After Massive Phishing Attack, Google Improves Gmail Security

Google announced that it has added a suite of new security features to Gmail. These additions will make it easier for the company to detect phishing attempts, fight malware that spreads via attachments, let businesses make sure internal data stays within their control, and warn users when they're visiting a suspicious website. The additions still won't be enough to keep you totally safe, but you're definitely more secure than before.

Many of today's improvements are the result of Google's vast troves of data and its machine learning prowess. The company specifically cites machine learning-based enhancements in its announcement, saying that early phishing detection results from a "dedicated machine learning model that selectively delays messages (less than 0.05 percent of messages on average) to perform rigorous phishing analysis and further protect user data from compromise." In another blog post, the company said this resulted from a new algorithm that spots patterns in phishing attacks.

In yet another post--seriously, Google published a bunch of 'em--the company said that "machine learning has helped Gmail achieve more than 99% accuracy in spam detection." The improvements announced today are supposed to "reduce your exposure to threats by confidently rejecting hundreds of millions of additional messages every day." That process will require the company to analyze metadata and flat-out block certain file types. Google explained:

We now correlate spam signals with attachment and sender heuristics, to predict messages containing new and unseen malware variants. These protections enable Gmail to better protect our users from zero-day threats, ransomware and polymorphic malware. [...] In addition, we block use of file types that carry a high potential for security risks including executable and javascript files.

Business customers will now be able to warn their employees whenever they're about to send information to someone outside the company. Google won't prevent people from sending those messages, though; it merely displays a warning if it detects that you're sending a file to an email address not associated with your employer. That could be enough to help businesses keep their private date private, though, and it will also make it easier to enforce punishment for "accidental" leaks. No fancy machine learning here though--Google just checks all the email addresses involved.

Google also touted a recent improvement that first debuted in Gmail for Android: anti-phishing security checks. This feature immediately warns you when you're about to follow a suspicious link. It's sure to be a useful feature, but we're kind of surprised Google decided to draw attention to it, since it was introduced right around the time that a so-simple-it-hurts phishing campaign that compromised the Google accounts of roughly 1 million people. All the attacker had to do was make an app disguised as Google Docs and wait for people to offer up access to their accounts.

In fact, Google doesn't mention the recent attack in any of the many blog posts it published today. That isn't surprising--it's not like the company wants to draw attention to a massive-yet-simple attack--but it's definitely the elephant in the room. Google constantly improves the security of its products, sure, but chances are good that Google wanted to introduce these security improvements as soon as possible to reassure its users.

Nathaniel Mott
Freelance News & Features Writer

Nathaniel Mott is a freelance news and features writer for Tom's Hardware US, covering breaking news, security, and the silliest aspects of the tech industry.

  • 10tacle
    Hotmail, Yahoo, Google. All hacked and compromised. If you want a personal email that is guaranteed secure, pay to get your own domain email or set up your own Linux POP3 server email. Just make sure whatever the service you choose allows remote access including from smart phones.
  • Moonglum_1
    Good advice IF you don't run for president.