Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Gmail Flags Unauthenticated Messages, Dangerous URLs

Google this week added new alerts to Gmail to improve the security of its users by informing them when messages can’t be authenticated and when they contain dangerous URLs.

Google this week added new alerts to Gmail to improve the security of its users by informing them when messages can’t be authenticated and when they contain dangerous URLs.

Gmail is now alerting users whenever they receive a message that can’t be authenticated with either Sender Policy Framework (SPF) or DKIM, Google announced. The alert comes in the form of a question mark in place of the sender’s profile photo, corporate logo, or avatar.

Additionally, Google is alerting Web users when they click on a URL received via email, if the link directs the user to a dangerous site known for phishing, malware, and Unwanted Software.

Unlike the unauthenticated message alert, which was created for Android users too, the dangerous URL warning will appear when users access their Gmail account via a browser, Google says. The warnings that will appear when clicking on the link are meant as an extension of the Safe Browsing protection that is already available in various web browsers today.

Google Safe Browsing added protection against unwanted applications several months ago, and now both Chrome and Firefox users can take advantage of it. Google also expanded Safe Browsing to Chrome for Android, optimized Safe Browsing API for Mobile, and made improvements to the Safe Browsing Alerts for Network Administrators service.

The new Gmail alerts are launching to Rapid release now, but Google says that scheduled release is coming in 2 weeks. The feature will be rolled out gradually, meaning that it might take longer than 3 days for it to become visible in some cases.

“Not all affected email will necessarily be dangerous. But we encourage you to be extra careful about replying to, or clicking on links in messages that you’re not sure about. And with these updates, you’ll have the tools to make these kinds of decisions,” Google explains in a blog post.

In February this year, Google announced another set of enhancements for the security alerts in Gmail, informing users of potentially unsafe messages in their inbox, such as emails that are not encrypted. In September 2015, the company made various security improvements to Google Drive, such as Enhanced eDiscovery with Google Apps Vault.

Advertisement. Scroll to continue reading.

 

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how the LOtL threat landscape has evolved, why traditional endpoint hardening methods fall short, and how adaptive, user-aware approaches can reduce risk.

Watch Now

Join the summit to explore critical threats to public cloud infrastructure, APIs, and identity systems through discussions, case studies, and insights into emerging technologies like AI and LLMs.

Register

People on the Move

Cloud security startup Upwind has appointed Rinki Sethi as Chief Security Officer.

SAP security firm SecurityBridge announced the appointment of Roman Schubiger as the company’s new CRO.

Cybersecurity training and simulations provider SimSpace has appointed Peter Lee as Chief Executive Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.