Phishing email not detected


Phishing email was not properly detected and reached the end user's inbox.


  • Admin console


Enable Safety settings.
  1. Log in to the Admin console.
  2. Navigate to Apps > Google Workspace > Gmail > Safety.
  3. Scroll down and click Spoofing and authentication.
  4. Click the checkbox in the available options (Protect against inbound emails spoofing your domain).
  5. Choose the action Move emails to spam or Quarantine.
  6. Save changes.


The option selected in the Safety settings were set to Leave email in inbox and show warning.