You can protect yourself from unwanted email in your Gmail inbox, such as spam, mailbombs, or messages from an account that has abused Gmail’s policies.
For email you received that you consider spam, mark it as such. You can also unmark it. Follow the steps to Mark or unmark emails as spam.
To prevent a message from being sent to spam, you can:
- Add the sender to your contacts. For instructions, go to Add, move, or import contacts.
- Filter these messages. For details, visit Create rules to filter your emails.
Note: If legitimate email is still being sent to spam after you’ve added the sender as a contact and set up a filter, make sure the sender is following our sender guidelines. For details, see Prevent mail to Gmail users from being blocked or sent to spam.
If someone on your contacts list sends you spam, a hacker might have taken over their account.
- Don’t respond to the email.
- To report the email, in the spam alert, click Message looks suspicious.
This action sends a report to the Gmail team to investigate. You continue to get email from this contact in the future.
- Let your contact know by another means (for example, phone or instant message) that their email account might be hacked. Suggest they follow these Gmail security tips.
When you block a sender, their messages will go to your Spam folder.
- On your computer, go to Gmail.
- Open the message.
- In the top right, click More .
- Click Block [sender].
Tip: If you blocked someone by mistake, you can unblock them using the same steps.
Stop a Gmail account from impersonating an individual or organization
If you suspect that you received a message from a Gmail account that is impersonating an individual or organization, go to This message may not have been sent by…
To learn about Google’s policies for acceptable use of Gmail and what to do if another Gmail account violated any of these policies, go to Gmail Program Policies.
Report abuse of any Google service
For instructions on reporting the abuse of Google services that might send emails to you, go to Report a violation.
A mailbomb is a form of attack designed to prevent you from using your email account or finding legitimate emails.
With Gmail, you can take steps to stop or prevent your account from being mailbombed. To perform a mailbox attack, an attacker only needs to know your email address. The following information helps you defend against being mailbombed.
Gmail warns you if someone mailbombs your account
If Gmail detects that your account was mailbombed, you receive a warning with a link to our existing mailbomb article. For more information, go to Mark or unmark Spam in Gmail.
What this warning means
You might have received a lot of unwanted email, such as subscriptions or promotional offers. In a targeted attack, a hacker can try to fill up your inbox so that you can't find important security alerts from websites or services you signed up for with your Gmail account.
For example, if a hacker tries to get into your bank account, your bank can notify you by email. But if your inbox is full of junk mail, you might miss the bank’s alert.
If you see this warning
- Search your inbox and spam for security alerts, then respond to the email you find. Learn more
- Do a Google Security Checkup. Learn more
- Follow Gmail security tips. Learn more
You can use inbox categories to help find messages when you are being mailbombed. Enable inbox categories to split up your received messages. This way, when you open Gmail, you don't have to view all email and separate messages that you might want to read later.
For example, you’ve subscribed to a particular merchant that sends email promotions, but don’t want to read them now. Gmail puts these messages into a Promotions category so they don't clutter your inbox.
For details, see Add or remove inbox categories & tabs in Gmail.
Using search operators, you can filter your Gmail search results. For example, you can search for all messages from a specific sender who’s sending unwanted messages. You can also combine operators to filter your results even more. Use the results to filter all messages from this sender directly to the Trash.
- Search for mailing lists—Mailing lists are typically used in spam attacks. You can use the list search operator to find mailing list email from a specific domain.
Example: list: email@example.com
Tip: Add a hyphen (-) in front of the query to find messages that aren't from the mailing list.
Example: -list: firstname.lastname@example.org
- Search by category—If the unwanted messages are being classified into a specific category, using a category search in combination with a date filter may be helpful.
Example: category:updates newer_than:1d
For more information, go to Search operators you can use with Gmail.
In addition to link protection against malicious websites for official Gmail clients (web, Android, and iOS), Google also adds link protection for third-party email applications (IMAP client). Third-party clients include Apple Mail, Microsoft Outlook, and some Android email clients.
When you click a link in a recent message, Google starts a malicious link check. If Google detects nothing malicious, the website opens. For older messages, a window might appear, which you might need to tap or click to open the link.
Open a link safely
- Go to Gmail.
- Open the message.
- In the message, click the link.
This starts a malicious link check. If Google detects nothing malicious, the link opens.
Read a message's full header
You can display more information about where a message came from:
- Go to Gmail.
- Open the message.
- At the top right, click More.
- Click Show original.
You can help prevent attackers from getting your email address by hiding your email on social networking sites and not posting your email online. Read these Tips for staying safe online.
Your administrator can:
- Add senders to a blocked senders list. For details, see Block messages from an email address or domain.
- Create content compliance rules, which might also benefit other users in your organization who are receiving unwanted messages. For details, see Set up rules for advanced email content filtering.