It’s Safer Internet Day, and when it comes to the security of your email, we don’t mess around. Gmail has always supported encryption in transit using TLS, and will automatically encrypt your incoming and outgoing emails if it can. We support industry-standard authentication to help combat email impersonation. And there are tons of other security measures running behind the scenes to keep your email safe.
Of course, it takes at least two people to send and receive an email, so it’s really important that other services take similar measures to protect your messages–not just Gmail. Unfortunately, not all email services do. And that’s why, starting this week in Gmail on the web, you’ll see two changes that highlight any affected messages:
1. If you receive a message from, or are about to send a message to, someone whose email service doesn’t support TLS encryption, you’ll see a broken lock icon in the message.
2. If you receive a message that can’t be authenticated, you’ll see a question mark in place of the sender’s profile photo, corporate logo, or avatar.
Not all affected email will necessarily be dangerous. But we encourage you to be extra careful about replying to, or clicking on links in messages that you’re not sure about. And with these updates, you’ll have the tools to make these kinds of decisions.