Google Messages Could Show a New Pop-Up Warning When Users Click on Links From Unknown Senders: Report

Google is reportedly working on a new warning message for Google Messages that can prevent users from falling for a phishing scam or unknowingly installing malware on their devices. This feature will be triggered whenever the user clicks on a link sent by a number not saved in the Contacts. The new warning message is said to require users to take an extra step to tick a box containing a warning message before continuing to the website. Notably, a recent report revealed that Google Messages’ under-development satellite messaging feature could offer two-way communication.

According to a report by PiunikaWeb (via tipster AssembleDebug), the feature was spotted with the Google Messages app in RCS chats. While Google Messages does already show a warning text when clicking on URLs sent by unknown numbers, it is a simple “Do you trust the Sender” warning where users can click on continue and open the link. The new pop-up warning comes with a two-step process which could be designed to help users pause before they decide whether they want to continue or not.

Based on the screenshots shared by the tipster, the new warning is labelled more explicitly and says, “Caution: this sender isn’t one of your contacts”, and adds the message, “Links from people that you don’t know may open unwanted and harmful content”. In case the user still wants to continue, they will have to tick a box which states “I understand this link may be harmful”. If the user decides not to open the link, they can tap on the ‘Cancel’ button.

As the feature itself was found in RCS mode, it likely works for standard SMS as well. A comment posted on AssembleDebug’s post on X (formerly known as Twitter) confirmed that warning appeared even when clicked on a link sent by the user’s bank. The feature is expected to soon roll out to Android users globally.

This warning could potentially save a lot of people from falling for phishing scams. For the unversed, a phishing scam is a type of online scam where the attacker impersonates as a familiar person to the victim or as a representative of an institution and asks the user to click on a link. The website corresponding to the link often resembles a legitimate website and asks the user to sign in. But once the account id and password are entered, it is delivered to the scammers, who can then use it to access the accounts themselves.