Google Drive now warns you of suspicious phishing, malware docs

Google is rolling out new warning banners in Google Drive to alert users of potentially suspicious files that threat actors could use for malware delivery and in phishing attacks.

This extra defense against abusive behavior and content was first announced in October during the Google Cloud Next 2021 user conference.

“If a user opens a potentially suspicious or dangerous file in Google Drive, we will display a warning banner to help protect them and their organization from malware, phishing, and ransomware,” Google explains.

The warning banners were first made available in Google Docs after the initial announcement and have since rolled out to Google Sheets, Slides, and Drawings. 

“Google will automatically evaluate any files that are shared with you from outside of your organization for phishing or malware. If detected, Google will block your access to the file in order to protect you,” the company says in the Google Drive Help.

When it detects a suspicious file in your Google Drive, the app will display a “This file looks suspicious. It might be used to steal your personal information.”

Google Drive warning banners of suspicious files are available to all Google Workspace customers, as well as G Suite Basic and Business customers.

The new protections have started gradually rolling out to all users on the Rapid Release or the Scheduled Release tracks Gradual rollout beginning on January 20, 2022 (some of them will have to wait up to 15 days for the feature to be enabled on their accounts).

Part of a broader effort to block Google Drive abuse

Last year, Google also added new Google Drive phishing and malware protections within enterprise environments that automatically tag all suspicious files, leaving them only visible to their owners and the admins.

Thus, potentially malicious documents no longer get shared within the organization, significantly reducing the number of users impacted in malicious attacks that abuse Google Drive for phishing and malware delivery.

These new additions are part of a more significant effort focused on more robust data security and come after the release of Safe Browsing, Google’s blocklist service designed to protect billions of devices and users of Chrome, Android, and Gmail.

In related news, BleepingComputer also reported today about Google Drive’s automated detection systems erroneously flagging users’ almost empty files for copyright infringement.