Google estimated 50 to 70 percent of messages in Gmail’s inboxes to be spam, many of these messages are carefully crafted to deceive people. That’s why it announced on Wednesday that the company is tapping artificial intelligence to step in where humans are failing.
Back to 2016 presidential election, just look at the spear-phishing tactics against Hillary Clinton’s campaign chairman John Podesta. Podesta’s Gmail account suffered a breach after a fake email received from the URL “accounts.googlemail.com” urged him to change his password.
When a campaign aide wrote “this is a legitimate email” in an embarrassing typo human error led to the avoidable hack. Being aware of the email was a phishing attack, and meant to write “illegitimate,” the aide told The New York Times.
Gmail hopes preventing phishing with machine learning, like its early phishing detection. If an email seems to be suspicious and heading to a person’s inbox, Gmail will analyze it after delaying the message to make sure it’s not a phishing attempt.
Gmail’s counter abuse technology product manager, Andy Wen, in a blog post said,
“As we find new patterns, our models adapt more quickly than manual systems ever could, and get better with time,”
The delay would account for not more than 0.05 percent of emails. Considering Gmail’s scale, even a small percentage means that it will be affecting millions of people. Only 0.1 percent Gmail users get affected by the massive GoogleDocs phishing attack. But this small percentage meant at least 1 million people were still briefly breached before Google shut down the OAuth hack.
Machine learning is used in the automated malware search, from Google’s Safe Browsing, it warns people when they are heading onto an insecure website or a page with malware. It will warn about phishy URLs and links – in Gmail- that lead to cyber attacks.
Due to the millions of spam emails, sent through Gmail, Google became able to build an artificial intelligence that quickly recognizes malware and ransomware messages and blocks them by default.
Gmail will add in warnings for companies when staffers are about to send emails to people outside the company. This feature will prevent accidentally CC’ing strangers on work-sensitive emails. Warnings also use machine learning to understand who you frequently email, so the alerts won’t pop up before every message.
This last feature is only available for enterprise customers of Gmail. Administrators can avail the option to turn off this warning, and the early phishing detection.