Gmail, Outlook at Risk? New Study Finds Issues with Malicious Document Detection

SquareX, a browser-security startup led by serial cybersecurity entrepreneur Vivek Ramachandran, today unveiled the results of its recent study, revealing a concerning reality about major email providers’ inadequacies in safeguarding users against malicious document-based threats.

The study, conducted by SquareX’s research and development team, involved analysing 100 malicious document samples, which were segmented into four distinct categories:

1. Original malicious document samples from MalwareBazaar.

2. Slightly altered malicious document samples from MalwareBazaar, such as changes in metadata and file formats.

3. Malicious document samples are modified using attack tools that have existed for many years.

4. Basic Macro-enabled documents that execute programs on user devices.

These samples were sent via a third-party email provider, ProtonMail, to several major email providers, including industry giants such as Gmail, Outlook, Yahoo, AOL, and Apple iCloud Mail. The study revealed that while email providers like Gmail and Outlook demonstrated basic detection capabilities in identifying unmodified malicious document samples, they faltered in detecting modified malicious documents manipulated with readily accessible attack tools – exposing a glaring cybersecurity loophole that poses a potential threat to millions of users around the world.

SquareX Malicious Document Detection
Given the prevailing reliance on email services as secure communication channels, these findings raise important questions about the effectiveness of relying on existing email security measures and the false sense of security they may instil in millions of users and enterprises worldwide. While cyber threats are becoming increasingly sophisticated, email providers appear ill-prepared to detect and intercept these emerging threats, consequently leaving users to potential exploitation.

“The inadvertent discovery of this significant lapse in email security during our product enhancement process was startling,” shared Vivek Ramachandran, the Founder and CEO of SquareX. “Our intention in making these findings public is to ignite a dialogue on the urgent need for reinforced security measures and encourage email providers to either elevate their security protocols or transparently acknowledge their current limitations,” added Vivek.

To bridge this security gap, SquareX has introduced an advanced in-browser malicious document scanning feature as a part of its browser extension, currently in beta. This move not only speaks of the company’s commitment to making the web a safer place but also invites other companies to join forces in securing the web activities of users and enterprises from cyber-attacks.