Scanned By Gmail Doesn’t Provide The Attachment Security You Might Think It Does

The most popular free web service on the planet, Gmail, has a lot of security positives. And, oh boy, does it need them as it is under persistent attack from hackers and scammers alike. Thankfully, both Gmail and Google Drive have mechanisms in place to prevent them from being used to distribute the type of malicious files often used in such attacks. However, as Ben Ilkashi, a security researcher at Pentera Labs, exclusively shared with me, it is possible for an attacker to exploit these to devastating effect. “What if I told you that you could trick a machine into displaying your malicious attachment as completely safe?” Ilkashi said. “What if I told you that you could get Google itself to sign off on your phishing payload and effectively achieve the holy grail of phishing attacks?” That grail is absolute and unquestioned credibility. Trust on steroids, if you like.

Ilkashi’s research, now published by Pentera Labs following a 90-day responsible disclosure period, has highlighted an architectural misalignment within Google’s unified security framework that enables malware that is “otherwise explicitly blocked by Gmail’s attachments scanner” to be hosted on Drive and delivered to recipients alongside a “Scanned by Gmail” label of trust. First reported through the Google Bug Hunters program on December 14, 2025, Google confirmed that it was a duplicate of an “internally tracked issue.” On January 22, Google’s Trust and Safety unit confirmed that “no fix timeline was available,” according to Ilkashi, and the decision regarding disclosure timing was up to Pentera Labs.

Google’s Serious Gmail And Drive Security Gaffe Explained

This serious Google security gaffe came to light when Ilkashi was initially researching the malicious use of Scalable Vector Graphics as a phishing campaign payload. “As part of my payloads testing against popular providers,” Ilkashi explained, “I encountered an attachment block in Gmail.’ This was accompanied by a ‘virus detected’ label when attaching the file, and Gmail prevented the payload from being sent. Google Drive also has a scanning mechanism marking malicious files as ‘Flagged for abuse’ and preventing anyone aside from the author from being able to download them, alongside a warning interstitial that alerts users before downloading potentially harmful file types. That’s the good news, and you know what’s coming next, don’t you?

The bad news is that Ilkashi was able to send a malicious SVG sample, already flagged by Gmail as ‘virus detected’ and blocked from being sent as a result, by using Google Drive as a hosting platform. “Contrary to Gmail’s detection,” Ilkashi explained, “Google Drive did not classify this file as malicious.” Yes, you read that right: despite already being flagged as a virus, Gmail’s own Drive attachments feature allowed it to be uploaded to Drive and configured to be accessible to anyone possessing the share link. This is an architectural misalignment between the scanning mechanisms, and it’s something that poses a danger to almost all users of Gmail as a result. A new email could be composed, including a now-known-to-be-malicious file link from Drive, but Gmail did not scan it again and instead just sent it as if nothing was wrong. Complete with a misleading scanned by Gmail label.

The issue appears to be that Gmail grants implicit trust to files that originate from Google Drive, assuming that because it is within the internal ecosystem other is pre-vetted and, as such, Gmail then bypasses its standard verification steps “allowing the malicious payload to inherit the 'safe' status of its storage
container,” Ilkishi said.

Google Drive’s Incomplete Scan Warning Circumvention For ‘Blocked By Gmail’ File

Amazingly, considering that this is the first published research report from Ilkashi, he managed to find not one but two problems that are worthy of serious attention. Explaining that his curiosity, having discovered the “Scanned by Gmail” vulnerability, had peaked and led to the pondering of whether other issues existed within the Google Drive and Gmail service integration, Ilkashi wondered “what would happen if a payload was not detected as a virus by Gmail.” It’s worth a little bit of background here, in that an executable not detected as a virus is “Blocked for security reasons” in Gmail, with Google stating that a recipient can ask the sender to upload the file to Drive “if you’re sure it is safe” and then “send it as a Drive attachment.”

