According to the verge.com Google Chrome has built-in phishing detection that scans pages to see if they match known fake or malicious sites (using more than just the URL, since scammers rotate those more quickly than it can keep up). Google also says that, in Chrome 102, it will use machine learning that runs entirely within the browser (without sending data back to Google or elsewhere) to help identify websites that make unsolicited permission requests for notifications and silence them before they pop up.

Using automation in emails to scan for known phishing techniques hugely benefits the user by reducing the attack vector in the background. Users are often known to take short cuts, act before they think or be unaware of the potential dangers in emails so anything that goes on under the bonnet will ultimately mitigate a level of risk. There are, however, ways to circumnavigate the issues by using unique links but this will potentially add another hurdle in the way of the attackers who are constantly sharpening their tool kits. Machine learning is a very data hungry beast but we are at the start of feeding the machine with lots of information and in time these types of email attacks could dramatically drop in volume.