We do email every day. Have you ever thought about the journey of email from sender’s inbox to yours. But Some providers send your emails over unencrypted connections.
Google is constantly working to help make email more secure for everyone. These efforts are reflected in security protections like default HTTPS in Gmail as well as our Safer Email Transparency report, which includes information about email security beyond just Gmail.
Google said today that encrypted messaging is on the rise: Since 2013, the number of encrypted emails that Gmail received from non-Gmail senders increased from 33 percent to 61 percent. Because of that final 39 percent, though, Google will serve up warnings.
“While these threats do not affect Gmail-to-Gmail communication, they may affect messaging between providers,” researcher Elie Bursztein and engineer Nicolas Lidzborski wrote in a blog post.
Those stats are part of a multi-year study on the evolution of email security that Google published this week. Unsurprisingly, it found that email is better protected now than it was two years ago
But the study identified new security challenges. Some regions of the Internet are interfering with message encryption by tampering with requests to initiate a secure SSL connection.
Google also uncovered malicious DNS servers publishing fake routing information to email servers, allowing attackers to censor or alter messages before they arrive in your inbox.
The good news is, more than 94 percent of inbound Gmail messages carry some form of authentication. Technologies that protect against phishing and impersonation have “become the norm,” according to Google research.
“Security threats won’t disappear, but studies like these enable providers across the industry to fight them with better, more powerful predictions today and going forward,” Bursztein and Lidzborski said.