Google Apps
Google Apps Phishing, Scams, and Spam

Phishing, Scams, and Spam


Messages asking for personal information

Here are a few ways you might recognize these messages:

  • They ask you to provide your username and password or other personal information (e.g. Social Security number, bank account number, PIN number, credit card number, mother's maiden name, or birthday). Even if they appear to be from a legitimate source, or contain an official-looking webpage, be careful. Spammers often ask for this information in an attempt to steal your Gmail address, your money, your credit, or your identity.
  • You might see a warning from Gmail when you open one of these messages. These phishing alerts operate automatically, much like spam filtering. Gmail's spam filters automatically divert messages that are suspected of being unwanted messages into 'Spam'. Similarly, Gmail's phishing alerts automatically display warnings with messages we suspect are phishing attacks so you know to exercise caution before providing any personal information.

    Back to Top

    Protect Yourself from Scams

    Posted by Ela Iwaszkiewicz, Software Engineer

    I recently received an email from what looked like my bank saying I should update my account, but it looked a little weird. I clicked on the “show details” link and quickly learned it wasn’t from my bank after all; instead of being sent from First National Bank’s real email address, this message originated from a random South African domain. If I hadn’t viewed these details, I could have been tricked - it wasn’t entirely obvious that this email was a fake.

    phishing 1

    Phishing messages are a form of spam that attempt to deceive recipients in order to gain access to their personal information. Starting today, Gmail will automatically display more information about the origin of certain messages you receive so you can be better informed and protect yourself from getting tricked. If someone fakes a message from a sender that you trust, like your bank, you can more easily see that the message is not really from where it says it’s from.

    Whenever you receive a message from someone who isn’t already in your Gmail contacts, the header will now show the sender’s email address like this:

    Phishing 2

    Websites sometimes send emails on behalf of someone, like when your friend Mike sends you an article from using one of the site’s “Share this story” links. Gmail will now show this information more prominently:

    Phishing 3

    Gmail will also automatically detect suspicious messages and display a warning when it looks like someone may have spoofed a Gmail address (we do this by evaluating the message's authentication data).

    Phishing 4

    If you determine that an email is a phishing attempt, please let us know by reporting it (you can always do this by clicking the down arrow next to “Reply” at the top-right of the message and selecting “Report phishing”).

    To learn more about how to avoid phishing scams, check out these previous posts:
    How to steer clear of money scams
    How to avoid getting hooked
    Ensuring your information is safe online
    Fighting phishing with eBay and PayPal
    New in Labs: The super-trustworthy, anti-phishing key

    Posted By The Gmail Team to Official Gmail Blog at 6/28/2011 09:00:00 PM

    Back to Top

    How is spam handled?

    Gmail's spam filters also work in your IMAP client by automatically diverting messages that are suspected of being unwanted messages into '[Gmail]/Spam' and keeping them out of your inbox.

    If you find a message that should be marked as spam, just move it to '[Gmail]/Spam.' This is just like clicking 'Report Spam' in the Gmail web interface and helps us to improve our spam filters.

    If you find a message wrongly classified as spam, you can move the message out of '[Gmail]/Spam' to the appropriate folder in your client.

    Note that your client may have its own junk mail filtering technology, which is separate from Gmail's spam filtering. We recommend using only Gmail's spam filtering and turning off any additional anti-spam or junk mail filters within your client. If you still decide to enable client side spam filtering, your client will download an extra copy of every message.

    Back to Top