Gmail Uses Machine Learning To Prevent Phishing

MOUNTAIN VIEW – Gmail is hoping to prevent phishing with machine learning, like its early phishing detection. If an email looks suspicious and heads to a person’s inbox, Gmail will delay it and analyze the message to make sure it’s not a phishing attempt.

“As we find new patterns, our models adapt more quickly than manual systems ever could, and get better with time,” said Andy Wen, Gmail’s counter abuse technology product manager, in a blog post.

Google said the delay would account for less than 0.05 percent of emails. Considering Gmail’s scale, even a small percentage means it will affect millions of people. The massive Google Docs phishing attack only affected 0.1 percent of Gmail’s users, but it meant at least 1 million people were still briefly breached before Google shut down the OAuth hack.

The automated malware search uses machine learning from Google’s Safe Browsing, which warns people when they’re heading onto an insecure website or a page with malware. In Gmail, it will warn about phishy URLs and links that lead to cyberattacks.

The Sans Institute estimates that 95 percent of cyberattacks starting with spear phishing, in which a specific individual is targeted. Google hopes it’s automated system will close off that breaking-in point.

Google is one of the top three spoofed companies in phishing attempts, according to Ironscales, which specializes in anti-email phishing. The company looked at more than 8,500 phishing attacks over the last year, and found that for every five malware-infested emails that spam filters pick up, there are about 20 spear phishing attacks that sneak past.

Thanks to the millions of spam emails that get sent through Gmail, Google has been able to build artificial intelligence that quickly recognizes malware and ransomware messages and blocks them automatically. Think of it like how your immune system gets stronger with germs that it’s seen before and recognizes.

Gmail will also be adding in warnings for companies when staffers are about to send emails to people outside the company. The feature hopes to prevent accidentally CC’ing strangers on work-sensitive emails. Gmail’s warnings also use machine learning and understand who you frequently email, so the alerts won’t pop up before every message.

This last feature is only available for Gmail’s enterprise customers. Administrators will have the option to turn off this warning, as well as the early phishing detection, but a Google spokeswoman said that would be “highly discouraged.”