I just found this article on the official Gmail Blog:
I recently received an email from what looked like my bank saying I should update my account, but it looked a little weird. I clicked on the “show details” link and quickly learned it wasn’t from my bank after all; instead of being sent from First National Bank’s real email address, this message originated from a random South African domain. If I hadn’t viewed these details, I could have been tricked — it wasn’t entirely obvious that this email was a fake.
Phishing messages are a form of spam that attempt to deceive recipients in order to gain access to their personal information. Starting today, Gmail will automatically display more information about the origin of certain messages you receive so you can be better informed and protect yourself from getting tricked. If someone fakes a message from a sender that you trust, like your bank, you can more easily see that the message is not really from where it says it’s from.
Whenever you receive a message from someone who isn’t already in your Gmail contacts, the header will now show the sender’s email address like this:
Websites sometimes send emails on behalf of someone, like when your friend Mike sends you an article from abc.com using one of the site’s “Share this story” links. Gmail will now show this information more prominently:
Gmail will also automatically detect suspicious messages and display a warning when it looks like someone may have spoofed a Gmail address (we do this by evaluating the message’s authentication data).
If you determine that an email is a phishing attempt, please let us know by reporting it (you can always do this by clicking the down arrow next to “Reply” at the top-right of the message and selecting “Report phishing”).