Google's Gmail service is now watching for inappropriate Unicode characters in emails so that the messages can be diverted and rejected, instead of passing them on to unknowing recipients.
The extra layer of email anti-spam protection is being done to fight continuing and often escalating efforts by scammers who try to trick recipients into clicking on links and messages that appear to be normal but instead use characters that are slightly different from the normal alphabet, wrote Mark Risher of the Gmail spam and abuse team, in an Aug. 12 post on the Google Online Security Blog.
Under the new initiative, Google will "now block emails that use deceptive Unicode characters in effort to continue to reduce spam dangers in email," wrote Risher. "We also want to ensure [that email users] aren't abused by spammers or scammers trying to send misleading or harmful messages."
The problem shows up often when spammers exploit the use of certain Unicode characters that, for example, look nearly identical to the letter "O." By mixing and matching such characters with normal letters from the English alphabet, "they can hoodwink unsuspecting victims" and send them to the wrong site, he explained.
Such combinations of traditional and Unicode letters have previously been identified by the Unicode community to help anti-spam experts work to keep their systems and users one step ahead of spammers, wrote Risher. The Unicode community "has identified suspicious combinations of letters that could be misleading, and Gmail will now begin rejecting email with such combinations," he wrote. "We're using an open standard—the Unicode Consortium's 'Highly Restricted' specification—which we believe strikes a healthy balance between legitimate uses of these new domains and those likely to be abused."
The changes for Gmail and its millions of users are taking effect immediately, he wrote.
Google is hoping that other email service providers will follow Gmail's lead so that such spam can be better controlled, wrote Risher. "Together, we can help ensure that international domains continue to flourish, allowing both users and businesses to have a tete-a-tete in the language of their choosing."
Google is often making service improvements to its Gmail offerings, including the recent capability for Gmail users to now include accented letters and foreign characters in their email addresses. Until now, email addresses could only contain non-accented Latin letters, according to an eWEEK report.
The new Gmail addressing capabilities will allow email users around the world to better personalize their email addresses, according to Google, since less than half of the world's population uses a language that consists of the Latin alphabet and the letters A to Z.
Gmail is adopting this capability now to help get it started around the world, which will allow Gmail users to send emails to, and receive emails from, people who have these kinds of characters in their email addresses. Google Calendar will gain the same capabilities in the future.
Such changes could be coming on a global scale, as well. In 2012, the Internet Engineering Task Force (IETF) created a new email standard that supports addresses with non-Latin and accented Latin characters, but the road to adoption of the fledgling standard has been slow. That's where Google is moving to take a first step.
In July, Google added translation support for 13 additional languages for Gmail users. This brings the total number of languages supported to 71.
In December 2013, Google added nine more languages—including five in Africa—to its offerings, raising its support to translations for 80 languages.