Friday, January 27, 2023

Google Is Using Machine Learning to Fish for Phishing Scams

Google Is Using Machine Learning to Fish for Phishing Scams

Google has unveiled some updates to Gmail intended to prevent malware attacks and protect users from phishing attacks, through a host of new security features.

Also read: Insert Link Here: BAT Token Sale Causes Hours of Ethereum Network Delays

Using Machine Learning to Improve Phishing Detection

The security features are centered around an early detection system for phishing scams that will leverage machine learning.

Google has rolled out a new machine learning model exactly for this purpose; dedicated to discovering phishing and other spam messages — and snuffing them out before they ever get to the user.

The model will delay certain kinds of messages to perform phishing analysis on them, however, Google is promising that less than 0.05 of messages on average will be affected.

According to Andy Wen, of Google’s Counter Abuse Technology group, machine learning will help block phishing attempts with 99.9 percent accuracy. Wen claimed this is “huge” considering that 50 to 70 percent of Gmail messages are spam anyway.

Additionally, they will also be combining different techniques to prevent malware attacks, such as reputation and similarity analysis on URLs.

“As we find new patterns, our models adapt more quickly than manual systems ever could, and get better with time,” explained Wen.

Other Google Security Features and Ransomware Prevention

In addition to the early detection system, Google has also introduced some other security features such as displaying unintended external reply warnings to users.

Basically, before sending out a message, a user will receive a warning to prevent them from unintentionally sending emails to the wrong people. This way, loss of user data can be minimized.

Furthermore, Google is also introducing enhancements that scan attachments for signs of ransomware or polymorphic malware — which is difficult to spot with traditional anti-malware programs.

Wen explained how Google currently classifies and detects spam, saying:

“We classify new threats by combining thousands of spam, malware and ransomware signals with attachment heuristics (emails that could be threats based on signals) and sender signatures (already marked malware).”

The early detection system for phishing spam is, in itself, a useful way to prevent ransomware attacks because a common way that ransomware propagates is via email through phishing tactics.

This may come as a relief to many, particularly because ransomware and phishing scams have dominated news lately.

With both the WannaCry Ransomware attack and Google’s own phishing scam that spread through their online word processor Google Docs that occurred last month, people can at least rest easy knowing there could be one less way an attacker could reach them.

What do you think of Google using machine learning to improve phishing detection? Let’s hear your thoughts below.

Images via Google and Gmail

Bitsonline Email Newsletter