Businesses switch to Gmail for ransomware and spear-phishing protection

Gmail's built-in phishing detection and ransomware defense lures business users to switch email platforms.

Google mail, Gmail, Gmail security features
Martyn Williams/IDG

IT security teams at Fortune 500, Global 2000 and mid-sized corporations spend way too much time combating spear-phishing and ransomware attacks.

Small businesses lacking full-time cybersecurity staff are even more prone to ransomware infections. More than 50 percent of all cyber attacks are launched on firms that have fewer than 250 employees.

The problem is getting worse, not better. More than 90 percent of all cyber attacks begin with a spear-phishing email. Ransomware damage costs are predicted to hit $5 billion in 2017, and the ransom payouts are the least of it.

A few months ago, Andy Wen, senior product manager of Google's Counter Abuse Technology, wrote a blog post for G-suite users announcing new security updates to Gmail, including early phishing detection using machine learning, click-time warnings for malicious links, unintended external reply warnings, and built-in defenses against new threats.

New Gmail security features

Wen's post addresses a huge problem for IT shops of all sizes, as well as small and mid-sized businesses. Here’s a breakdown of what the new Gmail security features mean for end users.

Early phishing detection

Google says machine learning spots and blocks phishing messages from Gmail inboxes with over 99.9 percent accuracy.

Considering up to 70 percent of Gmail messages received are spam, blocking them is a huge security (and productivity) gain for corporate users.

The new Gmail detection models integrate with Google Safe Browsing for finding and flagging "phishy and suspicious URLs."

New user warnings

Gmail now displays "unintended external reply warnings" to Gmail users. This helps protect against data loss.

If a user attempts to reply to an email from someone outside of their corporate domain, they'll get a warning confirming they intended to send that message.

Using its contextual intelligence, Gmail knows if the recipient is someone the user has emailed before — so that unnecessary warnings aren't displayed.

Ransomware defense

Gmail with built-in ransomware, anyone?

New defenses against ransomware and polymorphic malware are now baked into Gmail. Seriously? Seriously.

Gmail uses attachment heuristics and sender signatures to tag new threats by combining thousands of spam, malware and ransomware signals.

Switching to Gmail

In the wake of the massive Yahoo hack, CSO recently explained how Yahoo Mail users can make the switch to the more-secure Gmail.

Switching to Gmail for a business (of any size) is a bigger chore that requires careful planning, implementation, and training of users (although a huge user base already uses Gmail as their personal email app, which reduces the training time).

But the switch is well worth it when CIOs and CFOs at large organizations, as well as small business owners, consider the ongoing costs of ransomware attacks.

The cybersecurity industry was built on after-market products. Email apps are notorious for needing extra security protection in the form of add-on tools. Gmail is delivering big on what CISOs, IT security teams and small businesses are craving from vendors — built-in cybersecurity.

The ROI? Buy Gmail, get cybersecurity protection for free.

Visit SteveOnCyber.com to read all of my blogs and articles covering cybersecurity.

Follow me on Twitter @CybersecuritySF, or connect with me on LinkedIn. Send story tips, feedback and suggestions to me here.

Related video: Ransomware marketplaces and the future of malware

New! Download the State of Cybercrime 2017 report