Google Publishes The Findings Of Email Security Study

Google is taking security threats for Gmail users seriously.

Working alongside the University of MI and the University of IL, the study covered improvements since 2013. The warnings are scheduled to roll out in the next few months and are created to push industry-wide adoption of strong encryption and authentication technologies for email. Gmail-to-Gmail traffic is always encrypted. The report found that the percentage of encrypted emails sent to Gmail addresses from non-Gmail addresses rose from 33% to 61% between December 2013 and October 2015. The relatively low adoption is likely because two of the top three SMTP platforms don’t support TLS by default, they added.

DMARC stands for Domain-based Message Authentication, Reporting and Conformance, and is a protocol that helps prevent email spoofing, the main cause of phishing attacks.

“Google is committed to email authentication”.

It has been a busy week for Google as it rolled out YouTube Music and announced further plans to increase email security.

That’s why Gmail, like many other email providers – including Comcast, Microsoft, and Yahoo – have started encrypting that onward connection with STARTTLS, which prevents snooping from government agencies and attackers who try to tap into those messages as they travel the pipes of the internet. The company said it would work with partners through the M3AAWG to strengthen security in this area and stem interception.

The other challenge sees “malicious DNS servers” sending false routing information to email servers looking for Gmail.

Gmail will soon tell you if an incoming email has traversed the internet over an unencrypted connection. “These nefarious servers are like telephone directories that intentionally list misleading phone numbers for a given name”, the two researchers said.