Gmail introduced a feature last month that warns users before sending and receiving emails from insecure addresses. Today, it’s announcing a bevy of new features and standards that improve email security.
Since Gmail began notifying users of encryption status, the company says emails sent over an encrypted connection have increased by 25%. While implementation is easy, TLS encryption can still be tampered with. To that end, Google, along with Yahoo, Microsoft, and Comcast, have submitted a new draft IETF specification that ensures emails will only be delivered through encrypted channels that will automatically report any failures.
Last month, Google expanded Safe Browsing to protect against fake download and play buttons and last year added the feature to Android devices. When Gmail notices a dangerous link in an email, it will show a general warning advising users not to click on any links in the email. A new feature rolling out this week to the web and mobile apps will show a full page warning screen when users click on a nefarious link to give users the chance to turn around.
The last Gmail update addresses state-sponsored attackers who try to gain access to the Google accounts of activists, journalists, and policy-makers. In addition to a warning at the top of the page, Gmail will now show a full-page warning screen with instructions on how to deal with the hack. While fewer than 0.1% of users have ever seen these warnings, Google noted their importance alongside the other updates to security features today.