Google this week added new alerts to Gmail to improve the security of its users by informing them when messages can’t be authenticated and when they contain dangerous URLs.
Gmail is now alerting users whenever they receive a message that can’t be authenticated with either Sender Policy Framework (SPF) or DKIM, Google announced. The alert comes in the form of a question mark in place of the sender’s profile photo, corporate logo, or avatar.
Additionally, Google is alerting Web users when they click on a URL received via email, if the link directs the user to a dangerous site known for phishing, malware, and Unwanted Software.
Unlike the unauthenticated message alert, which was created for Android users too, the dangerous URL warning will appear when users access their Gmail account via a browser, Google says. The warnings that will appear when clicking on the link are meant as an extension of the Safe Browsing protection that is already available in various web browsers today.
Google Safe Browsing added protection against unwanted applications several months ago, and now both Chrome and Firefox users can take advantage of it. Google also expanded Safe Browsing to Chrome for Android, optimized Safe Browsing API for Mobile, and made improvements to the Safe Browsing Alerts for Network Administrators service.
The new Gmail alerts are launching to Rapid release now, but Google says that scheduled release is coming in 2 weeks. The feature will be rolled out gradually, meaning that it might take longer than 3 days for it to become visible in some cases.
“Not all affected email will necessarily be dangerous. But we encourage you to be extra careful about replying to, or clicking on links in messages that you’re not sure about. And with these updates, you’ll have the tools to make these kinds of decisions,” Google explains in a blog post.
In February this year, Google announced another set of enhancements for the security alerts in Gmail, informing users of potentially unsafe messages in their inbox, such as emails that are not encrypted. In September 2015, the company made various security improvements to Google Drive, such as Enhanced eDiscovery with Google Apps Vault.
More from SecurityWeek News
- Threat Hunting Summit Virtual Event NOW LIVE
- Video: ESG – CISO’s Guide to an Emerging Risk Cornerstone
- Threat Modeling Firm IriusRisk Raises $29 Million
- SentinelOne Announces $100 Million Venture Fund
- Today: 2022 CISO Forum Virtual Event
- Cymulate Closes $70M Series D Funding Round
- SecurityWeek to Host CISO Forum Virtually September 13-14, 2022: Registration is Open
- Privilege Escalation Flaw Haunts VMware Tools
Latest News
- Germany Appoints Central Bank IT Chief to Head Cybersecurity
- OpenSSL Ships Patch for High-Severity Flaws
- Software Supply Chain Security Firm Lineaje Raises $7 Million
- ICS Cybersecurity Firm Opscura Launches With $9.4 Million in Series A Funding
- Vulnerability Provided Access to Toyota Supplier Management Network
- Patch Released for Actively Exploited GoAnywhere MFT Zero-Day
- Linux Variant of Cl0p Ransomware Emerges
- VMware Says No Evidence of Zero-Day Exploitation in ESXiArgs Ransomware Attacks
