Improved attachment compliance in Gmail

As a G Suite administrator, one of your most important jobs is to keep your organization’s data from falling into the wrong hands. Gmail Data Loss Prevention (DLP) helps you do just that, by allowing you to scan and systematically take action on your users’ inbound and outbound email traffic. With this launch, we’re improving that capability, specifically in the area of attachment compliance.

Previously, when you specified a custom* file type to search for in Gmail attachments, we only scanned the message’s MIME header for the attachment’s filename extension. This meant that if a sender renamed their attachment’s extension, it might not be flagged. Now, if you check the “Also match files based on file format (supported types)” box, we’ll also scan the contents of the attachment to determine its file type (provide it’s one of several supported types).

This will improve attachment compliance and further prevent data loss in your organization. To learn more about setting up rules for attachment compliance, check out the Help Center.

Google Station Wi-Fi Goes Paid at Select Rail Stations With Free High-Speed Access Restricted to 30 Minutes

HIGHLIGHTS

Google is testing paid access option at some rail stations

The ad-free, paid model sits alongside the default free model

Free (with ads) high-speed access restricted to 30 minutes

Two years after it started offering high-speed Internet access for free at select railway stations across India, Google has now started testing a paid model of the Google Station programme. The programme was started as a trial at Mumbai Central in January 2016 and officially launched in collaboration with state-owned telecom infrastructure provider RailTel at 53 railway stations in the country in September 2016, is planned to reach as many as 400 stationsthis year. While its initial model was monetised by ads, Google had indicated to Gadgets 360 last year it was open to monetising the service in different ways, and with the latest move, it has done just that.

As spotted by a Reddit user, the Google Station programme at various railway stations in Mumbai is charging Rs. 19 to offer high-speed internet access for 24 hours. The premium option includes unlimited data that can be accessed from any supported stations across the region, as seen from the screenshot provided by the Redditor. A screenshot shared by another Reddit user shows a Rs. 149 plan valid for 1 week of access. However, there is also the default free option that reduces the data speed after 30 minutes of high-speed access. Like before, the free option also comes with an ad that appears on the login page.

A Google spokesperson confirmed the development in a statement to Gadgets 360. “We are currently testing a paid offer, although there will always be a free option [with ads]. From the beginning, we have said that the long-term goal for RailTel Wi-Fi service was to make it self-sustainable, and a paid model is an important part of that,” the spokesperson said.

The service was piloted at Mumbai Central railway station under RailTel's RailWire initiative to offer free Wi-Fi service back in January 2016. But in September that year, Google expanded the initial tie-up with RailTel and launched Google Station as its native programme to deliver high-speed internet access to a bunch of railway stations in India. The programme attracted a large number of passengers due to its free model. At Google for India 2017 last month, Google's Next Billion Users (NBU) Vice President Caesar Sengupta highlighted that over 7.5 million users leveraged Internet access through Google Station in the country.

Google Station presently provides Internet access at 227 stations across the country, with 22 stations going live last month. With this, the project is on track to hit the milestone of 400 stations - Google had indicated for the end of this year. Google is also expanding the programme beyond railway stations and partner with new ISPs. Similarly, there are plans to bring the high-speed internet model to educational institutions and universities going forward.

Android Malware Targets 232 Banking Apps Including Indian Banks: Quick Heal

HIGHLIGHTS

Malware is known as Android.banker.A9480

Android banking trojan steals login ID, password, SMS, contact lists

Not only banking apps, but cryptocurrency apps affected too

An Android malware is reportedly targeting over 232 banking apps including a few banks in India. The Trojan malware, named 'Android.banker.A9480', is designed to steal personal data from users, Quick Heal Security Labs reports. Similar to other banking malware, this one also sneaks into login data, SMS, contact lists and uploads them to a malicious server. Additionally, apart from the banking apps, this Trojan also targets cryptocurrency apps present on a user's phone.

Quick Heal lists the Indian banking apps that are targeted by the Android banking Trojan malware: Axis mobile, HDFC Bank MobileBanking, SBI Anywhere Personal, HDFC Bank MobileBanking LITE, iMobile by ICICI Bank, IDBI Bank GO Mobile+, Abhay by IDBI Bank Ltd, IDBI Bank GO Mobile, IDBI Bank mPassbook, Baroda mPassbook, Union Bank Mobile Banking, and Union Bank Commercial Clients. 

Android.banker.A9480 malware gets circulated via a fake Flash Player app on third-party stores, Quick Heal said. The Flash Player app is a popular target for cybercriminals due to its prevalence. Once users download the malicious application, they get several prompts to activate administrative rights. The app sends numerous pop-ups to victims until the administrative privileges are activated, the report added.

Once the app is installed on a smartphone, the icon gets hidden when the user taps on it. The malicious app keeps working in the background while checking for one of the 232 banking apps. Further, if the app finds one of the targeted apps, it sends a fake notification that resembles the banking app. When users open the notification, they get a fake login window that is then used by the attackers to extract confidential data like login ID and password.

As per the blog posted by Quick Heal, the malware can process commands like sending and collecting SMS, upload contact list and location, display fake notification, accessibility and GPS permission, and more. Since the malware can intercept incoming and outgoing SMS from an infected smartphone, it is also able to bypass the OTP based two-factor authentication on the user's bank account.