Google finds a way to stop spam emails in Gmail

• Spam emails are the blight of every business day.
• It not only takes time to protect against, but can introduce malware into your system.
• Google is introducing new measures to deal with spam emails.

Spam emails have always been a problem as long as emails have existed. Despite public email service providers like Google and Microsoft having found ways to reduce the volume of spam emails a user receives, they still flood inboxes and fill up the junk email folder.

Gmail remains the most popular email domain, with over 1.8 billion users globally, and is also a popular choice for business users. While Outlook, Yahoo, and other email domains also have problems with spam emails, Gmail users tend to have the highest number of spam emails targeted at them.

In 2022, an average of 333.2 billion emails were sent and received daily. This is about 234.1 million emails sent per minute. Out of these, an estimated 88.9 billion of these emails are considered spam.

Google has been using AI to detect and block spam emails. Statistics from Google show that its AI-powered defenses stop more than 99.9% of spam, phishing, and malware from reaching inboxes and block nearly 15 billion unwanted emails daily.

Despite this, some spam emails try to avoid detection and enter user inboxes. Google themselves have admitted that after nearly two decades of service, the threats are becoming more complex and pressing than ever.

What exactly are spam emails?

Spam emails, also known as junk emails or unsolicited bulk emails, are electronic messages sent to many recipients without their consent. These emails are typically sent for commercial purposes, attempting to advertise products or services, promoting fraudulent schemes, or spreading malware. Spam emails often contain misleading information, deceptive subject lines, and malicious attachments or links.

Spammers collect email addresses from various sources, such as public websites, online forums, social media platforms, and data breaches. They use automated software to send out thousands or even millions of emails in a short amount of time.

Email service providers like Google and Microsoft often use filters to detect and divert spam messages away from users’ inboxes to combat spam. Users are also advised not to open suspicious emails, click on unknown links, or download attachments from unknown senders to avoid falling victim to phishing scams, malware, or other cyberthreats associated with spam emails.

But here’s the thing: there have been instances when spam detection mistakes non-spam content as spam. For example, if a user’s inbox receives an email from a recognized genuine sender, the email may be marked as spam as it ends up in the junk folder.

At the same time, some emails today, especially those sent by cybercriminals, can bypass these guardrails and avoid being detected. That’s why the number of email scams and fraud victims remains constantly high. It’s also why the AI detection tool needs more input on detecting both genuine and spam emails.

Google may have a solution

Realizing the need for more robust measures to protect users from spam emails, Google recently announced several new measures to deal with the problem in Gmail. According to a blog post by Neil Kumaran, group product manager, Gmail Security and Trust at Google, many bulk senders don’t appropriately secure and configure their systems, allowing attackers to hide in their midst easily.

As such, Kumaran pointed out that Google will focus on a crucial aspect of email security – the validation that a sender is who they claim to be. While Kumaran acknowledges that this is as basic as it sounds, it’s still sometimes impossible to verify who an email is from, given the web of antiquated and inconsistent systems on the internet.

“Last year, we started requiring that emails sent to a Gmail address must have some form of authentication. The number of unauthenticated messages Gmail users receive plummeted by 75%, which has helped declutter inboxes while blocking billions of malicious messages with higher precision. That’s great progress, but there’s much more we need to do — starting with new requirements for large senders,” said Kumaran.

As such, by February 2024, Gmail will require bulk senders to:

• Authenticate their email – Google requires those who send significant volumes to authenticate their emails following well-established best practices. Ultimately, this will close loopholes exploited by attackers that threaten everyone who uses email.
• Enable easy unsubscription –Google also requires that large senders give Gmail recipients the ability to unsubscribe from commercial email in one click and that they process unsubscription requests within two days. Google has built these requirements on open standards so that once senders implement them, everyone who uses email benefits.
• Ensure they’re sending wanted emails –Google will enforce a clear spam rate threshold that senders must stay under to ensure Gmail recipients aren’t bombarded with unwanted messages. This is an industry first, so users should see even less spam in their inboxes.

Kumaran also highlighted the fact that Google isn’t the only one pushing for these changes. Yahoo is also working with Google and the entire email community to make these common sense, high-impact changes to the new industry standard.

“These practices should be considered basic email hygiene, and many senders already meet most of these requirements. For those who need help to improve their systems, we’re sharing clear guidance before enforcement begins in February 2024,” added Kumaran.

As always, cybercriminals and scammers will continue to find ways to beat the system. As such, Kumaran emphasized that these changes are like a tune-up for the email world and are not a one-time exercise.

“Keeping email more secure, user friendly, and spam-free requires constant collaboration and vigilance from the entire email community. And we’ll keep working together to ensure your inbox stays safe,” he concluded.

---

---

---

---