BlackCSI Blog
Gmail Incorporates More Stringent Phishing Protections (But There’s a Downside)
Since 2019, Google has had a feature built into their Chrome browser called Enhanced Safe Browsing. Intended to help prevent phishing attacks, this feature effectively steps in to warn users about links that it deems suspicious. More recently, this feature was added directly to Gmail. Let’s talk about how to enable it… and why you might actually want to think twice about doing so.
What is Enhanced Safe Browsing?
Originally, Enhanced Safe Browsing was a Google Chrome feature, and more or less warned users about links that the browser deemed suspicious in an attempt to help prevent malware, phishing, and other such threats. With email playing such a major part in so many phishing attacks, however, Gmail now hosts the feature natively.
With Enhanced Safe Browsing enabled, all links and attachments will be scanned and compared to Google’s database of known scams and malicious websites—a database that Google updates every half hour.
How to Enable Enhanced Safe Browsing
You’ll need to be logged into your Google Account to do this, and from there, access Security and from there, Manage Enhanced Safe Browsing to enable it. Doing so will activate it in Gmail, as well as any other Google software you use, including Chrome, down to the extensions and file downloads.
This is the big problem we’re concerned about.
Turning On This Feature is Effectively Gifting a Ton of Personal Data to Google
Reviewing what we’ve said thus far, this feature gives Google access to most of what most people use Google’s products for (particularly in the workplace) and insight into what they are being used for. To be fair, Google does claim that this data is anonymized after a short time, but studies have revealed that this anonymization isn’t perfect.
Ultimately, we wouldn’t recommend that businesses utilize this feature as compared to other options, and especially not as a replacement for robust and comprehensive user training and phishing awareness (after all, not all phishing attacks will come through Gmail exclusively), but it is ultimately up to you.
For other ways to help better secure your IT infrastructure, BlackCSI is here to help. Reach out to us at (717) 620-3042 to learn more.
Comments