Security Tips For Gmail Users

security tips for gmail users

Are you a Gmail user? When was the last time you took a look through the settings to make sure you are making the most of the security features? Beyond enabling 2FA (which you should now be doing on all online accounts), what can you do to make Gmail more secure? Well, Gmail has a number of excellent features which can help to protect you from scammers and keep your emails private. Here are some of the best examples.

Block Spam

Use the Spam Reporting feature to reduce spam email.  To do this, open the email, click the three dots to the top right and choose ‘Report Spam’. Be patient with this option. Sometimes it doesn’t appear to be working. It can take some time to train Gmail’s spam filters using the content and characteristics of the email. NB Report Spam is not intended to block emails from a specific sender but you can do that as well.

If you do want to take it a step further and block a sender. Click the three dots to the top right, as above, and choose ‘Block’ instead. If you receive any more emails from this sender, they are automatically sent to the Spam folder.

For more granular control you could create a filter. Pick ‘Filter messages like this’ from the menu. This then allows you to set a series of actions that are applied to all incoming messages that match the filter specified. Filter actions could include marking the email as read, moving it to the Spam folder, or deleting it completely.

Buy Some Time with Undo Send

If you are a bit trigger happy with the send button, this one’s for you. Gmail has an Undo Send feature that allows you to recall a sent email before it reaches the recipient, but you need to be quick. The feature works by delaying sending an email for a few seconds, and you can click Undo if you spot a typo.

The default Undo Send delay is set at 10 seconds, but you can increase this up to 30 seconds to buy yourself some thinking time. Just click the cog icon in the top right corner of the main Gmail screen, then click Settings and open the General tab, then the Undo Send drop-down menu.

Confidential Mode

Confidential mode provides a more secure method of email delivery. Using Confidential Mode means the recipients can’t copy, forward, print or download the email. It can be set to expire after a certain time period, and you can, optionally, protect access with a passcode which provides some protection against compromised inboxes.

You activate Confidential mode by clicking on the small padlock at the bottom of the new message window. It’s useful for sensitive messages that might contain personal or confidential information when you want to be certain that no one else will be able to read the email.

When Confidential Mode is used, the recipient will be able to see the expiration date that you’ve specified, and they won’t have access to all the usual options for forwarding and printing. The maximum amount of time a confidential email can exist is five years.

Confidential Mode works best in a Gmail to Gmail transaction. If the recipients aren’t using the official Gmail apps, they will need to open the messages via a web link instead. It’s also worth considering that there’s nothing to stop recipients taking screenshots or photos of confidential messages and then passing them on, so you need to trust the recipient.

Beware Cached Offline Data

If you are using Gmail offline, be aware of what may be stored in local cache. If an attacker can get physical access to your Laptop, they may be able to access it.

Make sure this data is deleted when you log out, particularly if you are using a shared computer. To do this, click the cog icon (top right) from the main inbox screen, then click Settings and Offline. Check the Remove offline data from my computer box, next to the Security heading. Also make sure you sign out of Gmail when you’re done with emails.

External Images

Email images have ever been a privacy and security worry. They can reveal the kind of information about your browser and your computer, that you do not really want to share with a random stranger that has your email address. There have been many exploits related to images in the past and it’s not beyond imagining that will be others down the line.

Using images to perform mail tracking is the bigger concern here. Small embedded images known as tracking pixels can be used by an email sender to tell if you’ve opened the emails they’ve sent, and what kind of device you used to open them. It can even reveal if you’ve forwarded your email to another person. All this is very useful information for marketers, but it might not be the level of tracking that you are happy with.

Fortunately, Gmail does carry out some automatic email scanning, which looks out for images that are being used irresponsibly.  If Gmail thinks a sender or message is suspicious, images are not shown, and you’ll be prompted to decode if you want to see the images. If you want to go further than the standard level of protection, you can opt to hide images by default

To do this, go to the main Gmail window, click the cog icon in the top right corner and then click Settings. Open the General tab and check Ask before displaying external images, in the Images section. Now, when you open emails, the images won’t be shown, but you will have the option to open them for emails and senders that you trust.

If email security, or any other aspect of web security, is a concern for your company, please feel free to get in touch Contact KRYPSYS

Facebooktwitterredditpinterestlinkedinmail
Subscribe to Receive Our Newsletter

Information Security Audit and Testing