Google today announced an update to Gmail aimed at businesses. Three security features are rolling out to the email service: early phishing detection using machine learning, click-time warnings for malicious links, and unintended external reply warnings. The first two already exist for Gmail users and are now being made available to enterprises, while the last one is completely new.
Gmail already uses machine learning to block spam and phishing messages from showing up in your inbox — “with over 99.9 percent accuracy,” Google claims. Early phishing detection is a dedicated machine learning model that selectively delays messages to perform rigorous phishing analysis and further protect user data from compromise. For those worried about Gmail delaying too many emails, Google is promising that “less than 0.05 percent of messages on average” will be affected and that the delay will be no more than four minutes.
The detection models use Google’s Safe Browsing service, which provides lists of URLs that contain malware or phishing content to Chrome, Firefox, and Safari browsers, as well as to internet service providers (ISPs). By leveraging techniques such as reputation and similarity analysis on URLs, Gmail can generate new URL click-time warnings for phishing and malware links, adapting more quickly than manual systems ever could and improving over time, Google promises.
Lastly, with the goal to help prevent data loss, Gmail now also displays unintended external reply warnings to users. If you try to respond to someone outside of your company domain, you will receive a quick warning to make sure you intended to send that email. Using contextual intelligence, Gmail will not display these warnings to recipients that are existing contacts or someone you interact with regularly.
Gmail is also getting new built-in defenses against ransomware and polymorphic malware. Putting all of the above together, Google estimates that Gmail will now block “millions of additional emails that can harm users.”