Gmail expands BIMI indicators to include a verified icon

Gmail was one of the first mailbox providers to support BIMI in 2021. Now, two years later, they are building upon that foundation and have announced that they’ve added a verified checkmark and an informative tooltip for senders who have BIMI deployed with a VMC. 

This verification will allow users to easily distinguish between a certified BIMI logo, and a fake Google Account profile icon, which can be easily abused by an attacker.

“Strong email authentication helps users and email security systems identify and stop spam, and also enables senders to leverage their brand trust. This increases confidence in email sources and gives readers an immersive experience, creating a better email ecosystem for everyone.”

Google

Get VMC verified and reap the benefits – or risk falling behind

With Google’s full support and enhanced visual clues for VMC-authenticated senders, Apple pioneering “digitally verified” messaging last fall, and Yahoo’s existing verification icons, these developments present an even stronger incentive for businesses to implement DMARC at enforcement and BIMI with a VMC. 

Red Sift’s award-winning DMARC solution, OnDMARC, is the only product on the market to offer an integrated, one-stop BIMI certification journey. Via Entrust, Red Sift has issued more VMCs than any other DMARC provider. 

Through our partnership with Entrust, we’re creating more value by enabling organizations to manage their logo and obtain VMCs from Entrust directly through OnDMARC. As a result, it’s easier than ever for brands to ensure a safe, immersive experience for recipients of their outbound emails.

Find out more about BIMI on our free BIMI resource page or get in touch today to book your free consultation with the team, and get started on your journey to better email with BIMI.

PUBLISHED BY

Faisal Misle

3 May. 2023

SHARE ARTICLE:

Categories

Recent Posts

VIEW ALL
DKIM

The hidden threat: How misconfigured DKIM enables replay attacks

Red Sift

Email authentication isn’t just an IT concern. It protects your brand and customers. A single misstep can let attackers spoof your domain, send phishing emails, and destroy customer trust. One of the most dangerous methods? The DKIM replay attack. In this post, we’ll break down how undersigned DKIM keys and related misconfigurations open your…

Read more
BIMI

Why DMARC and BIMI are a business priority

Jack Lilley

Email threats aren’t slowing down, and neither should your authentication strategy. In our recent joint webinar with Marigold, “From DMARC to BIMI: Navigating the New Email Authorization Landscape,” we broke down what today’s evolving standards mean for both security and marketing teams—and how to take action now with our free Red Sift Investigate tool.…

Read more
ASM

Zoom stops zooming: Why active monitoring is essential

Billy McDiarmid

​On April 16, 2025, Zoom experienced a significant global outage that disrupted video conferencing services and access to its website for thousands of users, as well as their corporate email for all their employees. It was quickly identified as a domain name registration status problem. Despite being a critical name for Zoom, somehow, the…

Read more
DMARC

Why DMARC matters: Protect your organization from evolving phishing threats

Jack Lilley

Phishing campaigns continue to change. Attackers are adapting faster than traditional security tools, using more subtle methods to bypass filters and reach inboxes. The latest KnowBe 4 Phishing Threat Trends Report (2025) shows a steady increase in attacks that slip through email security platforms and a growing use of techniques that avoid detection, increasing…

Read more