Google Inc. has published the results of a study that has conducted in collaboration with the University of Michigan and the University of Illinois regarding inbound and outbound unencrypted emails.
The research suggests that 94% percent of inbound emails to Gmail feature some type of authentication, which is a severe ordeal for phishers to go through, while during December 2013 (the time that the research was initiated) to October 2015, the percentage of TLS-encrypted emails that were sent from Gmail to non-Gmail accounts have increased from 60% to 80%.
MUST READ: Google adds ‘Smart Reply’ auto email reply feature to Gmail for iOS and Android app
Moreover, the study also states that the percentage of encrypted emails that Gmail users received from non-Gmail ones, during the same course, has increased from 33% to 61%.
Though, the joint-research points out that there are specific regions of the internet “which are actively preventing message encryption by tampering with requests to initiate SSL connections.”
The numbers ultimately claim that the post-Snowden era resulted to a substantial enhancement of email protection over these last two years- thankfully.
The research team has also witnessed a plethora of malicious DNS servers that tried to intercept traffic, which later on become fundaments of further observation. The respective comment read as following:
“These nefarious servers are like telephone directories that intentionally list misleading phone numbers for a given name,…While this type of attack is rare, it’s very concerning as it could allow attackers to censor or alter messages before they are relayed to the email recipient.”
With that in mind, Google has incorporated a new security feature to its email client, Gmail, which will essentially notify users when an email is sent over an unencrypted connection.
Google already defaults to using HTTPS for the connection between your browser and its servers, as well as every type of communication in between all the Gmail users, though you can never be quite confident about other third party providers.
Source: Google online security blog