Connect with us

Hi, what are you looking for?


Email Security

Google’s RETVec Open Source Text Vectorizer Bolsters Malicious Email Detection

Google shows how RETVec, a new and open source text vectorizer, can improve the detection of phishing attacks, spam and other harmful content.

Google revealed on Wednesday that a new text vectorizer developed by its researchers significantly boosts efficiency in detecting malicious emails in Gmail inboxes.

The new text vectorizer, called RETVec (Resilient & Efficient Text Vectorizer), has been described by Google as “an efficient, resilient, and multilingual text vectorizer designed for neural-based text processing”. 

The internet giant has been leveraging text classification models to identify phishing attacks, scams, inappropriate comments and other harmful content on services such as YouTube and Gmail.

However, threat actors have been coming up with ways to evade these classifiers, using invisible characters, homoglyphs, and keyword stuffing.

RETVec aims to boost the efficiency of text classifiers while significantly reducing computation costs, and the tests conducted by Google over the past year seem to show that it has achieved its goal.

In its tests, Google replaced the text vectorizer previously used to detect spam in Gmail with RETVec. The company noticed a 38% improvement in spam detection, and a significant reduction in false positives and false negatives. In addition, the company saw a solid improvement in terms of performance.

“RETVec achieves these improvements by combining a novel, highly-compact character encoder, an augmentation-driven training regime, and the use of metric learning,” Google explained.

It added, “Due to its novel architecture, RETVec works out-of-the-box on every language and all UTF-8 characters without the need for text preprocessing, making it the ideal candidate for on-device, web, and large-scale text classification deployments. Models trained with RETVec exhibit faster inference speed due to its compact representation. Having smaller models reduces computational costs and decreases latency, which is critical for large-scale applications and on-device models.”

Advertisement. Scroll to continue reading.

RETVec has been detailed by Google in a paper and it has been made open source. A tutorial is also available for entities interested in using the new text vectorizer. 

Related: Satori Releases Open Source Data Permissions Scanner for Enterprises

Related: Top 10 Security, Operational Risks From Open Source Code

Related: Silverfort Open Sources Lateral Movement Detection Tool

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn about active threats targeting common cloud deployments and what security teams can do to mitigate them.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to and Exchange Online.


Government agencies in the United States have made progress in the implementation of the DMARC standard in response to a Department of Homeland Security...

Email Security

Many Fortune 500, FTSE 100 and ASX 100 companies have failed to properly implement the DMARC standard, exposing their customers and partners to phishing...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...


Enterprise users have been warned that cybercriminals may be trying to phish their credentials by luring them with fake emails that appear to be...

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...