Gmail’s Phishing Protection

We all know that phishing is annoying, don’t we? Sometimes it’s really hard to tell whether an e-mail is legitimate or not and that can lead us into some trouble. Well, I’ve got the solution for you today! Instead of playing the guessing game, you can use Gmail’s forwarding feature to easily determine whether or not an e-mail is safe. Interested? Then let’s check it out!

Gmail’s Forwarding Feature

First of all, Gmail (like many other e-mail programs) allows you to forward your e-mails to another e-mail address. For example, my e-mail address could be, but because people often misspell my name, I could forward all e-mails sent to or to my real, correctly spelled e-mail address. That way, I can ensure all my e-mails always get to their destination. So, to forward your e-mails, simply follow these directions:

1.) Log in to Gmail and click on Settings in the upper right hand corner of the page.

2.) Click Forwarding and POP/IMAP.

3.) Next, click the option that says “Forward a copy of incoming mail” and specify the e-mail address you want your mail sent to.

4.) Scroll down and click Save Changes.

Your e-mail will then be forwarded!

Applying Gmail’s Forward to Your Phishing Battle

Okay, I can hear you all saying, “Yeah, I understand that, but what does it have to do with phishing?”

I know that’s what you’re most interested in, so here you go. Here’s what you can do!

Let’s say I use PayPal, eBay and some discussion forums and I have created three e-mail accounts, one for each use:

All of those redirect to my main account of

At the top of all the Gmail e-mails you receive, there is a To:/From: field. It looks something like this:

Now, to me, “YouTube Service” means YouTube sent the e-mail directly to However, take a closer look at the To:/From: field:

That means YouTube sent the e-mail to, but the e-mail was forwarded to the e-mail Inbox I am looking at now, which is

This is the tool you can use to spot phishing. For example, if you receive a message supposedly from PayPal with the e-mail address of at the top, you know the e-mail is a scam (phishing), because you should only receive PayPal communications through

Confused? Well, this may make it a little clearer. If you receive a message supposedly from PayPal like this, you know it’s phishing. Of course, phishing e-mails are not that obvious to spot, but seeing that the e-mail was sent to tells you the e-mail was sent by someone who knows that e-mail address. And since PayPal only knows your e-mail address, it’s obvious the e-mail didn’t really originate from PayPal.

Here’s a fact for you: In 2007, in the United States alone, $3.2 billion was lost to phishing. In the UK, one in 20 e-mail users claim to have been victims of phishing in 2005. So, all I have to say is don’t get phished! Be a smart e-mailer and use the tactics we have gone over today. It’s an easy way to keep yourself protected in Gmail!

~ Brandon Zubek