Widespread adoption of email authentication standards has reduced phishing: Google

Google hasn't completely won war against email phishing, but has finally started to see some positive results - almost after a decade-long Internet-wide campaign.

Published Date
09 - Dec - 2013
| Last Updated
09 - Dec - 2013
Widespread adoption of email authentication standards has reduced...

Google's efforts against phishing e-mails have finally started to pay off – at least Google believes so. In a recent blog post, the search engine giant revealed more than 90% (91.4% to be precise) of the authenticated non-spam mails sent to users of Gmail are emanated from those who have adopted the mail authenticated standards - DomainKey Identified Email (DKIM) or Sender Policy Framework (SPF) – at least one of them.

Google points out the industry groups and standard bodies have worked over the years, for almost a decade, to ensure comprehensive adoption of email authentication standards to tackle email phishing.

“Now, nearly a decade later, adoption of these standards is widespread across the industry, dramatically reducing spammers’ ability to impersonate domains that users trust, and making email phishing less effective. 91.4% of non-spam emails sent to Gmail users come from authenticated senders, which helps Gmail filter billions of impersonating email messages a year from entering our users’ inboxes,” says Google in the post.

Google has shared some figures to corroborate its success against email phishing:

76.9% of the emails we received are signed according to the (DKIM) standard. Over half a million domains (weekly active) have adopted this standard.

89.1% of incoming email we receive comes from SMTP servers that are authenticated using the SPF standard. Over 3.5 million domains (weekly active) have adopted the SPF standard.

74.7% of incoming email we receive is protected by both the DKIM and SPF standards.

Over 80,000 domains have deployed domain-wide policies that allow us to reject hundreds of millions of unauthenticated emails every week via the DMARC standard.

To learn more about Google's analysis of its efforts against e-mail phishing, click here.  Also, take a look at the chart below: