Chrome Expands Safe Browsing
Friday, February 5, 2016 @ 03:02 PM gHale
Google is expanding its Safe Browsing technology to take on online ads that try to scam users into divulging personal information or downloading malware.
Safe Browsing is the name of both the backend technology Google created and the API (application programming interface) that developers, including other browser makers like Mozilla, can call to intercede when a user hits a website that may contain malicious content.
“Today, we’re expanding Safe Browsing protection to protect you from such deceptive embedded content, like social engineering ads,” said Lucas Ballard, a senior staff engineer on the Safe Browsing team, in a blog post.
Ads that Google considers “deceptive” will trigger a warning in Chrome — a bright red screen with text that starts, “Deceptive site ahead,” Ballard said.
Google’s definition of “deceptive” includes any ad that “pretends to act or look and feel, like a trusted entity,” or one that tries to “trick you into doing something you’d only do for a trusted entity.”
Ballard gave several examples of such ads, including those that claim a third-party program is necessary to view content, but assert the software is out of date.
Scammers and cyber criminals have long used that tactic to dupe users into downloading and installing malware on their devices.
In the past, Adobe’s Flash has often been the focus of such scams, which contend that Flash must be updated. Criminals expect a percentage of users who see such prompts to update which then infects machines.
Google’s Safe Browsing, which initially only detected phishing attempts — websites that mimicked legitimate sites and said the user had to type in their password — has expanded into other areas in the last three years, such as warnings of potentially-malicious downloads and software that tried to change browser settings.
In November, Google extended Safe Browsing’s reach to include socially-engineered scams of several sorts, including those that pronounce the PC infected and direct consumers to fraudulent sites and call centers, which scare them into paying large sums for bogus technical support.