The most recent blog post on Google Security discusses a significant enhancement to Gmail’s spam filters, labeled by Google as “one of the most substantial defense improvements in recent times.” This upgrade introduces a new text classification system named RETVec (Resilient & Efficient Text Vectorizer). Google claims that this system aids in comprehending “adversarial text manipulations,” referring to emails containing special characters, emojis, typos, and other elements that were previously legible to humans but challenging for machines to interpret. In the past, spam emails employing such characters often bypassed Gmail’s defenses.

To illustrate what “adversarial text manipulation” entails, a sample message from the spam folder is provided. Historically, these types of emails were a significant issue in the first half of the year, frequently appearing in the inbox. However, with the implementation of RETVec technology, these problematic emails have ceased to be an issue in recent months.

Identifying emails like this proved difficult because traditional spam filters were ineffective against content featuring “homoglyphs.” These are obscure characters from the Unicode standard that resemble normal Latin alphabet characters but differ from them. For instance, seemingly bolded text like “CheckYourAccount” actually utilizes Unicode glyphs like the “Mathematical Bold Capital C,” which appears as the letter “C” but is recognized by the filtering system as a mathematical symbol, not part of the English language. The email’s content further complicates matters with tactics like replacing characters with similar-looking symbols or employing unusual formatting.

Google asserts that RETVec addresses these challenges by being resilient against various character-level manipulations, including homoglyphs, typos, and other alterations. What sets RETVec apart is its efficiency; unlike other methods requiring extensive resources, RETVec’s model is compact, containing only 200,000 parameters. This makes it feasible for deployment even on local devices. Additionally, RETVec’s open-source nature indicates potential use beyond Gmail, extending to various platforms and services.

Functioning akin to human cognition, RETVec utilizes a machine-learning TensorFlow model to interpret words based on visual “similarity” rather than their specific character content. Google’s demonstrations highlight its successful application in recognizing visual similarities, like identifying images of cats, and this technology has significantly enhanced spam detection in Gmail.

According to Google’s assessments, the implementation of RETVec has notably improved Gmail’s spam detection rate by 38% over the baseline while reducing false positives by 19.4%. Furthermore, RETVec usage has substantially decreased the model’s TPU usage by 83%. This deployment of RETVec stands as one of the most significant recent security enhancements, as stated by Google.

Google mentions having tested RETVec internally for a year, and it has already been integrated into Gmail accounts.