After the effects of the phishing campaign that used Google Docs as a tool to attack, Google has launched a number of upgrades to Gmail and its browser so that users can be notified and warned of suspicious emails and websites that may contain malware.
The new machine-learning model
According to Andy Wen, who is currently involved with Google’s Counter Abuse Technology group, a new machine learning model has been created that will detect spam emails early on and thus delay messages.
The messages will, therefore, be analyzed by the model and the email will be classified as spam if it contains any malware or adware.
One of the primary advantages of the new model is that it is adaptable and as Google classifies more malware, the model will automatically learn how to analyze the emails so as to look for such threats.
Google says that the system will block malicious emails with 99.9 percent accuracy and is therefore highly effective and robust.
“Machine learning helps Gmail block sneaky spam and phishing messages from showing up in your inbox with over 99.9 percent accuracy,” Wen said. “This is huge, given that 50-70 percent of messages that Gmail receives are spam.”
Safe Browsing feature
The machine learning model not only applies to emails but also to links that may contain malware. This is because the model supports Safe Browsing which means that users will be warned before opening a URL in Chrome that might be a potential threat.
Benefits to Enterprise
The system is said to be highly beneficial to enterprise users since it will protect them from replying to messages that are malicious. That is, the model will warn users if they are replying to messages that are from contacts which are not in the contact list.
This, however, does not mean that users will not be able to send messages to regular contacts. The model is designed as such that it will filter out the context to see that even if a contact is not in the list, it will still consider it safe if regular conversations have been held with the contact in question.
Google also said that the new model works by integrating a number of malware, ransomware and spam signals. This means that suspicious emails will be highlighted based on signals and the user will be notified.
Furthermore, the system will also determine the safety of attachment. Hence, if an attachment contains any threat, the user will be warned accordingly.
Google Docs phishing scam
As mentioned earlier, the new upgrades are perhaps a response to the recent Google Docs phishing scam which involved the attackers using Google’s OAUTH2 service to scam around 1 million Gmail users.
Although Google says that only 0.1% of the users were affected, it is, however, still a matter of concern.
As such, in addition to the above security measures, Google also announced that it would be launching a Security Key enforcement so that emails in transit can be encrypted and protected from data theft. Lastly, a new, more robust certificate system will be launched whereby attackers will be prevented from using fake certificates to scam users.