Google: Protecting businesses against cyber threats during COVID-19 and beyond

Neil Kumaran and Sam Lugani from Google recently shared staggering statistics regarding the amount of bad stuff that gets aimed at Gmail users daily: "Every day, Gmail blocks more than 100 million phishing emails. During the last week, we saw 18 million daily malware and phishing emails related to COVID-19. This is in addition to more than 240 million COVID-related daily spam messages. Our ML models have evolved to understand and filter these threats, and we continue to block more than 99.9% of spam, phishing, and malware from reaching our users."

I feel as though Google has been pretty good about minimizing deliverability risk to good senders during this tough time. But, you still have to make sure you're not going to fall into an edge case and cause yourself to run into issues. Now is not the time to take shortcuts, use cousin domains, or send un-authenticated email messages. "I just don't have time" to properly build up volume or configure DKIM for your domain name means you're going to have trouble getting that mail delivered successfully. Senders still need to make sure to follow the necessary and appropriate steps to ensure that ISPs aren't going to believe you to be a bad actor.

One other takeaway here? Note that if Gmail is blocking all this bad COVID-19 related garbage mail, but legitimate companies are able to send coronavirus-related communication to you successfully, is that spam filtering is not so simplistic as to have ISPs block all mail that refers to the pandemic by any of its possible names or descriptions. In other words, putting "COVID" in a subject line is not going to get you blocked. Spam filters are smarter than that. Simple "keyword" pass/fail based spam filtering is too simplistic and error prone and nobody really works that way in these modern times.