Google are introducing new security alerts in Gmail to make the service safer for their users. The email service will now flag and filter suspicious-looking emails and links to better protect the users from malicious websites. Google announced that the changes are going to be rolled out gradually and will affect all users. The updated technology will prevent phishing attacks and malware redirection as well as spam messages.
Google are adding two new types of security alerts to Gmail that should offer better protection against malicious links and attempts and phishing attacks. The new features are starting to be rolled out this week and include the following additions to the service:
1. Using Gmail on the web or via the Android app if a message cannot be authenticated with the Sender Policy Framework (SPF) or DKIM (DomainKeys Identified Mail Standard) the user will see a question mark instead of the sender’s profile photo, avatar or corporate logo.
2. If a message with a potentially dangerous link is received, Google will redirect to a warning page. This feature will prevent users from becoming victims of phishing attacks or malware installation. The warning message is an extension to the Safe Browsing protection used by the popular Internet browsers – Internet Explorer, Microsoft Edge, Google Chrome and Mozilla Firefox.
These steps are good measures at combating serious security vulnerabilities which can be accessed via malicious download links or compromised sites. Users may fall victim to phishing attacks which can potentially be financially devastating. In the last few years, these types of attacks have increased in their frequency and complexity as the attackers have started to look for ways to circumvent the security features offered by many web services.
Google’s security alerts use the Sender Policy Framework which uses the DNS records to identify which mail services are permitted to send emails on behalf of a given domain. Malicious users often exploit domains to send emails that pose as legitimate sources. And in many cases, these messages are a phishing or malware threat. The other technology in use is the DKIM standard which adds a unique digital signature. This is a security feature that verifies the sender and recipient of a given message.
All users should receive the new security alerts within two weeks time. More information is available on Google’s blog post.