Gmail – New Authentication Features Make it Easier to Identify Email To/From Unsecured Connections

*Please note that these new features are currently available in free Gmail accounts, and are not yet available in Google Apps for Education.

Google has announced new authentication features for Gmail which will make it easier to identify emails that arrive from,  or are being sent to unsecured or unencrypted connections.  Emails arriving from unsecured connections are potentially harmful, and may be phishing attempts or other malicious campaigns designed to capture user data or information.  Emails being sent to unsecured connections are more easily hijacked by third parties.

Gmail on the web now  provides users with a visual alert (a lock symbol) when users send/receive email to/from unsecured connections, as follows:

Screenshot showing an authored Gmail mail message with an unlocked red padlock to the right of the recipient's name/address.

Clicking the lock symbol will display additional information, e.g.,

Screenshot of the message that displays when the open lock symbol is clicked.  Text saying "Some recipients use services that don't support encryption" and further stating "If your message is sensitive, consider removing these addresses or deleting any confidential information." There is a link to "Learn more" and an "OK" button.

If you see the red lock symbol when composing a message, do not send sensitive information.

Additionally, a sender’s profile picture is replaced by a question mark when Gmail is unable to authenticate the sender.

Screenshot showing an authenticated and unauthenticated message Gmail message heading.  The Authenticated message either contains a profile icon or a profile picture and the unauthenticated message contains a red question mark in place of the profile picture/image.

If you receive an unauthenticated message, it may be forged.   Before replying, or clicking any embedded links, or opening any associated attachments, please confirm message authenticity by contacting the sender directly.

For more information, please see: https://support.google.com/mail/answer/6330403?p=tls&hl=en&rd=1