Google is rolling out a new anti-phishing feature in Gmail on Android that will warn users when they’ve clicked on a suspicious link in an email. "The site you are trying to visit has been identified as a forgery, intended to trick you into disclosing financial, personal or other sensitive information," the text of the warning says, with options to continue at your own risk or report an incorrect warning.
The feature will be gradually rolled out to all Gmail users over the next days and comes shortly after an elaborate phishing attack involving an app that posed as Google Docs, and tricked a large number of users into granting the malicious app access to their Google accounts. The company resolved the problem within about an hour of it being reported by revoking the app and disabling the offending accounts.
The new feature appears to use Google's Safe Browsing database, which catalogs sites known to host malware or trick users into giving away information. Ironically, since the fake Google Docs app actually resided on Google's web domain, this wouldn't have stopped yesterday’s phishing outbreak.
Still, it’s a step in the right direction to protect unsuspecting users from giving out sensitive information. "While not all affected email will necessarily be dangerous, we encourage you to be extra careful about clicking on links in messages that you're not sure about. And with this update, you'll have another tool to make these kinds of decisions," Google wrote in its post announcing the feature.