*Please note that these new features are currently available in free Gmail accounts, and are not yet available in Google Apps for Education.
Google has announced new authentication features for Gmail which will make it easier to identify emails that arrive from, or are being sent to unsecured or unencrypted connections. Emails arriving from unsecured connections are potentially harmful, and may be phishing attempts or other malicious campaigns designed to capture user data or information. Emails being sent to unsecured connections are more easily hijacked by third parties.
Gmail on the web now provides users with a visual alert (a lock symbol) when users send/receive email to/from unsecured connections, as follows:
Clicking the lock symbol will display additional information, e.g.,
If you see the red lock symbol when composing a message, do not send sensitive information.
Additionally, a sender’s profile picture is replaced by a question mark when Gmail is unable to authenticate the sender.
If you receive an unauthenticated message, it may be forged. Before replying, or clicking any embedded links, or opening any associated attachments, please confirm message authenticity by contacting the sender directly.
For more information, please see: https://support.google.com/mail/answer/6330403?p=tls&hl=en&rd=1