‘Machine Learning’ Can Protect You From Phishing Attacks Says Google

According to a recent blog post by Google’s Senior Product Manager of Counter Abuse Technology Andy Wen, AI machine learning technology was recently used successfully on the Google’s Gmail service, and reportedly blocked 99.9% of all phishing attempts that it detected.

What Is Phishing?

Phishing emails are a well-known and widely used fraudulent practice, which relies upon human error by sending emails, purporting to be from reputable companies, in order to induce individuals to reveal personal information, or to take other action such as wiring money to the apparent sender.

KPMG figures show that the value of (reported) fraud committed in the UK last year exceeded £1.1bn, which is part of a 55% year-on-year rise, and can be attributed to the huge growth of cybercrime, with phishing being one of the most popular methods.

Helping Business Fight Security Threats

In the blog post by Wen, he outlined how machine learning Early Phishing Detection is one of several new features being added to Gmail to help businesses stay ahead of potential cyber threats. Other features that Google is adding to its flagship web-based email system reportedly include click-time warnings for malicious links, unintended external reply warnings and built-in defences against new threats

Machine Learning Early Phishing Detection

The Early Phishing Detection service that Google has added to Gmail works by using a dedicated machine learning model that selectively delays messages to allow it enough time to carry out a rigorous analysis for any signs of phishing.

This works in conjunction with more machine learning technologies such Google Safe Browsing which finds and flags phishy and suspicious URLs.

These machine learning models are reported to be more than 99% accurate in detecting spam and phishing messages in Gmail inboxes. This is particularly important when you consider that that 50-70% of messages that Gmail receives are spam anyway.

Ransomware Protection Too

Google is also reported to be equipping Gmail with built-in defences against ransomware and polymorphic malware. This could be particularly relevant and important in the light of the recent WannaCry ransomware attack in the UK, which was the biggest in history, and was so devastating to the NHS.

What Does This Mean For Your Business?

Online fraud techniques such as phishing use social engineering and rely upon human error, gaps in human knowledge, and bad human decisions made under work pressures to be successful. Developing tools that can very accurately detect, flag and / or filter out potential cyber / data security threats could dramatically reduce the chances of successful attacks by cutting out the chance for human error. The introduction of machine learning / AI also means that these tools can keep themselves up to date, thereby offering better levels of protection than other methods that have to wait for updates to be delivered or activated by humans.

Empowering staff to make the right decisions to protect data can, therefore, involve the right software protection tools, as well as training in how to spot all popular, known cyber / data attack methods, and agreed processes for dealing with them.