Google Updates G Suite With Phishing Guard For Gmail App

May 4, 2017 - Written By Daniel Fuller

Google’s G Suite work platform is already rather secure and is now getting another layer of protection in the form of a phishing guard for the Android version of Gmail. The phishing guard works by checking links inside messages you receive when you click on them, then issuing a warning if they seem to be designed for phishing. Such fake pages will generate the warning shown below, letting you know that the page is a forgery and giving you the option to proceed at your own risk. The change is currently rolling out to all G Suite customers and should require minimal changes to the way administrators run things. Google did not announce when or if this service may come to the desktop or consumer versions of Gmail, though it should be noted that those platforms already issue another type of phishing warnings.

Even the most tech-savvy users can sometimes be tricked, and things like phishing or enabling malware can be huge problems for organizations that tend to employ a lot of people who aren’t technically inclined. This feature makes it just a bit easier for administrators to help keep users safe, with the added bonus of giving users an idea of what warning signs to look for to identify a possible phishing attack. Since the warning nullifies the clickable link and forces a user to copy a URL in order to proceed, users who would typically not know better are further discouraged from proceeding. Users and administrators who are a bit more cautious, knowledgeable, or both, on the other hand, can have a peek at the link in a safe, sandboxed environment if they wish to do so.

This change comes shortly after a major phishing attack that arrived in Gmail inboxes around the world, asking users to have a look at an unsolicited Google Docs file. Users who followed the malicious link would be asked to give permission for the app or a third party to manage their email account, and when a user granted that permission, the bug could then use their account to proliferate by sending itself to their contacts. Naturally, the chances of somebody opening the link are far higher if it comes from a contact that they trust. This new protection will be fighting attacks of that nature, among others.