Google recently announced that it successfully repelled the first wave of phishing attacks against Gmail users during the holiday season. Despite this, the company is warning users to remain vigilant, as a second wave of attacks is expected in the coming days. This ongoing threat will not only require the company’s attention but also the active participation of Gmail’s 2.5 billion users.
Since mid-November, Google has observed a “massive spike in email traffic compared to previous months,” which complicates the process of protecting Gmail. Attacks against users are a constant threat, but Google is committed to safeguarding them. “We invest heavily in fulfilling this responsibility, blocking more than 99.9% of spam, phishing, and malware in Gmail,” said Andy Wen, Senior Director of Product Management at Gmail.
Enhanced AI Protection
This year, Gmail has seen a 33% reduction in user reports of phishing and malware emails compared to last year. The platform has also blocked millions of additional unwanted and dangerous messages. To bolster its defense, Gmail employs various AI models, including a new large language model trained specifically on phishing, spam, and malware emails. This model alone helped reduce spam by 20%.
Before Black Friday, Google launched an additional model designed to act as an “inspector” for active AI protection. This model instantly evaluates hundreds of threat signals when a message is flagged, applying necessary protection measures accordingly. However, the battle against phishing remains ongoing, with certain schemes becoming more common this season. Fraudsters have started using direct extortion tactics, sending emails with victims’ home addresses and threats of harm or the publication of stolen personal materials. Another common attack involves fake bills for services, with inflated charges and a phone number to dispute the cost for a fee. Phishing attacks using celebrity names are also gaining traction, as scammers try to convince victims that a famous person is promoting a product.
Rising Phishing Attacks
The second half of 2024 has seen a staggering 700% increase in phishing attacks aimed at stealing credentials, according to cybersecurity experts from SlashNext. Email attacks alone have grown by 200%, with attackers using sophisticated phishing schemes and social engineering tactics. Many users now receive phishing links weekly, posing threats capable of bypassing traditional network security measures. In fact, the proportion of links to “zero-day” attack sources, or previously unknown threats, reached 80%.
Attacks are also being carried out through QR codes and email attachments, which can evade security systems. The senders of these phishing emails are often legitimate email addresses that have been compromised.
How to Protect Yourself
Phishing scammers usually aim to create a sense of urgency, urging victims to act immediately. It is essential to stay calm when receiving unexpected or threatening emails. A brief pause—waiting 10 to 20 seconds—can help you assess whether the email is a scam, notes NIX Solutions. You should also conduct your own investigation, checking the sender’s information and verifying the website links. If you confirm the email is fraudulent, report the incident to your email service provider. This helps protect not only you but also other users.
We’ll keep you updated as more integrations and protections become available.