The new Gmail feature released by Google will not have any cool audio alert screaming out "intruder alert", but it will alert users when suspicious activity specifies a potential compromise of the e-mail account. Google wishes to help users combat e-mail fraud and identity theft with the new feature.

Pavni Diwanji, Engineering Director for Gmail, explained the following situation in a post on the Official Gmail Blog. "A few weeks ago, I got an email most probably from a friend stuck in London asking for some money to help him out. It turned out that the email was sent by a hacker who had hijacked my friend's account."
A lot of small and medium businesses--and a rising number of larger companies--rely on the Web-based Gmail as their main messaging platform. A sharp increase in socially-engineered attacks and identity hacker make Gmail account compromises a quickly rising worry.

Google has long had a security feature which shows the last login time for the account and whether or not the account is currently open in a different place. That information should be enough for users to recognize most compromises or suspicious activity, but it seems that it is not overt sufficient and a lot of users do not give attention to it.

The new Google come up to monitors certain part and considers a range of user behaviors to try to recognize activity which should increase red flags. Diwanji explains "To determine when to display this message, our automated system matches the 1related IP address, logged per the Gmail privacy policy, to a broad geographical position. While we don't have the capacity to find out the particular position from which an account is accessed, a login appearing to come from one country and happening a few hours after a login from a different country may trigger an alert."
Diwanji summed up by reminding users to "remember that these notifications are meant to alert you of suspicious activity but are not replacements for account security best practices."

Businesses should make sure that users are attentive of the new Gmail feature so they are not caught off guard if they see it. A procedure should be established for raising the notification to management, or responding to suspicious activity alerts.
By developing a plan for what to do with the information, businesses can capitalize on the feature to augment existing security controls and protect Gmail accounts from deception and identity theft.