Google announced back in February 2016 that it planned to improve Gmail security by adding new security indicators to the service.
One of the improvements was the introduction of a new red question mark icon in place of the profile photo, avatar or blank icon to highlight unauthenticated emails.
Google announced yesterday that the roll out of the feature started, and that Gmail users on the web and on Android will soon notice the new red question mark icon for unauthenticated messages.
Take a look at the following screenshot which highlights the difference between authenticated and unauthenticated messages on Gmail.
Gmail: question marks for unauthenticated senders
Google's method for determining the authenticity of a message is the following one: if a message can't be authenticated using DKIM or Sender Policy Framework (SPF), it is marked as unauthenticated.
Gmail, on the web, displays profile icons only when an email is selected, but not in the email listing itself. This means that you will have to click on a message to find out if it is authenticated or not.
Gmail Safe Browsing
Google announced another change yesterday for the web version of Gmail. The company plans to warn users when clicks on links are made that Google believes are dangerous.
On the web, if you receive a message with a link to a dangerous site known for phishing, malware, and Unwanted Software, you’ll begin to see warnings when you click on the link.
The company added its own Safe Browsing technology to Gmail for that. Gmail users who click on unsafe links will get a full page warning message first.
It is still possible to continue to the site in question, but there does not seem to be an option to turn off these warnings for individual sites or even completely.
Google confirms that false positives may happen, and that it sees these new security features more as reminders to be extra careful when interacting with senders or links pointing to the web.
Gmail users should not rely solely on Google to determine whether a sender or link is trustworthy or not. Any email using SPF or DKIM is shown as authenticated, even if it comes from a Nigerian prince or an Iraqi war veteran who sits on a ton of gold.
These security features are merely indicators, and they are probably right more often than not. Still, it is up to the user to determine whether that is the case for individual emails or web links in messages.