Google announced a bundle of new security features or improvements for its Gmail email service that are being rolled out currently.
Three of the four new features are available exclusively to Google Suite customers, the fourth to all users of Gmail.
All Gmail users benefit from better protection against malicious attachments according to Google's announcement. This includes Google Suite customers who use Gmail, regular Google users who use Gmail on the Web or in one of the applications that support the email service.
Google describes the new protective features in the following way:
We now correlate spam signals with attachment and sender heuristics, to predict messages containing new and unseen malware variants
The first draws links between signals that are associated with spam, and sender and attachment heuristics. Basically, what it does is try to predict whether an email attachment is malicious based on patterns, and not on signatures.
.ADE, .ADP, .BAT, .CHM, .CMD, .COM, .CPL, .EXE, .HTA, .INS, .ISP, .JAR, .JS (NEW), .JSE, .LIB, .LNK, .MDE, .MSC, .MSI, .MSP, .MST, .NSH .PIF, .SCR, .SCT, .SHB, .SYS, .VB, .VBE, .VBS, .VXD, .WSC, .WSF, .WSH
These attachments are blocked outright, but also if they are included within archives, and password protected archives.
Gmail users who need to transfer blocked files using Gmail are asked to use Google Drive or other services instead. Basically, instead of sending the file as an attachment, a link that points to it is provided instead.
Google Suite Gmail security improvements
The following three security improvements were launched exclusively for Google Suite customers who use Gmail:
- Delayed delivery of email messages with suspicious content -- Google developed a new algorithm that "flags and delays potentially suspicious messages" on Gmail. Google runs additional checks on these messages prior to delivery, and checks it against the company's Safe Browsing feature on top of that.
- Unintended external reply warning -- This feature warns Google Suite Gmail users when they reply to messages from "outside of their domain" if the recipient is not in their contacts". The feature is designed to better protect against "forged email messages, impersonation, and common user-errors". Users may dismiss the warning.
- Anti-phishing checks in Gmail on Android -- The final security feature displays a warning prompt on Android if you activate a link that Google flagged as suspicious.
All features are enabled by default once they are rolled out in the next couple of days. You can turn two of them off in the following way (provided that you are a Google Suite administrator):
- Open the Google Admin console.
- Go to Apps > G Suite > Gmail > Advanced Settings.
- Select the "top-level organization".
- Locate the Enhanced pre-delivery message scanning setting on the page.
- Locate the Unintended external reply warning setting on the page.