Google has today announced a new Gmail security feature for G Suite users, that warns them when responding to emails sent from outside of their domain and not in their contacts. This will provide enterprises protection against forged email messages, impersonation, as well as common user-error when sending mail to the wrong contacts.

Here’s how the new Gmail security feature works:

• When a user hits reply in Gmail, Google scans the recipient list, including addresses in CC. If a recipient is both external to the user’s organization and not present in their Contacts, we will display the warning.
• We treat secondary domains and domain aliases like primary domains, so your users will not be warned when emailing users at your subdomains.
• If the recipient is intended, the user can dismiss the warning and proceed with the response. We won’t show the warning again for that recipient.

The feature is launching as default on, with the ability to turn it off in the Admin console.