When a domain name hasn’t been configured correctly for email, Gmail may display a warning for emails from that domain, like this:
Be careful with this message. Gmail could not verify that it actually came from. Avoid clicking links, downloading attachments or replying with personal information.

If you’re a Gmail user and you’ve seen this warning, then do pay attention to the warning. There are 2 possible causes for the warning:

  1. The email is fake. It may look genuine (with official looking branding etc) but could have been edited, such as to modify some of the content or links. A typical case would be changing the destination of one or more links to go to the website of the scammer’s choice, such as a fraudulent shop website or other scam.
  2. If the email is genuine, then the organisation that sent it has not correctly configured their email systems to prevent spammers/phishers from mimicking their email address.

Here’s what you can do:

  1. Check the “From” email address. If the domain name in the email address matches the domain name of the business, like shop@acme.com for an email from Acme Ltd, then it’s more likely to be a genuine email (but could still be just a more carefully constructed fake).
  2. Hover your mouse (if you’re using one) over the links and look at the domain name of the website that the links go to. Be extra cautious of links that don’t go to the domain name of the business/organisation that sent the email. If the business (or scammer) has used a link-shortening tool, then links may point to something like https://bit.ly/xyz in which case it’s impossible to tell without clicking on the link. If the email is genuine, then you should end up on the genuine website for the business. Be extra careful that the website you end up on is not just a copy of a genuine website with an incorrect spelling of the domain name, such as something like amazoon.com

If the email really is genuine, the organisation that sent the message needs to fix their email systems to tighten up security. This task gets pretty technical, and involves adding DKIM, SPF and DMARC records against the domain name that link with the email systems used to send the messages. You can send them a link to this page, explaining that you’re seeing this issue with their emails.

If you are the organisation having the problems, there’s some more information here on the changes needing to be made. If it sounds too difficult, don’t hesitate to get in touch and we can help you make the necessary changes.