Republished on February 11 with Google’s statement on its latest AI update and further analysis on its impact on Gmail and other email platforms.
With Google confirming that Gmail is under attack, the company is urging users to adjust their online habits to stay protected. In response, Google is enhancing security measures for its 2.5 billion users, introducing both traditional spam and malware protections and new innovations like shielded email addresses to prevent threats at the source.
The Growing Challenges of Email Security
Despite Google’s claim that it blocks “more than 99.9%” of spam and phishing attempts, malicious emails continue to slip through. Traditional email systems remain vulnerable, with inboxes still broadly open to outside contacts. Attackers take advantage of this by crafting deceptive messages that evade detection, even when obvious red flags—like mismatched sender addresses—are present.
To address these risks, Google is leveraging AI-powered defenses that operate directly on users’ devices. This approach is already in use with Google Messages, which since last October has been using on-device AI filters to block over 2 billion suspicious messages per month. Unlike cloud-based filtering, this system processes data locally, ensuring messages remain private unless manually reported as spam.
>>>S7-0818A for Other S7-0818A 504480
Google’s SafetyCore App and Its Role in Security
A key part of Google’s broader security strategy is Android System SafetyCore, a service available on Android 9+ devices. Google recently clarified that this app does not scan messages on behalf of the company but instead provides on-device classification to help users detect and manage unwanted content.
“Android provides many on-device protections that safeguard users against threats like malware, messaging spam, and phone scam protections, while preserving user privacy and keeping users in control of their data.” — Google spokesperson to The Hacker News
The GrapheneOS team, known for its work in Android security, has pointed out that Google Messages already utilizes SafetyCore to classify messages as spam, scams, or malware. Because these protections operate locally on the device, they enhance security without requiring user data to be sent to external servers.
>>>YCR-MT12-S1 for COHN YCR-MT12-S1
How Gmail’s Security Is Evolving
As email threats grow more sophisticated, Google is shifting towards AI-powered, on-device security measures, similar to those used in its messaging platform. This could help Gmail better detect impersonation attempts and high-risk messages, even when sender verification alone is not enough.
At the same time, server-side protections remain essential. Google has steadily improved email filtering, sender authentication, and phishing detection, but targeted attacks still pose a challenge.
For now, users are advised to stay cautious, verify sender details before responding to emails, and enable all available security settings to reduce exposure to potential threats.