Google updated its security blog on Thursday with a promise of to rid our browsing experience of deceptive download buttons. This promise will be carried out via Google’s Safe Browsing service, which seeks to protect Web surfers from the growing number of social engineering attacks. The download buttons being targeted typically look legit, but instead lead to what the company calls “deceptive embedded content.”
Safe Browsing, which has been used by more than one billion people to help ward off phishing attacks over the last eight years, got serious about social engineering attacks back in November 2015. Users are deceived by seemingly trusted web content, such as a fake-but-legit-looking bank or government page. This content tries to trick the visitor into coughing up valuable information such as passwords and credit card numbers. They’ll even lead unwary users to fake tech support calls.
According to Google, content will be considered to be “social engineering” when it pretends to act, look, and feel like a trusted entity, then tries to trick the Web surfer into doing something that the user would only do with an authentic trusted entity. For instance, a website may show a deceptive ad that asks the visitor to update their media player, but pressing the button leads the user to a malicious website or downloads malicious software.
“Our fight against unwanted software and social engineering is still just beginning,” Google says in its blog. “If visitors to your web site consistently see social engineering content, Google Safe Browsing may warn users when they visit the site. If your site is flagged for containing social engineering content, you should troubleshoot with Search Console.”
That warning usually appears as a big red sign flagging that a specific site the Web surfer is about to visit is deceptive. This site may trick you into doing something dangerous, the warning reads, such as installing software or revealing personal information. Users can either click on the details link or the “Back to safety” button.
Google’s Safe Browsing can be used in Apple’s Safari, Google Chrome, and Mozilla Firefox. The company seems intent on cleaning out the junk that causes Web surfers headaches and financial woes. Google says it will continue to refine Safe Browsing protection so that more people can remain safe online.