Article Details
Scrape Timestamp (UTC): 2023-10-03 18:44:43.002
Original Article Text
Click to Toggle View
Google to bolster phishing and malware delivery defenses in 2024. Google will introduce new sender guidelines in February to bolster email security against phishing and malware delivery by mandating bulk senders to authenticate their emails and adhere to stricter spam thresholds. "Last year, we started requiring that emails sent to a Gmail address must have some form of authentication," said Neil Kumaran, Group Product Manager for Gmail Security & Trust. "And we've seen the number of unauthenticated messages Gmail users receive plummet by 75%, which has helped declutter inboxes while blocking billions of malicious messages with higher precision. That's great progress, but there's much more we need to do — starting with new requirements for large senders." Starting February 1st, 2024, Google will require senders dispatching over 5,000 messages daily to Gmail accounts to set up SPF/DKIM and DMARC email authentication for their domains to strengthen defenses against email spoofing and phishing attempts. These senders must also provide Gmail recipients the option to unsubscribe from commercial emails with a single click. Additionally, they must handle unsubscription requests within a two-day timeframe. Going forward, email senders must adhere to a specific spam rate threshold to avoid flooding Gmail users' inboxes with unwanted content. They'll have to uphold spam rates below 0.3%, as indicated in Postmaster Tools, and avoid impersonating Gmail in their emails' "From" headers. Failure to comply with these new regulations could lead to email delivery issues, as Google intends to enforce a DMARC quarantine policy. "You shouldn't need to worry about the intricacies of email security standards, but you should be able to confidently rely on an email's source. Ultimately, this will close loopholes exploited by attackers that threaten everyone who uses email," said Kumaran. "If you don't meet the requirements [..], your email might not be delivered as expected, or might be marked as spam," Google explains in a support article. Google claims that Gmail's artificial intelligence-driven defenses successfully prevent over 99.9% of spam, phishing attempts, and malware from infiltrating its customers' inboxes, effectively blocking nearly 15 billion unwanted emails daily.
Daily Brief Summary
Google will implement stricter sender guidelines starting February 1, 2024, designed to enhance email security against phishing and malware attacks.
The new guidelines will require senders of more than 5,000 emails daily to Gmail users to establish SPF/DKIM and DMARC email authentication for their domains.
Besides, the new regulations enforce lower spam thresholds, demand an option for Gmail customers to unsubscribe from commercial messages in a single click, and require handling unsubscription requests in a two-day period.
The update by Google is intended to protect users from email spoofing and phishing, with non-compliance potentially leading to email delivery issues due to enforced DMARC quarantine policy.
Google indicated its AI-driven systems prevent more than 99.9% of spam, phishing, and malware, equivalent to nearly 15 billion unwanted emails every day.
Google further explained that if senders did not meet the stipulated requirements, their emails could be mislabeled as spam or not delivered as expected.