Ilkashi said this got him thinking about what would happen if Google Drive couldn’t label your malware as “Flagged for abuse” after an incomplete scan, for example. Drive will then display another warning pop-up stating it cannot be scanned for viruses or that the file type might be dangerous, and offering an option to download it anyway. “This warning message is crucial because it indicates an incomplete scan of the file by Google,” Ilkashi said, “a circumstance that significantly increases the user's risk upon downloading and executing it.” But what if that warning could be bypassed?

Here we go again. A malicious sample was created that wasn’t recognized as known malware by either Gmail or Drive. The sample was duly labeled by Gmail as “Blocked for security reasons” rather than Virus detected”, but when uploaded to Drive was not labeled as “Flagged for abuse,” Ilkashi reported. So he then attached the share link to an email and sent it, only for this to once again be “ presented as an attachment,” and accompanied by the "Scanned by Gmail" label. The expected warning was completely missing, and Ilkashi said that he could “download the file in Gmail’s endpoint (mail.google.com) directly from the email and from the file preview, without any warning page or popup.” Opening the link itself, and Athen attempting to download the file from Drive directly, however, did display the expected warning screen.

Ilkashi concluded that this represented a flaw within the implementation of the Google Drive file download mechanism within Gmail’s endpoint, ultimately enabling unwary users to download files that had not been appropriately scanned and without triggering Google’s safety warnings. “This finding reinforces the fact that Gmail’s and Drive’s file handling mechanisms are not aligned,” Ilkashi warned, “This misalignment allows attackers to identify gaps, such as those presented in this article, and exploit them so that Google’s services effectively serve as a convincing and trustworthy delivery infrastructure.”

Google Responds To Gmail Attachment Security Disclosure

“We have demonstrated two distinct logic flaws,” Ilkashi said, “each undermining a different security mechanism, suggesting that further security issues can possibly arise, due to the inherent complexity and the implicit trust in the integrated
architecture of Google Workspace services.”

I reached out to Google, and a spokesperson provided the following statement: "Protecting Google Workspace users is our top priority. Gmail and Google Drive automatically block the vast majority of malicious files—including dangerous executable attachments—before they can ever reach an inbox." However, as the Pentera Labs research, along with a fully working proof of concept, shows, this simply isn’t good enough when attackers are able to exploit user trust and disguise malicious payloads behind the “Scanned by Gmail’ facade of legitimacy.

Google has said it is actively updating the user interface to clarify how safety checks are displayed when files are shared via Google Drive links, giving users a clear and accurate security context at all times. Google also said that Gmail’s “built-in defenses successfully prevent users from sending or receiving dangerous file types, such as executables, as direct email attachments,” stating that “this fundamental security boundary has not changed and remains fully operational.”

Google told me that Gmail proactively displays prominent, red warning banners to alert users if they receive a message containing a link that is later determined to point to a potentially suspicious or un-scanned file. Furthermore, while Google Drive allows users to upload files to their personal storage, it employs robust automated scanning to detect malware and block users from downloading or sharing infected files to prevent device compromise. Google also reiterated that it regularly works with the broader cybersecurity research community to identify opportunities to refine its protections and is appreciative of their contributions to a secure ecosystem.

Which is great, apart from the fact that the issue as outlined by Ilkashi and Pentera Labs remains exploitable. The proof of concept is valid, and I have seen this in action myself, it utilized a crafted ransomware executable that employs an xor-based encryption as a payload. “For the purpose of this demonstration,” Ilkashi said, “the ransomware will search and encrypt a file called encrypt-me.txt in the same directory. However, this could be easily modified to initiate an infinite end-to-end attack vector, utilizing Google's products as a credible delivery mechanism.”

This “is not an isolated or theoretical edge case, but a reproducible architectural gap,” Ilkishi warned, adding that if it can be discovered through security analysis, “it can also be identified and leveraged by motivated adversaries.” Until Google addresses this security flaw, all Gmail users are advised to treat emails containing Google Drive links or attachments as potentially dangerous, regardless of any “Scanned by Gmail” label.