Enhance Safety Protection in G Suite by Configuring Advanced Security Features

Nowadays, Email Spoofing and Email Phishing are global issues. Users may often confuse this with the hacking of their passwords or accounts.

What actually happens is that the hackers get the IDs of your users and using third-party tools or applications, they send emails using those IDs, in which From: field reflects the genuine user ID but in Reply to: field lies the spoof ID.

SPF, DKIM, DMARC records should be implemented for your G suite domain for preventing this type of risky scenarios.

Besides configuring the security records, being a G suite Admin you can enhance safety for your email users.

To protect your G suite user’s incoming emails from phishing and malware attacks Admin can enable Safety options in G suite Admin Console.

Protect from malware using G suite Safety:

Most malware comes as an email attachment which includes code or exploits commands which cause your computer to download more malware from the internet.

G suite admin can enable the safety mechanism against the attachments to prevent malware attack.

G suite admin console (admin.google.com) -> Apps -> G Suite  -> Gmail -> Safety

Admin can enable this setting or can customize it based on the company policy.

Enable all settings provides the G suite domain with the strongest level of safety. In this, if users receive any encrypted message or any malicious scripts as attachments from the untrusted sender, the mail will be in the users' inbox with a warning message.

In the Customize settings, admin can choose between below two options along with the emails to be kept in the inbox with a warning or can redirect this kind of emails to the spam folder.

Protect from phishing using G suite Safety:

Mail phishing can be caused due to external links, images and due to unauthenticated spoof emails.

(i) To protect against the external links and images, G suite admin can choose between the below safety options.

Enable all settings provides the G suite domain with the strongest level of safety. It will identify actual links behind shortened URLs, scan linked image with hidden malicious content as well as show warning for any click on links/URLs to untrusted domains.

In the Customize settings, admin can choose between below three options or all options altogether.

Note: Gmail clients will show a warning prompt when users click on any link in the email to untrusted domains, it does not work on IMAP/POP email clients.

(ii) To protect against the spoof and unauthenticated emails,

G suite admin can choose between the below safety options to protect against phishing attack due to spoof emails.

Enable all settings provides the G suite domain with the strongest level of safety. All settings under Customize Settings will be automatically enabled for all current and future settings.

In custom settings protection can be done spoofing-based on visually similar domain names and employee names. In the first scenario, admin can choose to keep the mail in the Inbox with a warning (default) or redirection to the Spam folder. In the second case, it can be done only with the warning.

Protection against non-authenticated mails (SPF or DKIM authentication) that seem to be from your domain, can be kept in the Inbox with a warning (default) or redirected to Spam.

Protection against any unauthenticated emails (SPF or DKIM authentication) can be kept in the Inbox with a warning or redirected to Spam. By default, it’s in No action state.

Note: Although Gmail already displays warnings and moves emails from untrustworthy senders to spam; the above settings can be configured additionally for unwanted or harmful emails.