Gmail fought off a powerful wave of phishing attacks and urged its 2.5 billion users to prepare for the second

Google said it successfully fought off the first wave of phishing attacks on Gmail users during this year’s holiday season, but urged customers not to let their guard down because in the coming days the mail service will be hit by a second wave, which not only the company itself will have to deal with, but also 2. 5 billion Gmail users.

Image source: blog.google

Since mid-November, Google has seen a “huge uptick in email traffic compared to previous months,” making it harder to protect Gmail—with 2.5 billion users and attacks on its users constantly, the company is working hard to protect them. “We’re investing heavily to deliver on this responsibility, blocking more than 99.9% of spam, phishing and malware in Gmail,” said Andy Wen, senior director of product management for Gmail.

This year, the number of user reports of phishing emails and messages with malware has decreased by a third compared to the previous year, and the number of unwanted and potentially dangerous messages blocked by the platform has increased by several million. To protect itself, Gmail uses several artificial intelligence models, including a new large language model that was specifically trained on phishing, spam, and malware-laden emails, which alone helped reduce spam volume by 20%. Before Black Friday, the company rolled out another model that “works like an inspector for AI-powered actionable protection, instantly assessing hundreds of threat signals when a message is flagged and applying protection accordingly.”

Google also talked about three types of phishing emails that are used more often than others this season. Fraudsters have begun to resort to direct extortion: a letter is sent to the potential victim, indicating his home address and often even attaching a photograph of the house – the text contains threats to cause physical harm or to publish certain personal materials that were allegedly stolen as a result of a hack. Another scenario is fake invoices for the services of one of the organizations that the victim actually uses: the invoice indicates an inflated amount and a telephone number, by calling which you can dispute the expenses, but for a certain fee. Finally, phishing with celebrity names is gaining “popularity” – scammers try to convince the victim that a famous person is advertising a certain product.

The number of phishing attacks aimed at stealing credentials increased by 700% year on year in the second half of 2024, cybersecurity experts from SlashNext estimate; the number of attacks via email channels has increased by 200% – attackers use “sophisticated phishing schemes and social engineering tactics.” Some users received at least one phishing link every week that could launch an attack “capable of bypassing traditional network security controls”—the share of links to zero-day attack sources, that is, unknown to cybersecurity experts, reached 80%. In addition to links, attack methods include QR codes and email attachments that can bypass security measures. The senders are real but compromised email addresses.

In most cases, scammers aim to create a sense of urgency in the potential victim, provoke immediate action and deprive them of time to think. Therefore, when receiving a letter with any threat or, on the contrary, an unexpected gift, it is recommended to calm down, wait 10 or 20 seconds and think about whether it is a scam. Next, you should conduct your own little investigation – try to identify the sender and check what site he is trying to send the recipient to. If the check shows that this is indeed a fraudulent scheme, it is recommended to report the incident to the administration of the postal service – this will help protect its other users.