Most people know that phishing refers to the practice of sending a fake email that is designed to get personal information out of the recipient. And most people know what to look for; weird-looking URLs that don’t match the site they’re reportedly being sent from, badly written English, and requests for information that generally isn’t asked for by email.
The problem now is that AI has removed many of these data points that we’re used to looking for. URLs can be spoofed well with lookalike domains, bad writing is easily cleaned up with tools like Gemini, and generally a more polished email that can fool even the most seasoned IT professional. A full 65% of successful cyberattacks begin with a successful phishing email.
Google has stepped up its own technology significantly to compensate for these new techniques with several measures it has introduced in the past year for Gmail.
The invoice scam
A scam that targets businesses of all sizes is the invoice scam. The email usually contains a convincing-looking invoice with a phone number to call to dispute charges and many warnings about how the payment is due soon or is overdue. Once the target calls, they are strong-armed into paying the fake invoice.
Alternatively, it could have links to the “invoice” on a website, which, when clicked, will download malware onto the target’s computer. These types of scams usually target company owners or people in the accounting department. There are a few things to look for to make sure you don’t fall prey to a fake invoice scam - including convincing-looking invoices from current vendors.
Google’s new security LLM for email screening
In 2024, Google trained and deployed a new large language model laser-focused on phishing, malware, and spam. It reported that this LLM alone had blocked 20% of spam in Gmail while reviewing 1,000 times more user-reported spam.
It also deployed a new AI model specializing in risk assessment which automatically deploys the right defense when certain threat signals are surfaced about an email.
Gmail users are always protected
Most Gmail users will report that they barely see any spam unless they review their spam mailbox. While email scammers are using increasingly sophisticated means of attack, Google is deploying defenses that are designed to thwart anything they do before it even makes it to an inbox. Businesses can also turn on client-side encryption to make their emails even more secure.
However, you can’t be too complacent. Make sure your employees are trained on up-to-date phishing methods and know what to look for and what not to click on.
If you want to use the most secure email solution, Gmail is it. You can only get it with Google Workspace, which puts a world of collaboration at your fingertips. Contact us for a demonstration today!
Contact Us to Learn More about Transforming Your Business