Starting today, any messages that Gmail users send or receive from email providers that don’t support TLS encryption will be flagged with a tiny unlocked padlock icon. Clicking the padlock brings up a dialog box warning the user that if their message contains “confidential information” they may want to advise their contact to use a different email provider.
Here’s how it looks:
In addition to this, Gmail will flag up email contacts whose identity can’t be verified. Any emails from unauthenticated sources will have their profile photo replaced with a question mark, and although Google notes that not all emails flagged in this way will be dangerous, it’s a good reminder to be extra careful.
If you receive a message that claims to be from your bank, for example, but has an unauthenticated sender, it’s almost certainly malicious, and you should delete it immediately before it steals your money or your identity.
Note that Gmail has always supported encryption in transit using TLS, and will automatically encrypt your incoming and outgoing emails if it can, and there are tons of other security measures running behind the scenes to keep your email safe.
Happy Safer Internet Day!