Google Workspace Gmail pre-delivery scanning disabled

ID:google_workspace_gmail_predelivery_scanning_disabled

Data type:Google Workspace

Severity:

Medium

Description

AlphaSOC detected that pre-delivery scanning for suspicious emails has been disabled, allowing suspicious messages to bypass delayed delivery protections and reach user inboxes immediately.

Impact

Disabling pre-delivery scanning increases the chance that phishing and malware emails are delivered without additional automated review, reducing time for detection and increasing user exposure. Attackers may exploit this to deliver targeted phishing, malicious attachments, or credential capture pages.

Severity

Severity	Condition
Medium	Google Workspace Gmail pre-delivery scanning disabled

Investigation and Remediation

Review audit logs to determine who changed the setting and why, and correlate with recent mail delivery, phishing reports, and unusual sign-ins. If the change is unauthorized, revert the setting and re-scan recent inbound messages if possible.

Description​

Impact​

Severity​

Investigation and Remediation​

Description

Impact

Severity

Investigation and Remediation