Saturday, December 2, 2023

Google using machine learning to block 99.9% of Malware and Phishing Mails

Google published a blog post introducing machine learning to detect phishing Emails, click-time warnings for malicious links, and unintended external reply warnings.

Machine learning has helped Gmail accomplish over 99% accuracy in spam recognition, and with this new security improvements.Google continuously focussing on Security improvements for Gmail users

Google continuously focussing on Security improvements for Gmail users.

At RSA Conference Elie Bursztein the head of Google’s anti-abuse research team said they are to implement the SMTP Strict Transport Security following by Gmail users soon.

Last February Google also launched new hosted S/MIME solution to enhance security for Gmail in the enterprise.

From Google Blog “We now connect spam signals with connection and sender heuristics, to anticipate messages containing new and concealed malware variations. This protection empowers Gmail to better shield for from zero-day dangers, ransomware, and polymorphic malware.”

Machine learning to detect phishing Emails

With machine learning, Google can square tricky spam and phishing messages from appearing in your inbox with more than 99.9% precision.

They are Continuously enhancing spam identification accuracy with an active machine learning model which run a thorough phishing analysis to make sure user protection.

This examination to keep running on particular messages which delay by 0.05 percent.They likewise coördinated Google Safe Browsing technologies, such as, such as reputation and similarity analysis on URLs.

New Warnings

Hereafter Google decides to show warnings if you send Emails outside of your company domain. Google uses contextual intelligence which avoids from demonstrating this notice for clients that you regularly interact.

Also, they squared utilization of file types that convey a high potential for security risks including executable and Javascript documents.

File types that can’t be attached
.ADE, .ADP, .BAT, .CHM, .CMD, .COM, .CPL, .EXE, .HTA, .INS, .ISP, .JAR, .JS (NEW),
 .JSE, .LIB, .LNK, .MDE, .MSC, .MSI, .MSP, .MST, .NSH .PIF, .SCR, .SCT, .SHB, .SYS,
 .VB, .VBE, .VBS, .VXD, .WSC, .WSF, .WSH

Javascript files are blocked from  February 13th  for security reasons.

However, they have highlighted that there are other alternative ways (Drive and Google Cloud) for sending Javascript files forward and backward if clients still need to send these legitimately.  

You can also send an Encrypted and password to protect your Gmail message in a click with the plugin  Secure Email.

As we know scammers try to Bypass Antispam gateways by using tricky Email attachments and Google trying to handle it in different ways.

Also Read

Website

Latest articles

Active Attacks Targeting Google Chrome & ownCloud Flaws: CISA Warns

The CISA announced two known exploited vulnerabilities active attacks targeting Google Chrome & own...

Cactus Ransomware Exploiting Qlik Sense code execution Vulnerability

A new Cactus Ransomware was exploited in the code execution vulnerability to Qlik Sense...

Hackers Bypass Antivirus with ScrubCrypt Tool to Install RedLine Malware

The ScrubCrypt obfuscation tool has been discovered to be utilized in attacks to disseminate the RedLine Stealer...

Hotel’s Booking.com Hacked Logins Let Attacker Steal Guest Credit Cards

According to a recent report by Secureworks, a well-planned and advanced phishing attack was...

Critical Zoom Vulnerability Let Attackers Take Over Meetings

Zoom, the most widely used video conferencing platform has been discovered with a critical...

Hackers Using Weaponized Invoice to Deliver LUMMA Malware

Hackers use weaponized invoices to exploit trust in financial transactions, embedding malware or malicious...

US-Seized Crypto Currency Mixer Used by North Korean Lazarus Hackers

The U.S. Treasury Department sanctioned the famous cryptocurrency mixer Sinbad after it was claimed...

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Related Articles