Google teamed up with Stanford University and released a research paper. The paper is titled ‘Who is targeted by email-based phishing and malware? Measuring factors that differentiate risk’. It attempts to explain why some email users are more prone to receiving spam and phishing emails.
Google and Stanford University researchers analyzed over a billion phishing emails that cybercriminals attempted to send to Gmail users between April and August last year. The paper born out of the research offers several insights into the inner workings of spam email and phishing email campaigns.
Google and Stanford University researchers answer the question “Why do I receive so much spam?”:
Researchers at Google and Stanford analyzed slightly more than 1.2 billion malicious emails. The main email platform was Gmail. The intention was to check if some users are more prone to receiving spam emails or being a potential phishing scam victim.
The research revealed that having personal information leaked in a third-party data breach following a hacking incident was key. Such incidents significantly increased the odds of receiving spam emails.
Which users are at higher risk of email-based phishing and malware?: The risk of being targeted with email-based phishing and malware attacks is not evenly spread across geographic and demographic boundaries, Google and Stanford University researchers… https://t.co/804E0gqtzL pic.twitter.com/UlmzcKGGFD
— CS Threat Intel (@cipherstorm) February 11, 2021
There are several other minor factors that increase the chances of receiving phishing or spam emails. They include:
- Where users live: Australian users were 2 times more likely compared to the US. This is strange because the US is the most popular target by volume. However, it is not the leader per capita.
- Senior citizens in the age group of 55 to 64 years were 1.64 times more likely compared to 18- to 24-year-olds. It is clear that attackers used age as a criterion to increase the chance of effectiveness. Moreover, senior citizens could be less likely to detect a scam and report or expose the same.
- Mobile-only users experienced lower odds of attack: Email users who preferred using their smartphones to access emails were less prone to attack compared to multi-device users. Google said this “may stem from socioeconomic factors related to device ownership and attackers targeting wealthier groups.”
How to reduce spam and phishing emails in Gmail?
Through the research paper, Google cautioned that phishing is an ever-evolving area. The search giant assured that it continually studies spam email campaigns. This allows the company and its email platform to continually evolve and better protect users.
“Our measurements act as a first step towards understanding how to evaluate personal security risks. Ultimately, such estimates would enable automatically identifying, recommending, and tailoring protections to those users who need it most.”
Google Phishing Statistics. New research reveals who’s targeted by email attacks https://t.co/cQKnv49FD7 . . . #goodle #phishing #networking #cybersecurity #cybercrime #cybercrimeawareness #cybercriminals #malware #Vulnerabilities #Vulnerability #emailattacks #virus
— Jorge Ribeiro (@jomirife) February 11, 2021
Google’s Gmail has phishing and malware monitoring services in always-on mode. There’s no way to actually turn off these settings. Users can contribute or submit suspected phishing and spam emails. Users can also teach the platform that certain suspicious-looking emails are legitimate.
In addition to the in-built protection, Google urges users to use the Security Checkup function. Following the personalized guidelines should reduce phishing and other malicious attacks from sneaking past Gmail’s defenses.