has been using a private email account to conduct White House business. He has used the account since December to discuss event planning, media coverage and "other subjects" with both key White House members and advisers, including former strategist Steve Bannon, ex-chief of staff Reince Priebus and National Economic Council leader Gary Cohn, among others. The account was set up in December as part of the transition, but it's been in use well since President Trump took office.
Lawsuit claims Trump's election committee used personal email
Back in July, a group of lawyers sued the Presidential Advisory Committee on Election Integrity for failing to share documents, communications and for refusing to make its meetings open to the public. In a new filing on September 5th, the Lawyers' Committee for Civil Rights Under Law plaintiffs say that while the advisory committee has agreed to some concessions around deadlines and document disclosures, members of the governmental group have been using personal email accounts to conduct their business.
Europe rules employers must inform staff of email snooping
A landmark privacy judgement by the European Court of Human Rights (ECHR) could impact the scope of email monitoring in the workplace. The Strasbourg-based court ruled on Tuesday that employers must inform staff if they are spying on their work emails and communications.
Andy Rubin apologizes for Essential's massive privacy mistake
The suspicious email some people who pre-ordered the Essential phone received wasn't a scam or a phishing attempt at all. Andy Rubin, the company's founder, has apologized and revealed that it was a legit email from an account that's gone rogue. In a statement posted on Essential's blog, the Android platform's creator said the company "made an error in [its] customer care function." It seems a customer service rep used a misconfigured account that sent a single email asking for a photo ID and other identifying info to multiple recipients. As a result, around 70 of them ended up sending sensitive info to "a small group of other customers."
Astro's email app packs a virtual assistant you can talk to
Virtual assistants have been quick to invade our phones and our homes — is it any surprise that they're creeping into our email accounts, too? A startup called Astro built a chatbot (imaginatively named "Astrobot") into its email app earlier this year, and now it's taking things a step further: as part of a new update going live today, users can talk to Astrobot when they want to sift through their emails sans hands.
Newton is the rare email app that works great on both Windows and Mac
There are plenty of good third-party Windows email apps out there, but not many of them work across all the platforms you might use. If you're the type of person who jumps between macOS and Windows, Newton (formerly CloudMagic) might be worth a look. Today, the company is bringing its app to Windows -- it should be available on the Windows Store now. With Newton already available on macOS, Android and iOS (not to mention the Apple Watch and Android Wear), it's now one of only a few email apps that works on basically any device.
Gmail for iOS will warn you about visiting phishing links
A few months ago, Google introduced an anti-phishing feature for Gmail on Android after a widespread attack affected millions of users. Now, Mountain View is adding the extra security measure to Gmail for iOS. Sometime within the next 15 days, a warning message will pop up when you click on a suspicious link. It will let you know that the URL you want to access leads to an untrusted site, and it will ask if you're absolutely sure you want to continue.
Microsoft's Outlook.com beta is a smarter inbox with more GIFs
Microsoft already lets you preview versions of Windows and the Xbox interface before they're finished, so why not its Outlook.com email service? Sure enough, you're getting that chance. The company has launched an Outlook.com beta program that gives you a peek at future designs. The first preview is a whopper, too -- it's a significantly updated design that improves both search and your ability to express yourself.
Newton email app keeps things tidy with a Priority Inbox-like tool
If you've wished you had the ability to use Priority Inbox and Tabs features in non-Gmail accounts, well, you're in luck. Newton's Tidy Inbox feature is now available across iOS, Android and Mac devices.
CNN: Email 'prankster' catfished White House personnel
Ready for another story about political emails? CNN reports tonight that a person described as a "prankster" from the UK emailed several White House officials and successfully fooled them into believing he was a colleague. That included a message claiming to be from senior adviser Jared Kushner to Homeland Security advisor Tom Bossert, which teased out a response from Bossert that included his personal email address. The emailer tweets under the handle SINON_REBORN, where he has posted screenshots of the emails.
Microsoft improves conversations and searches in its Outlook apps
Microsoft's mobile Outlook app can be helpful if you want an alternative to your phone's built-in email client, but it doesn't always nail the tasks you handle every day -- say, following an email thread. Thankfully, Microsoft knows it. The company just unveiled updated Android and iOS apps that tackle some of Outlook's navigational issues. It's decidedly better for back-and-forth conversations, for starters. You'll see more of the conversation at once, and tapping on a conversation will jump to the first unread message to help show what you missed. Also, you only need to tap a quick reply box to start a message to everyone in the thread without losing track of the previous conversation.
