Google is rolling out a new set of protections for Gmail customers that rely on machine learning to help better identify phishing messages and malicious attachments.
Gmail is popular among both consumers and small and medium enterprises, which rely on it for low-cost hosted email and apps. The service also is one of the larger targets for many kinds of attackers, especially spammers and phishing crews. As a result, Google is always having to adjust and improve the security of Gmail, and this week the company has added several new features designed to prevent more malicious messages from reaching users.
“We now correlate spam signals with attachment and sender heuristics, to predict messages containing new and unseen malware variants. These protections enable Gmail to better protect our users from zero-day threats, ransomware and polymorphic malware,” Sri Somanchi, product manager for Gmail and anti-spam, said in a post explaining the new features.
Google officials said that at least 50 percent of the messages the Gmail system receives are spam, and its new phishing defenses will automatically delay a small percentage of messages that are suspected of being phishing.
“Our detection models integrate with Google Safe Browsing machine learning technologies for finding and flagging phishy and suspicious URLs. These new models combine a variety of techniques such as reputation and similarity analysis on URLs, allowing us to generate new URL click-time warnings for phishing and malware links,” Andy Wen, senior product manager, counter abuse technology, said.
In addition to the new phishing defenses, Google also has added a feature to Gmail that will warn corporate users when they’re replying to someone outside of their domain. The idea is to prevent users from sending sensitive information inadvertently to people who shouldn’t be receiving it. Gmail now also includes better protections against malware arriving in email messages, too.
“With new built-in defenses against ransomware and polymorphic malware, Gmail now blocks millions of additional emails that can harm users. We classify new threats by combining thousands of spam, malware and ransomware signals with attachment heuristics (emails that could be threats based on signals) and sender signatures (already marked malware),” Wen said.