In the business world, Microsoft 365 gets a lot of attention, as many enterprises service their email with the Microsoft suite.
But, of course, a significant amount utilize Gmail and Google Workspace.
Like with Microsoft, Avanan secures Google Workspace, stopping the threats that Gmail misses, as well as protecting Google Drive from malicious files.
When we analyzed both Microsoft 365 and Gmail, we found that native Gmail security does a better job of preventing phishing.
We found that, of Microsoft emails delivered, 1.04% was phishing. For Gmail, that number was .5%
That lower number, however, does not mean that Gmail is infallible.
In a recent analysis, we found that Gmail delivered more than half of the emails that Avanan marked as phishing to the inbox, while the rest is accessible in the spam folder.
In particular, we found that credential harvesting attempts were getting past Gmail's filters.
Here's an example of a credential harvesting link that got past Gmail's filters:
Avanan found this as phishing with the highest confidence, noting an insignificant historical reputation with the sender and a low-traffic 'from' domain.
If you have Google Workspace, Avanan will stop the threats they miss. Further, with full-suite security, whenever a user downloads a file to Google Drive, Avanan scans the file via API and picks up on weaponized payloads and malicious links.
Further, when it comes to Business Email Compromise attacks, Gmail also has a deficiency.
Though Google has the internal access required to prevent BEC attacks, they work with far too many companies and customers to properly monitor all internal accounts and understand an organization's relationship and reputation patterns. To best stop BEC attacks, you need per-customer contextual analysis.
If your organization uses Google Workspace, you need to have more than default security. You need to leverage defense-in-depth and have a multi-tiered security solution, with Avanan catching the things that Google misses.