A dedicated machine learning model delays select messages on which it performs "rigorous phishing analysis."
A dedicated machine learning model delays select messages on which it performs "rigorous phishing analysis."

Google has rolled out new security strategies for its emailing system, Gmail, that incorporates early phishing detection that employs "machine learning, click-time warnings for malicious links, unintended external reply warnings and built-in defenses against new threats," according to a post on the company blog.

The company claims its technology is nearly flawless, 99.9 percent, in blocking spam and phishing messages from entering users' inboxes. Given that 50-70 percent of messages that Gmail receives are spam, the new measures are "huge," the company said.

The technology used in its early phishing detection, Google explained, uses a dedicated machine learning model that can delay select messages on which it performs "rigorous phishing analysis."

This strategy, integrated with another machine learning technology already in place, Google Safe Browsing, increases Gmail's ability to detect phishing emails or suspect URLs by combining a number of techniques, such as reputation and similarity analysis on URLs. The tool enables the generating of new URL click-time warnings for phishing and malware links, the company explained. "As we find new patterns, our models adapt more quickly than manual systems ever could, and get better with time."

The update to Gmail will now present alerts to users to warn about unintended external reply warnings to users to help prevent data loss. If a user attempts to reply to a user outside the company's domain, a popup will seek affirmation that the intended recipient is legitimate. The email system is capable of recognizing existing contacts, an asset the company dubs "contextual intelligence," so the alert will not be put into play when communicating with someone the user is already in regular communication contact with.

Gmail also has protections against ransomware and polymorphic malware, the post stated. "We classify new threats by combining thousands of spam, malware and ransomware signals with attachment heuristics (emails that could be threats based on signals) and sender signatures (already marked malware)," the post stated.