In 2025, Gmail, Google's email service, is due for an upgrade, suggesting the necessity for users to obtain fresh email addresses.
In 2025, Gmail, Google's email service, is due for an upgrade, suggesting the necessity for users to obtain fresh email addresses.
Your email box is under siege. The FBI has issued another alert prior to the festive season, underscoring a steep increase in cyber threats to emails and websites, corroborated by numerous cyber studies declaring this holiday season as the most perilous yet. Regardless of Google blocking over 99.9% of spam, phishing, and malware in Gmail, it's not sufficient. However, a shift is imminent. And for Gmail's 2.5 billion users, 2025 appears to be the year your email address requires an overhaul.
"Gmail," the world's most popular email service for over 2.5 billion users, is now incorporating "innovative AI models" to significantly bolster Gmail's cyber defenses, including a new LLM trained on phishing, malware, and spam. Nevertheless, as McAfee has warned, this AI evolution isn't exclusively advantageous. "As AI becomes increasingly sophisticated and readily available, cybercriminals utilize it to create deceptive scams that are more convincing, tailored, and challenging to detect."
Email remains a disappointingly rudimentary technology. Despite progress, the fundamental architecture remains the same. Anyone can access anyone else's inbox with merely an email address. These addresses are not just given out - they're harvested, exposed, preserved, and searchable. This month, Mailmodo forecasts, "spam messages will make up over 46.8% of email traffic." This is why businesses are on the lookout for innovative alternatives - such as Teams, Slack, or even instant messaging platforms. Despite all advancements and the presence of 'outside sender' and 'untrusted sender' warnings, too many emails continue to bypass these notifications.
The solution lies in restoring some form of address confidentiality and relinquishing free email addresses like confetti - an issue worsened given that email addresses commonly serve as primary user credentials alongside passwords for logging into websites and services. Apple has attempted to address this concern with Hide My Email, "allowing you to maintain your own email address private... by generating unique, random email addresses that forward messages to your personal account, so you don't have to share your real email address when filling out forms or signing up for newsletters on the web, or when sending email."
As I reported in November, Google is also developing a similar feature for Gmail. Spotted by Android Authority in an Android APK teardown, "Shielded Email consists of a system to create single-use or limited-use email aliases that will forward messages to your primary account."
The implementation of this feature is imminent and necessary, particularly for Apple users. Consider this admonition issued to marketers when Hide My Email was launched: "Users can now generate an unlimited number of non-existent addresses they don't even check, dramatically reducing engagement. Worse still, they can easily deactivate these addresses without affecting their primary email, potentially swelling marketing databases with 'dead' addresses. This is crucial because a low deliverability rate can affect sender reputation, making your carefully crafted campaign end up in spam."
Google asserts that "by instantly identifying patterns and reacting promptly, its Gmail LLM alone blocks 20% more spam than before and reviews 1,000 times more user-reported spam daily." However, the danger may escalate again in 2025. McAfee states that "AI allows cybercriminals to effortlessly create more personalized and persuasive emails and messages that seem to hail from trusted sources like banks, employers, or even family members. They can manufacture these frauds swiftly and with precision, resulting in their increased success rate. As AI tools become more accessible, these types of attacks are projected to amplify in sophistication and frequency."
Email must evolve - not solely through enhancing central screening technologies. We require a drastically different approach to include:
- On-device AI to flag spam and malicious emails that have bypassed central screening into inboxes. Despite the fact that the actual email address and the presentational 'sender' address don't match, with the latter an obvious impersonation, there are still too many emails that elude the detection.
- A more refined opt-in, trusted-sender approach - mimicking secure messaging. The distinction between trusted and unknown senders is too elementary. There is an urgent need for better deployment of AI or an easy opt-in feature for users to identify trustworthy discussions and advocate for the sender.
- Rather than augmenting central protection, email security should strive for a more effective front-end (device-side) approach. Safety browsing and malware defenses are heading in this direction, leveraging new device AI processing. Email needs a thorough reconsideration for this adaptation.
In the interim, take control. To secure new addresses, use Hide My Email or Gmail's new Shielded Email at its launch. If you've had an email address for years, it has transformed into a magnet for spam and worse. It's time for a change, a primary email address you will better safeguard through multiple throwaway, concealed addresses, without exposing your primary address. Gradually, migrate from one account to the other, and during this transition, utilize folders, rules, and forwarding to amass emails to your old address.
Employing new email masking technologies becomes ineffective if the primary address they link to has already been excessively harvested, resold, and leaked. As 2025 approaches in just a few days and threats surge, perhaps make email housekeeping one of your New Year resolutions and consider the risks associated with the email addresses you're currently using.
- The FBI has issued an iPhone warning and an Android warning, advising users to be vigilant during the festive season due to the heightened cyber threats to emails and websites.
- Google Tracking alerted users about a potential Gmail update, which was expected to strengthen the email service's defenses against phishing, malware, and spam.
- However, Gmail users received a Gmail warning about a potential Gmail attack, with cybercriminals using increasingly sophisticated AI to create convincing deceptive scams.
- Apple users were advised to enable 'Hide My Email' as a precaution against Gmail attacks, a feature that generates unique, random email addresses to protect users' primary accounts.
- Google also announced its plan to develop a similar feature for Gmail, named 'Shielded Email', to provide an additional layer of protection against email attacks and spam.