Users of the Google Drive file and syncing app will now start to see warning banners if they open a potentially dodgy file.
The new alerts are rolling out to Workspace Google Drive users globally today and aim to help protect users and their organizations from malware, phishing and ransomware.
Google notes: “If a user opens a potentially suspicious or dangerous file in Google Drive, we will display a warning banner to help protect them and their organization from malware, phishing and ransomware.”
Google Workspace users should be familiar with the banner security alerts, which arrived in Docs, Sheets, Slides, and Drawings earlier this year as a protection against abusive content and behavior.
The additional user-facing alert should help protect Google Workspace users from cyber criminals who use Google Drive to spread malicious files.
Google last year shut down an expansive Russian hacking network that hijacked YouTube accounts using malicious PDF files shared with targets in email and Google Drive.
The new banner alerts are separate to the alerts Google issues to users targeted by suspected state-sponsored hackers. In 2021, Google-issued state-sponsored alerts to Workspace users rose by 33% year on year to over 50,000. The increase was mainly due to campaigns run by Russian actor APT28 or Fancy Bear. State-sponsored attack groups like Iran’s APT35 also employ Google Drive among other tools to spread malicious PDFs.
The new suspicious file alerts are on by default, meaning neither admins nor users need to enable this feature. It cannot be disabled. It is available for all Google Workspace customers, as well as G Suite Basic and Business customers.
Separately, Google recently started pushing G Suite legacy free users to upgrade to a paid Workspace subscription. It’s also encouraging its $6 a user per month G Suite Basic edition and Business edition users switch to a Workspace subscription. These customers can expect to be contacted by Google in the “coming months” to start the transition.