Better phishing protection is coming to email providers

Nov 13, 2015 10:18 GMT  ·  By

Google is bragging about the better state of security that email clients are enjoying these days, and the company may be to blame for it.

According to a recent study performed by Google together with the University of Michigan and the University of Illinois, email has improved for everyone in the past two years.

From December 2013 to October 2015, emails that Gmail customers received, and that were encrypted, increased from 33% to 61% of the total number of emails.

At the same time, TLS-encrypted emails sent from Gmail to non-Gmail accounts also increased from 60% to 80%, meaning email encryption has started to become a common feature in most email providers these days.

But the best statistic is the fact that 94% of all the emails that go in and out of Gmail, usually carry at least some form of authentication to help clients avoid phishing attacks.

DMARC + email providers = love

This may also have something to do with Google's push to have DMARC adopted by email providers, which the company was already providing to clients for the past few years.

DMARC stands for Domain-based Message Authentication, Reporting and Conformance, and is a protocol that helps prevent email spoofing, the main cause of phishing attacks.

Yahoo and AOL have also announced full support for this feature, after previously testing it during 2014, with some quite spectacular results.

“Google is committed to email authentication. In June of 2016, we will be taking a big step by moving gmail.com to DMARC policy p=reject,” said John Rae-Grant, lead product manager for Gmail. “We are pleased to be supporting the ARC protocol to help mailing list operators adapt to the need for strong authentication.”

But not all things are perfect, and Google is sounding the alarm on some problems as well, like certain regions of the Internet where various parties are tampering with network requests to prevent SSL connections to form, and the presence of malicious DNS servers that broadcast fake addresses for Gmail servers.

Email security in the past 2 years
Email security in the past 2 years

Photo Gallery (2 Images)

Email security is seeing better days
Email security in the past 2 years
Open gallery