14 DAY TRIAL // Google made some changes to the way Gmail displays the origin of emails in order to help users determine if they are dealing with fake messages.
Up until now, when opening an email message, Gmail used to show the name of the sender followed by their email address, if they weren't already in the user's contacts list.
However, this origin information is not enough considering that the vast majority of phishers and spammers are capable of spoofing email addresses.
Google has now changed the Gmail interface to also display the domain name though which the message was sent when it doesn't correspond to the email address.
This is very useful because scammers don't usually have access to actual email servers of the spoofed addresses.
For example, if someone sends an email purporting to come from @paypal.com address, the message won't actually be delivered through PayPal's legit email server, unless the scammer managed to hack it which would be an extraordinary occurrance.
However, it's worth pointing out that not all emails sent via third-party domains are part of phishing or spam attacks.
For example, some websites allow users to share content with their friends via email. These notifications are usually sent in the name of the user, but through the website's own email server. There have been cases where this functionality has been abused.
Google also uses a system to check the authenticity of emails based on special headers added by technologies like DKIM or SPF. Messages that lack these headers but claim to originate from sources known to use these technologies are automatically flagged as suspicious.
In such cases will now see a warning at the top of the email that reads "This message might not be sent by <email address>" and will get an option to report the phishing attempt.