Around 1.5 billion people use Gmail every month and majority of this group trust Google to protect them from threats and hacks. Google’s existing machine learning models block more than 99.9 percent of spam, phishing, and malware from reaching people’s inboxes.

But being on top of today’s highly-skilled cyber attackers, more sophisticated efforts were required.  This year in February Google revealed how it is staying ahead of refined threats. TensorFlow, an open-source machine learning framework developed by Google blocks an extra 100 million spam messages every day.

Google further explains how the ML framework does that. It first starts with expanding the scope of threat detection and blocking spam threats that were earlier difficult to detect. TensorFlow blocks image-based messages, emails with hidden embedded content, and messages from newly created domains that try to hide a low volume of spammy messages within legitimate traffic.

Android Antitrust Google

The updated ML framework helps Google catch spam by identifying patterns in large data sets. Furthermore, the framework allows Google to differentiate between spammy emails and emails that have certain characteristics of bring spammy but aren’t necessarily spam. Personalization for every Gmail user is also carried out by the framework.  For instance, a user might see promotional emails as spam and another user might not, Google personalizes spam protection accordingly.

Even after this, why do we still fall prey to phishing emails?

At the 2019 Black Hat conference held at Las Vegas, Google security researcher Elie Bursztein explains why.

The first thing to know about phishing and phishers is that they aren’t random or sloppy, said Bursztein. The phishing emails fall into three categories, explained Bursztein - phishing aimed at distinct individuals, “boutique phishing” that targets fewer people, and automated bulk phishing that targets hundreds or thousands of people. While bulk phishing operations average 13 hours, the boutique emails average 7 minutes.

In his presentation, Bursztein also mentions that phishing campaigns mostly target commercial email accounts. Corporate or business accounts were 4.8 times more likely to receive phishing emails.

While people today know better to look through bulk phishing emails that ask for private information to avail lottery prizes or exciting offers. Targeted and specific emails see a lot of success.

Professor Daniela Oliverra of University of Florida, who also spoke at the conference, talks about the human factors at play. She outlines three main kinds of phishing emails that take advantage of human emotions and make phishing easier – offers of financial gains, emails from a known authority, and the ones which invoke sympathy (these people in XYZ area need help).