Gmail expands BIMI indicators to include a verified icon

Gmail was one of the first mailbox providers to support BIMI in 2021. Now, two years later, they are building upon that foundation and have announced that they’ve added a verified checkmark and an informative tooltip for senders who have BIMI deployed with a VMC. 

This verification will allow users to easily distinguish between a certified BIMI logo, and a fake Google Account profile icon, which can be easily abused by an attacker.

Screenshot of Google’s new checkmark and tooltip

“Strong email authentication helps users and email security systems identify and stop spam, and also enables senders to leverage their brand trust. This increases confidence in email sources and gives readers an immersive experience, creating a better email ecosystem for everyone.”


Get VMC verified and reap the benefits – or risk falling behind

With Google’s full support and enhanced visual clues for VMC-authenticated senders, Apple pioneering “digitally verified” messaging last fall, and Yahoo’s existing verification icons, these developments present an even stronger incentive for businesses to implement DMARC at enforcement and BIMI with a VMC. 

Red Sift’s award-winning DMARC solution, OnDMARC, is the only product on the market to offer an integrated, one-stop BIMI certification journey. Via Entrust, Red Sift has issued more VMCs than any other DMARC provider. 

Through our partnership with Entrust, we’re creating more value by enabling organizations to manage their logo and obtain VMCs from Entrust directly through OnDMARC. As a result, it’s easier than ever for brands to ensure a safe, immersive experience for recipients of their outbound emails.

Find out more about BIMI on our free BIMI resource page or get in touch today to book your free consultation with the team, and get started on your journey to better email with BIMI.


Faisal Misle

3 May. 2023



Recent Posts


The best tools to protect yourself from SubdoMailing

Francesca Rünger-Field

In late February 2024, ‘SubdoMailing’ became a trending search term overnight. Research by Guardio Labs uncovered a massive-scale phishing campaign that had been going on since at least 2022. At the time of reporting, the campaign had sent 5 million emails a day from more than 8,000 compromised domains and 13,000 subdomains with several…

Read more
Product Release

Red Sift’s Spring 2024 Quarterly Product Release

Francesca Rünger-Field

This early into 2024, the cybersecurity space is already buzzing with activity. Emerging standards, such as Google and Yahoo’s bulk sender requirements, mark a new era of compliance for businesses reliant on email communication. At the same time, the prevalence of sophisticated cyber threats, such as the SubdoMailing campaign, emphasizes the continual hurdles posed…

Read more

Navigating the “SubdoMailing” attack: How Red Sift proactively identified and remediated a…

Rebecca Warren

In the world of cybersecurity, a new threat has emerged. Known as “SubdoMailing,” this new attack cunningly bypasses some of the safeguards that DMARC sets up to protect email integrity.  In this blog we will focus on how the strategic investments we have made at Red Sift allowed us to discover and protect against…

Read more

Where are we now? One month of Google and Yahoo’s new requirements…

Rebecca Warren

As of March 1, 2024, we are one month into Google and Yahoo’s new requirements for bulk senders. Before these requirements went live, we used Red Sift’s BIMI Radar to understand global readiness, and the picture wasn’t pretty.  At the end of January 2024, one-third of global enterprises were bound to fail the new…

Read more