Google cracks down on Gmail phishing with spam filters

In an effort to stop spammers, the web giant rejects emails that include "highly restricted" character combinations.


Google has a new tool to block a possible entryway for spammers to get at users' Gmail accounts. The web giant announced Tuesday that it was adding new spam filtering support to its email platform in an effort to stop scammers from sending misleading or phishing messages.

The filters deal with similar looking letters from the Unicode Consortium that could let spammers fool people. Most companies, apps, and websites use Unicode standard icons, so that characters work across platforms. However, some characters look nearly identical, such as the Latin and Cyrillic lowercase "a."

"Scammers can exploit the fact that ဝ, ૦, and ο look nearly identical to the letter o, and by mixing and matching them, they can hoodwink unsuspecting victims," Mark Risher from Google's Spam and Abuse team wrote in a blog post. "Can you imagine the risk of clicking 'ShဝppingSite' vs. 'ShoppingSite' or 'MyBank' vs. 'MyBɑnk?'"

The Unicode Consortium lists these types of character combinations as "highly restricted." Google said its new filters will knock out any of these combinations included in emails sent to Gmail users. The company also said it believes the Consortium's highly restricted designation "strikes a healthy balance" between legitimate use of domains and those likely to be abused.

Featured Video

iPad Pro after one week: Can it replace your laptop?

CNET Senior Editor Andrew Hoyle has been using Apple's gigantic tablet as his main computer for a week. Luke Westaway asks how it stacks up.

by Luke Westaway