Tuesday, May 13, 2025
HomeInfosec- ResourcesGoogle using machine learning to block 99.9% of Malware and Phishing Mails

Google using machine learning to block 99.9% of Malware and Phishing Mails

Published on

SIEM as a Service

Follow Us on Google News

Google published a blog post introducing machine learning to detect phishing Emails, click-time warnings for malicious links, and unintended external reply warnings.

Machine learning has helped Gmail accomplish over 99% accuracy in spam recognition, and with this new security improvements.Google continuously focussing on Security improvements for Gmail users

Google continuously focussing on Security improvements for Gmail users.

- Advertisement - Google News

At RSA Conference Elie Bursztein the head of Google’s anti-abuse research team said they are to implement the SMTP Strict Transport Security following by Gmail users soon.

Last February Google also launched new hosted S/MIME solution to enhance security for Gmail in the enterprise.

From Google Blog “We now connect spam signals with connection and sender heuristics, to anticipate messages containing new and concealed malware variations. This protection empowers Gmail to better shield for from zero-day dangers, ransomware, and polymorphic malware.”

Machine learning to detect phishing Emails

With machine learning, Google can square tricky spam and phishing messages from appearing in your inbox with more than 99.9% precision.

They are Continuously enhancing spam identification accuracy with an active machine learning model which run a thorough phishing analysis to make sure user protection.

This examination to keep running on particular messages which delay by 0.05 percent.They likewise coördinated Google Safe Browsing technologies, such as, such as reputation and similarity analysis on URLs.

New Warnings

Hereafter Google decides to show warnings if you send Emails outside of your company domain. Google uses contextual intelligence which avoids from demonstrating this notice for clients that you regularly interact.

Also, they squared utilization of file types that convey a high potential for security risks including executable and Javascript documents.

File types that can’t be attached
.ADE, .ADP, .BAT, .CHM, .CMD, .COM, .CPL, .EXE, .HTA, .INS, .ISP, .JAR, .JS (NEW),
 .JSE, .LIB, .LNK, .MDE, .MSC, .MSI, .MSP, .MST, .NSH .PIF, .SCR, .SCT, .SHB, .SYS,
 .VB, .VBE, .VBS, .VXD, .WSC, .WSF, .WSH

Javascript files are blocked from  February 13th  for security reasons.

However, they have highlighted that there are other alternative ways (Drive and Google Cloud) for sending Javascript files forward and backward if clients still need to send these legitimately.  

You can also send an Encrypted and password to protect your Gmail message in a click with the plugin  Secure Email.

As we know scammers try to Bypass Antispam gateways by using tricky Email attachments and Google trying to handle it in different ways.

Also Read

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Zoom Workplace Apps Flaws Allow Hackers to Gain Elevated Access

Zoom has released multiple security bulletins addressing seven newly discovered vulnerabilities in Zoom Workplace...

PoC Exploit Published for macOS Sandbox Escape Vulnerability (CVE-2025-31258)

Security researchers have disclosed a new macOS sandbox escape vulnerability tracked as CVE-2025-31258, accompanied...

Four Hackers Caught Exploiting Old Routers as Proxy Servers

U.S. authorities unsealed charges against four foreign nationals accused of operating a global cybercrime...

F5 BIG-IP Vulnerability Allows Remote Command Execution

Critical security vulnerability in F5 BIG-IP systems has been discovered that allows authenticated administrators...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Is this Website Safe: How to Check Website Safety – 2025

is this website safe? In this digital world, Check a website is safe is...

LegionLoader Abusing Chrome Extensions To Deliver Infostealer Malware

LegionLoader, a C/C++ downloader malware, first seen in 2019, delivers payloads like malicious Chrome...

PentestGPT – A ChatGPT Powered Automated Penetration Testing Tool

GBHackers come across a new ChatGPT-powered Penetration testing Tool called "PentestGPT" that helps penetration...