Google Mail Warnings & Information

General Information:

We have been receiving a lot of questions about the new alert messages showing up in gmail and what they mean, why they always show up on certain emails that are legitimate, etc.

One of the best ways to determine whether an email is legitimate is to look at the details of the message. You can view the most important details of a message by clicking the arrow next to the recipients of an email as pictured below.

From this image, we can see a few key pieces of information.

First is the "mailed-by:" field highlighted with the red box. If the mailed by domain and the domain of the sender do not match, this could be an indication of something not being right but does not by itself indicate a bad email. A user could use a service for newsletters, etc. to send emails, so they may not always match. If the user is @esc18.net and the mailed-by is g0ogle.com or some other misleading or misspelled word, you definitely know something is not right.
Second is the "signed-by:" field highlighted with the purple box. An industry standard is for emails to be signed by the sending email server. Most of the time, the mailed-by and signed-by fields should match. If they do not match it does not mean that the email is for sure bad, but you definitely need to pay attention and investigate further.
Third is the "security:" field highlighted in the green box. Another industry standard is for emails to be digitally encrypted. (This is a different type of encryption than Virtru.) If an email is encrypted, this field should indicate that it is and by what type. If the email message is not encrypted, you will get a little red lock icon next to the recipients of the email as shown in the following image.

Warning Messages:

Google will now display warning messages at the top of emails that are based on the information we discussed above and other factors of Google magic.

Below are a few examples of the messages you may see and what they could mean.

This "Be careful with this message" warning is based on the information discussed above. If an email is not signed, a message has a different from and mailed-by address/domain, etc. it will trigger this alert in your inbox.

This is not a for sure sign that the email is bad, just an alert to pay attention to the email to make sure it is legit since the system could not verify where the email came from.

As more and more email servers/providers start to comply with the industry standards you should start seeing less and less of these messages on legit emails.

This "This message seems dangerous" warning take the information discussed above and applies other information that is part of the Google magic. This warning tells you that information about this email, or information within the email, have been flagged by other users or the security systems at Google. It does not guarantee the message is bad but has raised enough red flags for Google to warn you about it. When you see this message you should definitely pay very close attention and think twice before doing anything with the email or responding in any way to the message. Here is another example of a warning message you may see from Google.

This "This message seems dangerous" warning comes at a little bit higher level. You will notice the message does not include the "Report dangerous" button because Google is a little more confident that messages with this warning are bad. Again, it does not guarantee the message is bad but there is a very strong likelihood that it is.

As always if you have any questions, concerns, etc. please do not hesitate to contact the Help Desk by email, web, or phone.