New Anti-Phishing & Malware Detection Features for G Suite Users
G Suite admins can enable new AI-powered security features in G Suite. These features have been built to detect and alert users of emails carrying potential malware as well as emails that are part of spear-phishing attempts.

In this article, we will discuss the process of the setup of the advanced security setting.
Advanced security settings:
-
Spoofing and authentication—Protection against spoofing a domain name, employee names, email impersonating your domain, and unauthenticated email from any domain (indicated by a question mark next to the sender’s name).
-
Attachments—Protection against encrypted attachments and scripts from untrusted senders.
-
Links and external images—Identify links behind short URLs, scan linked images for malicious content, and display a warning when users click links to untrusted domains.
With advanced settings, you can:
-
Disable all settings—Disable all security settings for a domain or organizational unit.
-
Enable all settings—Turn on current (and any future) settings. This option provides the strongest level of protection for a domain or organizational unit. When you select Enable all settings, the default action associated with each option is applied.
-
Customize settings—Select security settings and actions individually.
Turn on spoofing and authentication protection:
-
From the Admin console Home page, go to Apps
G Suite
Gmail.
-
In the Safety section, scroll to Spoofing and authentication.
-
Select the settings and actions you want to apply on incoming emails. (Details below)
Spoofing and authentication settings |
Actions |
Protect against domain spoofing based on similar domain names. Protect against incoming messages from domains that appear visually similar to your company's domains or domain aliases. |
|
Protect against spoofing of employee names. Protect against messages where the sender's name is a name in your G Suite directory, but the email isn't from your company’s domains or domain aliases. Important: For this setting to work correctly, Enable contact sharing and ‘Show all email addresses’ must be selected in directory sharing settings. To verify, go to G Suite > Directory > Sharing Settings and review the Contact sharing section. |
|
Protect against inbound emails spoofing your domain. Protect against potential Business Email Compromise (BEC) messages not authenticated (SPF or DKIM), pretending to be from your domain. |
|
Protect against any unauthenticated emails. Protect against any message not authenticated (SPF or DKIM) by any domain. |
|
Turn on attachment protection:
-
From the Admin console Home page, go to Apps
G Suite
Gmail.
-
In the Safety section, scroll to Attachments.
-
Select the setting and action you want to apply on incoming emails. (Details below)
Attachments settings |
Actions |
Protect against encrypted attachments from untrusted senders. Protect against attackers who may use encrypted attachments, which can't be scanned for malware. |
|
Protect against attachment with scripts from untrusted senders. Protect against documents containing malicious scripts that can harm your devices. |
|
Turn on links and external images protection:
-
From the Admin console Home page, go to Apps
G Suite
Gmail.
-
In the Safety section, scroll to Links and external images.
-
Select the desired security settings. (Details below)
Links and external images settings |
Identify links behind shortened URLs. Allow discovery of harmful links hidden behind shortened URLs. |
Scan linked images. Allow scanning of images referenced by links to find hidden malicious content. |
Show warning prompt for any click on links to untrusted domains. Not available for IMAP/POP email clients. Gmail displays a warning when users click a link to untrusted domains in any email message. If this feature isn't on, warnings only appear for clicks to untrusted domains from suspicious emails. |