Over the years phishing -- a social engineering attack that uses seemingly innocuous emails to trick victims into giving away personal information or clicking a malicious link -- has grown in sophistication and scale. In order to put a stop to these scams, Google has made some security enhancements for Gmail. Here how the new anti-phishing features work.
Machine learning
Google is approaching email security the same way they’ve been developing their products, with machine learning technology. Phishing scams usually follow a predictable pattern when you analyze them. Knowing this, Gmail experts developed an algorithm that analyzes phishing and spam patterns and updates Google’s security database in real time.
When the same phishing attempt is made, Gmail flags potentially dangerous messages and sends them through Google’s Safe Browsing feature, where message links and file attachments are tested for malicious activity. According to Google, around 50 to 70 percent of emails that get sent to Gmail accounts are spam and phishing emails, but with the new detection algorithm, Gmail can block 99.9% of them.
Click-time warnings
Google has also added precautions for suspicious links. When you accidentally click on an unsolicited link in a message, Gmail will redirect you to a security page titled: “Warning -- phishing (web forgery) suspected.”
Although Google does not completely block access to the link (in case of false positives), it advises you to be extremely careful if you do decide to proceed.
External reply warnings
Another enhancement focuses on securing reply messages. The Gmail feature warns users when they are about to send a reply to an address that is not in their contact list or company domain. This small improvement is designed to prevent users from giving away sensitive information to third-parties.
Every Gmail user can take advantage of these new security controls today, but it’s important to keep in mind that these can’t replace security awareness. Even Google has mentioned that these features are complements to existing security systems and best practices. Being able to identify what is or isn’t a scam can go a long way in protecting your business.
Google is adding machine learning technology in almost all of their products. To find out where they’ll apply it to next, get in touch with our experts and stay tuned for more Google-related posts.