Google Improves Gmail Anti-phishing Defenses to Combat BEC Fraud
Google claims that new training models for anti-phishing machines available in G-Suite can catch 99.9% of e-mail fraud (BEC).
The search giant deploys a number of new security features for G-suite clients to protect against targeted attacks on phishing. According to the FBI, since 2013, businesses around the world have managed to lose more than $5 billion for BEC scammers.
Google says that G-Suite will have default protection, which is aimed at typical methods of phishing BEC. Now it will automatically mark emails from untrusted senders who have encrypted attachments or built-in scripts, and stop e-mail that forges names of employees or come from domains similar to the real domain of the client.
RECOMMENDED READ: 7 Ways I.T Admins Can Secure Accounts Against Phishing in G Suite
Google also targets unauthorized e-mails to the spear’s phishing attack address and scans images for signs of phishing attempts and checks for potentially maliciously abbreviated URLs.
Last year, they built on their efforts to combat phishing, such as warnings that indicate when employees might accidentally respond to someone outside the organization, as well as a new dashboard monitored by the G Suite security centre, launched in January.
The security toolbar is also updated to better understand potential frauds with the BEC. The new set of diagrams will show these threats, and OAuth activity – phishing emails, which may not contain malicious links.
IT administrators will also have a mobile device management diagram that displays when the managed device has been captured, rooted, or hacked.
Finally, Google adds new security and controls for Team Drives to protect sensitive business information, including information rights management tools, so that users can not print, download and copy files to Team Drives. Administrators will soon also be able to restrict access rights for Team Drives or only users in the organizations’ domain.
Culled from CSO