Threat Intelligence
2/21/2017
02:55 PM
Kelly Sheridan
Kelly Sheridan
Quick Hits
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
50%
50%

Google Shines Light On Corporate Gmail Threats

New data highlights the diversity of security threats putting corporate Gmail inboxes at risk.

New research from Google shows how different types of email attacks are more likely to land in corporate inboxes than personal ones.

Each minute, Google prevents more than 10 million unsafe emails from reaching users who could fall victim to phishing attacks or malicious attachments, report Ali Zand and Vijay Eranti of Anti-Abuse Research and Gmail Abuse at Google.

At last week's RSA Conference, Google shared data on the diversity of security threats to corporate Gmail accounts.

Spam is a common problem, for example, but malware and phishing attacks are more likely to target enterprise users. Attackers send 4.3x more malware, 6.2x more phishing emails, and 0.4x as much spam to corporate inboxes than to personal email accounts.

Cybercriminals pick their victims based on several variables: the size and type of the business, industry, and geographical location. In a landscape where no two corporate entities face the same threats, security managers must adjust their strategies to align with specific attacks.

Looking at business inboxes as a baseline, Google found attackers are 2.3x more likely to target nonprofits with malware, followed by educational institutions (2.1x), and government-related industries (1.3x). Businesses are more likely to be targeted with phishing and spam attacks.

Research also shows entertainment, IT, and housing-related companies are most frequently targeted by spam as of Q1 2017. Financial, arts, and IT-related businesses are most targeted by phishing, and targeted financial phishing has increased. Ransomware is the largest malware threat.

The company also pulled interesting data on how spam varies across geographies. India and Japan have the most spammed inboxes as of Q1 2017. The world's largest spammers -- USA, Germany, and France -- target other countries.

Google takes these types of findings and uses them to improve security across its products and services. It employs deep learning to stay ahead of spammers and prevent email abuse, and reports less than 0.1% of email in the average Gmail inbox is spam.

Check out more details on the Google blog.

Kelly Sheridan is Associate Editor at Dark Reading. She started her career in business tech journalism at Insurance & Technology and most recently reported for InformationWeek, where she covered Microsoft and business IT. Sheridan earned her BA at Villanova University. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Jet Hedon
50%
50%
Jet Hedon,
User Rank: Apprentice
2/22/2017 | 4:45:34 AM
That much ?
"more than 10 million unsafe emails from reaching users" : This is such big volume. I'd like to know how they can handle that much 
s@pingidentity.com
MFA is required security, not additional security
Very interesting data from Google and I'm glad to see new features like S/Mime for gmail. Still prefer client-side but have accepted that most users can't handle the complexity. It's upsetting to see so many still approach MFA as additional security rather than a required security. 

 
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.