Gmail Now Calls Out Fishy, Unencrypted Emails

Today happens to be Safer Internet Day, and Google is celebrating the occasion by upping Gmail security.

The Web giant is rolling out a pair of changes for Gmail on the Web to help you easily identify messages that are unencrypted and/or can’t be authenticated.

Gmail already supports encryption in transit by using Transport Layer Security (TLS, the successor to SSL), and will automatically encrypt your incoming and outgoing emails to help combat email impersonation. Not all email services offer such protection, however, so Google is now specifically calling out unencrypted messages.

“Of course, it takes at least two people to send and receive an email, so it’s really important that other services take similar measures to protect your messages — not just Gmail,” Google Product Manager John Rae-Grant wrote in a blog post. “Unfortunately, not all email services do.”

So, Google will add a red broken lock icon (see image below) to any message that was sent from an email service that does not support TLS encryption. You’ll also see this icon when you’re about to send a message to someone whose email service does not support this security protocol.

Moreover, if you receive a message that can’t be authenticated — meaning Gmail can’t verify the sender — you’ll now see a question mark in place of the person’s profile photo, corporate logo, or avatar.

“Not all affected email will necessarily be dangerous,” Rae-Grant wrote. “But we encourage you to be extra careful about replying to, or clicking on links in messages that you’re not sure about. And with these updates, you’ll have the tools to make these kinds of decisions.”

Meanwhile, Google is also celebrating Safer Internet Day by giving away 2GB of free Drive storage to anyone who completes its account Security Checkup now through Feb. 11. This article originally appeared on

Recent Articles

Related Stories

Stay on op - Ge the daily news in your inbox