Google boosts Gmail anti-phishing defenses to tackle BEC fraud

Google claims that new anti-phishing machine learning models available in G-Suite can catches 99.9% of business email compromise (BEC) fraud. 

The search giant is rolling out a range of new security features for G-suite customers to ratchet up defences against the the targeted phishing attack. According to the FBI, businesses worldwide have lost more than $5bn to BEC fraudsters since 2013

Google says G-Suite will have “default-on” protections that target typical BEC phishing techniques. It will now automatically flag emails from untrusted senders that have encrypted attachments or embedded scripts, and stop email that forges employee names or that come from domains that look similar to a customer’s real domain.     

Google is also targeting unauthenticated email to address spear phishing attacks and will scan images for signs of phishing attempts and inspect potentially malicious shortened URLs. 

These build on its anti-phishing efforts last year such as warnings that flag when employees may be accidentally replying to someone outside the organization as well as the new G Suite security centre dashboard that launched in January.  

The security security dashboard is also getting updated to provide more insight into potential BEC scams. A new set of charts will show these threats and OAuth activity targeting phishing emails that may not include malicious links. 

IT admins will also have a mobile management chart that displays when a managed device has been hijacked, rooted or jailbroken. 

Finally, Google is adding new protections and controls for Team Drives in order to protect sensitive business information, including information rights management controls  to stop users from printing, downloading and copying files within Team Drives. Admins will soon also be able to restrict access privileges to Team Drives members or only users in the organisations domain.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags Googlephishingcyber attacksGmailBEC fraudG-Suite

More about FBIGoogle

Show Comments

Featured Whitepapers

Editor's Recommendations

Brand Page

Stories by Liam Tung

Latest Videos

More videos

Blog Posts