Saturday, February 8, 2025
HomeInfosec- ResourcesGoogle using machine learning to block 99.9% of Malware and Phishing Mails

Google using machine learning to block 99.9% of Malware and Phishing Mails

Published on

SIEM as a Service

Follow Us on Google News

Google published a blog post introducing machine learning to detect phishing Emails, click-time warnings for malicious links, and unintended external reply warnings.

Machine learning has helped Gmail accomplish over 99% accuracy in spam recognition, and with this new security improvements.Google continuously focussing on Security improvements for Gmail users

Google continuously focussing on Security improvements for Gmail users.

At RSA Conference Elie Bursztein the head of Google’s anti-abuse research team said they are to implement the SMTP Strict Transport Security following by Gmail users soon.

Last February Google also launched new hosted S/MIME solution to enhance security for Gmail in the enterprise.

From Google Blog “We now connect spam signals with connection and sender heuristics, to anticipate messages containing new and concealed malware variations. This protection empowers Gmail to better shield for from zero-day dangers, ransomware, and polymorphic malware.”

Machine learning to detect phishing Emails

With machine learning, Google can square tricky spam and phishing messages from appearing in your inbox with more than 99.9% precision.

They are Continuously enhancing spam identification accuracy with an active machine learning model which run a thorough phishing analysis to make sure user protection.

This examination to keep running on particular messages which delay by 0.05 percent.They likewise coördinated Google Safe Browsing technologies, such as, such as reputation and similarity analysis on URLs.

New Warnings

Hereafter Google decides to show warnings if you send Emails outside of your company domain. Google uses contextual intelligence which avoids from demonstrating this notice for clients that you regularly interact.

Also, they squared utilization of file types that convey a high potential for security risks including executable and Javascript documents.

File types that can’t be attached
.ADE, .ADP, .BAT, .CHM, .CMD, .COM, .CPL, .EXE, .HTA, .INS, .ISP, .JAR, .JS (NEW),
 .JSE, .LIB, .LNK, .MDE, .MSC, .MSI, .MSP, .MST, .NSH .PIF, .SCR, .SCT, .SHB, .SYS,
 .VB, .VBE, .VBS, .VXD, .WSC, .WSF, .WSH

Javascript files are blocked from  February 13th  for security reasons.

However, they have highlighted that there are other alternative ways (Drive and Google Cloud) for sending Javascript files forward and backward if clients still need to send these legitimately.  

You can also send an Encrypted and password to protect your Gmail message in a click with the plugin  Secure Email.

As we know scammers try to Bypass Antispam gateways by using tricky Email attachments and Google trying to handle it in different ways.

Also Read

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Autonomous LLMs Reshaping Pen Testing: Real-World AD Breaches and the Future of Cybersecurity

Large Language Models (LLMs) are transforming penetration testing (pen testing), leveraging their advanced reasoning...

Securing GAI-Driven Semantic Communications: A Novel Defense Against Backdoor Attacks

Semantic communication systems, powered by Generative AI (GAI), are transforming the way information is...

Cybercriminals Target IIS Servers to Spread BadIIS Malware

A recent wave of cyberattacks has revealed the exploitation of Microsoft Internet Information Services...

Hackers Leveraging Image & Video Attachments to Deliver Malware

Cybercriminals are increasingly exploiting image and video files to deliver malware, leveraging advanced techniques...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

Is this Website Safe: How to Check Website Safety – 2025

is this website safe? In this digital world, Check a website is safe is...

LegionLoader Abusing Chrome Extensions To Deliver Infostealer Malware

LegionLoader, a C/C++ downloader malware, first seen in 2019, delivers payloads like malicious Chrome...

PentestGPT – A ChatGPT Powered Automated Penetration Testing Tool

GBHackers come across a new ChatGPT-powered Penetration testing Tool called "PentestGPT" that helps penetration...