The timing of this report form Brian Krebs on his security blog Krebs on Security, was perfect. This morning I was getting on a flight to the bay area, and right as I was getting on the plane, I received a chat message from someone wanting me to look in to an email they had received and weren't sure if it was legitimate or not.
For me it was relatively easy to see that it was a phishing scheme, and since the user forwarded it to me for further inpection, clearly the user felt so too.
My next thought was "That's strange, I can't remember the last time we actually had a phishing attack even show up in a users inbox. We have 10,000 licenses in our G Suite account, and it has genuinely been months since we've had a single phishing attack. It wasn't that long ago, that there were dozens to hundreds per day.
An interesting thought, but this week I am down at Google's Cloud Next conference, learning about all sorts of things, and it was interesting timing with everything. I went to dinner with a couple of Googlers, and they were mentioning some of the very strict security guidelines that they have to follow, then I get back to my hotel and read Krebs article about how Google has 100% effectively eliminated phishing entirely since early 2017. From Krebs -
Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of passwords and one-time codes
85,000 employees is a lot of people that can make mistakes, and on top of that, I would wager Google is a huge target for this kind of stuff. I'll bet before any filtering, each employee at Google, regardless of role would bet bombarded with toxic email.
Again, I'm super impressed by that number. We do well with our 10,000 accounts, but not perfect.
It's hard to mention all of this without singing praises of G Suite and Google Cloud. This sounds like a salespitch but I can assure you I'm not getting paid for this. G Suite's set of anti-phishing, anti-malware, and frankly whole security suite have made it very easy to effectively manage all of this kind of mess. Google Cloud's tooling runs G Suite, which gives powerful analytics and searching cabability, as well as how it allows G Suite to use AI to help with things like Phishing and malware detection, and much more.
Google, according to this article has taken it up even further on their own computers.