Google bulks up Gmail security by adding a warning to unencrypted emails
Google has announced a number of changes to its Gmail platform that aim to bolster the security of incoming emails by alerting users if they are sending messages over an insecure connection.
While Google already offers some key security-minded features, including the industry standard of Transport Layer Security (TLS) cryptography, the firm has now taken the extra step of using visible icons to warn of potential danger. According to Google, this will protect against other email services that don't offer the same level of security as Gmail.
"It takes at least two people to send and receive an email, so it's really important that other services take similar measures to protect your messages – not just Gmail. Unfortunately, not all email services do," warned John Rae-Grant, product manager at Google in the announcement.
Now, if you receive a message from someone whose email service doesn't support TLS encryption, you'll see a broken lock icon in the message. Additionally, if you receive a message that can't be authenticated, you'll see a question mark in place of the sender's profile photo, corporate logo, or avatar.
"Not all affected email will necessarily be dangerous. But we encourage you to be extra careful about replying to, or clicking on links in messages that you're not sure about. And with these updates, you'll have the tools to make these kinds of decisions," added Rae-Grant.
Emerging email threats
The news come in the wake of research published in 2015 that was commissioned to analyse the ongoing trends and emerging threats of email security, gathered in collaboration with the University of Michigan and the University of Illinois.
The research found that malicious domain name system (DNS) servers were frequently publishing "bogus routing information" to email services looking for Gmail adresses. While Google admitted that attacks resulting from this exploit are rare, the firm revealed it could allow an attacker "to censor or alter messages" before they are even received.
It appears that the latest security changes are a direct result of this research. "While these threats do not affect Gmail to Gmail communication, they may affect messaging between providers," noted Gmail security engineers at the time.
© Copyright IBTimes 2024. All rights reserved.