US military will finally start encrypting soldiers' emails
You'd think the military's email service mail.mil would be more secure than Gmail and other free alternatives, but that's apparently not the case. A Motherboard investigation in 2015 revealed that while it does have systems in place to protect classified messages, it doesn't even use STARTTLS -- a 15-year-old encryption technology that prevents emails from being intercepted in transit. That exposes unclassified emails to surveillance and leaves them vulnerable as they make their way to recipients. Now, after getting a lot of flak over the lack of security, Pentagon says it will finally start encrypting soldiers' emails... but not until July 2018.
Hackers target UK parliament email accounts
After a report from The London Times that the email addresses and passwords of British cabinet members and other government officials were being traded by Russian hackers, it looks like the inevitable next step has occurred: a cyberattack on the UK parliament.
Microsoft's Outlook mobile apps help you edit your contacts
Believe it or not, Microsoft's Outlook app for Android and iOS hasn't let you add or edit contacts -- you've had to turn to your PC or the web for that. At last, though, common sense prevails. As of now, you can add and edit your Outlook.com and Office 365 contacts through the iOS app (Android and Google contacts are "coming soon"). You can go to the People section to add details yourself, or add people from events, messages and your company directory. Also, Outlook lets you save those contacts to your phone's native list so that you won't be surprised when they give you a call.
Phishing campaign alerts DocuSign to customer data breach
A bizarre email address or an obvious misspelling are good indicators that the recent email telling you to reset your Apple ID password isn't what it seems. But there are more sophisticated (and believable) phishing attacks you have to watch out for, like the recent Google Docs scam that linked out to a legit-looking web app. Last week, DocuSign spotted an uptick in phishing emails imitating the company's branding. Being in the business of secure document management, it's not uncommon for DocuSign's name to be on the face of a phishing email; but upon further investigation the firm discovered why this particular campaign was so targeted: It'd been hacked.
Google explains how it's preventing future email phishing scams
That massive Google Docs phishing attack from May 3rd was more than a little disconcerting, but Google is trying to set minds at ease. It just outlined how it responds to this email trickery -- including how it intends to prevent incidents like the one that just wreaked havoc. It's shoring up its defenses by tightening its policies on third party authentication (the Docs attack steered users toward a bogus app using a Google sign-in), refining its spam filtering to target Docs-style campaigns, and more closely monitoring apps that ask for your data.
Now the Android Gmail app keeps an eye out for phishing links
In a particularly timely upgrade, Google is rolling out new protection against phishing links on its Gmail app for Android. According to the notes, when a user clicks on a suspicious link, they'll get a warning like the one shown above revealing that this could lead to a forged website (similar warnings came to web Gmail last year). Interestingly, this wouldn't have done much to mitigate the fake Google Docs invite that went around earlier since that linked to Google's own website. Still, we have more than enough evidence of what havoc can come about as a result of one fake email -- it's good to see Google doing more to protect users.
Beware phishing emails posing as Google Docs invites (updated)
If you received an out-of-the-blue email purporting to share a Google Docs file, you're not alone -- and whatever you do, don't click the link inside. Many people online, including more than a few journalists, have been bombarded with phishing emails (currently from a mailinator.com account) that try to trick you into opening a fake Google Docs link. If you click through and grant a bogus "Google Docs" app access to your Google account, the perpetrators can get into your email. And of course, havoc follows after that -- the app spams email to everyone you've ever messaged, and bypasses Google's usual login alerts (including for two-factor authentication).
'Major scale' malware targets your Mac through email scams
Mac users are increasingly being targeted by malware after years of being relatively safe, and that means they're facing attacks that other users have unfortunately come to expect for a while. Check Point researchers have discovered Dok, the first "major scale" trojan that targets macOS through an email phishing campaign. The bogus messages (usually aimed at European users) are meant to trick you into downloading a ZIP file that, if you launch it, gives the malware control over your system and lets attackers intercept your internet traffic to spy on your activity or impersonate websites. It'll even delete itself when the intruders are done.
