Gmail stops fewer attacks than you think
Check Point Research (CPR) warns against blindly believing that Gmail, Google’s email inbox, intercepts all attacks and is therefore inviolable. Many companies of all sizes use Gmail or the larger Google Workspace. 92 Percent of startups worldwide use Gmail and 60 percent of medium-sized companies also use it. More than 5 million businesses use Gmail.
Nevertheless, a large part of the security discussion revolves around Microsoft and its operating system. This is certainly true, as the security researchers point out, but it’s time to talk about the security of Gmail. Attackers are not only targeting emails, but the entire Google workspace, including popular applications such as Docs and Slides. Without comprehensive security, the Google workspace, and therefore critical corporate data, is at risk.
The situation came to a head earlier this year when Avanan, which was acquired by Check Point, published an attack report on the Google Docs Comment exploit. The attack occurs when an attacker added a comment to a Google document (or any part of the Google workspace). The destination is mentioned with an @ symbol. In this way, an email is automatically sent to the inbox of the person in question.
This email, which is really from Google, contains the entire comment, including the contaminated links and the fraudulent text. In addition, the e-mail address is not displayed, but only the name of the sender, which makes the thing very attractive for freeloaders of the attack type. From the research, the security researchers know that Google achieves only a mediocre result in preventing phishing emails that reach the inbox:
Figure 1: Comparison of different mailboxes and the catch rate for 100 000 messages in the mailbox.
Although Gmail performs better than other solutions, it’s a lot of attacks that come through. With the Threat Miss Calculator, Check Point has simulated a company with 500 employees, in which the average user receives about 20 emails per day. Here are the results for Gmail:
Figure 2: Example of the absolute number of missed attack emails by Gmail for medium-sized businesses.
The result is almost three overlooked emails per user per month. For a group with 65,000 employees, the following figures result:
Figure 3: Example of the absolute number of missed attack emails by Gmail on group size.
These results speak volumes and prove that Gmail may be a good mailbox, but blindly relying on the standard protection is negligent. Specialized providers of email security solutions are therefore not superfluous, but the means of choice to keep the correspondence and data of each company secure.