Google launches new Gmail security features
Google announced a bundle of new security features or improvements for its Gmail email service that are being rolled out currently.
Three of the four new features are available exclusively to Google Suite customers, the fourth to all users of Gmail.
All Gmail users benefit from better protection against malicious attachments according to Google's announcement. This includes Google Suite customers who use Gmail, regular Google users who use Gmail on the Web or in one of the applications that support the email service.
Google describes the new protective features in the following way:
We now correlate spam signals with attachment and sender heuristics, to predict messages containing new and unseen malware variants
The first draws links between signals that are associated with spam, and sender and attachment heuristics. Basically, what it does is try to predict whether an email attachment is malicious based on patterns, and not on signatures.
.ADE, .ADP, .BAT, .CHM, .CMD, .COM, .CPL, .EXE, .HTA, .INS, .ISP, .JAR, .JS (NEW), .JSE, .LIB, .LNK, .MDE, .MSC, .MSI, .MSP, .MST, .NSH .PIF, .SCR, .SCT, .SHB, .SYS, .VB, .VBE, .VBS, .VXD, .WSC, .WSF, .WSH
These attachments are blocked outright, but also if they are included within archives, and password protected archives.
Gmail users who need to transfer blocked files using Gmail are asked to use Google Drive or other services instead. Basically, instead of sending the file as an attachment, a link that points to it is provided instead.
Google Suite Gmail security improvements
The following three security improvements were launched exclusively for Google Suite customers who use Gmail:
- Delayed delivery of email messages with suspicious content -- Google developed a new algorithm that "flags and delays potentially suspicious messages" on Gmail. Google runs additional checks on these messages prior to delivery, and checks it against the company's Safe Browsing feature on top of that.
- Unintended external reply warning -- This feature warns Google Suite Gmail users when they reply to messages from "outside of their domain" if the recipient is not in their contacts". The feature is designed to better protect against "forged email messages, impersonation, and common user-errors". Users may dismiss the warning.
- Anti-phishing checks in Gmail on Android -- The final security feature displays a warning prompt on Android if you activate a link that Google flagged as suspicious.
All features are enabled by default once they are rolled out in the next couple of days. You can turn two of them off in the following way (provided that you are a Google Suite administrator):
- Open the Google Admin console.
- Go to Apps > G Suite > Gmail > Advanced Settings.
- Select the "top-level organization".
- Locate the Enhanced pre-delivery message scanning setting on the page.
- Locate the Unintended external reply warning setting on the page.
It’s worthwhile blocking some of those file extensions at Windows level as well. I would re-assign the following file extensions to open in Notepad, instead of the default applications that are set (I.E Windows Based Script Host).
.HTA, .JS, .JSE, .VBE, .VBS, .WSF
With the newest Windows Chrome Version 59.0.3071.82 (Official Build) beta (64-bit), I noticed a warning I had not seen before about entering a user name and password on a popup.
Google : good for security, bad for privacy.
Note : can Google really detect specific file types inside an archive encrypted with AES ? Like with 7z ?
I guess they just block archives that they cannot open.
All encrypted archives are blocked. They seem to have algorithms to detect a super-wide range of formats.
If we can’t snoop your attachments, they’ll be blocked.
wow. “For your safety”, of course.
Wow. That seems pretty extreme. Thanks for the info.
Now, let me see : Gmail, which has a near-monopoly on mail, prevents me from sending encrypted archives (a very common way to exchange files), forcing me to use instead… a cloud-based file-sharing service… which is… surprise, suprise… a big part of their offering ? And forcing me to keep logged in Google, which is a big privacy breach, and which I can dispense with if I just use a mail client ?
I’ve sent encrypted rar’s before by renaming the file extension to iso. Maybe other ext. work too. Maybe it doesn’t work any more, idk.
Google never did and never will do anything outside of their own interests. These days the argument “security reasons” is one of the most abused. And a lot of limp bisquits believe it, too. So, why not use it if it works.
I’m not finding these settings in GSuite anywhere.
What am I missing? (aside from these settings)
This rolls out over the course of the next couple of days. Maybe not available yet for you.
Just Rename The File And Add An Underscore To The File Extension.
…And So On.
I had to reread this post to find out what all of the hubbub was about.
Transferring files using e-mail is so 1998. Who uses that any more?
Answer – my mom’s clueless friends who don’t know how to share pictures and docs on a vetted website.
Lots of people, including me. I recently received an unsolicited email from a small company I do business with, coming from an employee I’d never heard about, which had a Word file attached to it. It was a form I was supposed to send back, in order to update my personal info with them. Talk about massively unsafe practices. Needless to say, it went right to the bin.