Advanced Phishing and Malware Protection for Gmail Beta Version
Gmail Beta Version protect incoming mail against phishing and harmful software (malware). You can also choose what action should be taken on the basis of threat detected.
Advanced phishing and malware protection helps to defend domain spoofing based on similar domain names. It helps administrators protect against anomalous attachments and inbound mail spoofing your domain. It helps protect enterprise customers against ransomware, sophisticated malware, and zero-day threats.
Spoofing and authentication safety includes the sub-settings listed below using which you can protect against spoofing of employee names and against messages where the sender's name is a name in your G Suite directory, but the email is not from your company's domains or domain alias.
Place emails into a quarantine - Route emails that match phishing and malware controls to a new or existing quarantine. This will be available for new and existing controls.
Protect against incompatible attachment types in emails - Identify emails with unusual attachment types and choose to automatically display a warning banner, send them to spam, or quarantine the messages.
Protect your Google Groups from inbound emails spoofing your domain - Identify unauthenticated emails potentially spoofing your domain and choose to automatically display a warning banner, send them to spam, or quarantine the messages.
In addition to the new controls, G suite also updated the interface to make it easier to see what settings you have applied and understood what actions you’re taking as a result of each control.
Who’s impacted
Admins only
Why you’d use it
By adding more specific controls, including the ability to quarantine potentially risky messages, it will help to enable admins to optimize protections for their organization. This will help reduce threats and increase the security of your data while making the experience as simple as possible for your users.
How to get started
Admins: Find and turn on the beta features at Admin console > Menu > Apps > G Suite > Gmail > Safety. You will find new options to turn on incompatible attachment and groups spoofing protections, and see the quarantine option available for all controls
End users: No action needed
Additional details
Place emails into a quarantine
All advanced security settings for Gmail now allow you to store email more easily. Choose to move any email that meets certain criteria to a pre-existing quarantine, or create a new quarantine for such messages.
All advanced security settings for Gmail now allow you to store email more easily.
Protect against incompatible attachment types in emails
Less common file types as email attachments are often used to spread malware. However, different domains might have legitimate uses for uncommon file types. Therefore, G Suite is giving admins more control over how to handle emails with these files attached.
What is identified as an incompatible attachment will be automatically customized for each domain? An intelligent algorithm determines which file types your domain commonly receives and will model the detection based on that. For example, a specific file type may be commonly used on Domain A, but not on Domain B. If both domains had the "Incompatible Attachment" setting enabled, an email with this file type attached would be flagged for Domain B, but not Domain A.
You can see which file types are filtered for your domain by going to the security center’s suspicious attachments chart, filtering by "Incompatible Attachments" and then looking at "Attachment Extensions"
Admins will be able to:
Turn the uncommon attachment type detection on or off.
If turned on, choose whether to keep relevant emails in the user’s inbox with a warning banner displayed, send emails to spam automatically, or move emails to quarantine.
While the incompatible attachment customization described above is expected to work well, if needed admins can whitelist specific uncommon file types they don’t want to be identified.
Admin controls for unusual attachment types
Protect your Groups from inbound emails spoofing your domain
External senders can spoof emails to appear as if they come from your domain, using the same protocols that enable many legitimate systems to send email. This setting extends your options to control potential spoofing emails by preventing spoofed messages from posting to Google Groups on your domain.
Turn the Groups spoofing protection on or off.
If turned on, choose whether to keep relevant emails in the user’s inbox with a warning banner displayed, send emails to spam automatically, or move emails to quarantine (if available).
Choose whether to apply the settings only to Private Groups (groups with specifically limited membership or intended for organization members only) or All Groups (Private Groups + ones without restricted membership)
Admin controls for inbound email spoofing protections
G Suite editions
Controls are available to all G Suite editions. The Chart to view affected emails available, is part of the security center and so is available to G Suite Enterprise edition only.
On/off by default?
This feature will be OFF by default.
