February 8, 2016 By Larry Loeb 2 min read

Google recently announced on its Online Security Blog that its safe browsing concept was being extended to what it called “deceptive embedded content, like social engineering ads.”

Google defined embedded content classified as social engineering as content that acts, looks and feels like a trusted entity. Examples of trusted entities would be a device or browser, or the legitimate website.

This classification also extends to content that would try to trick users into doing something they would only do for a trusted entity, which might include sharing a password, supplying personal information or calling tech support.

Google Chrome and Social Engineering

The Chrome update, which was pushed out Feb. 3, is an extension of Google’s default safe browsing feature. Mashable noted that it can be turned on by checking a box located in the advanced privacy settings of the browser.

When Google encounters a site it suspects is hosting social engineering ads, it will display a red warning page. According to Google’s security blog, the warning reads: “Attackers on [the site] may trick you into doing something dangerous like installing software or revealing your personal information (for example, passwords, phone numbers or credit cards).”

Webmasters whose sites are flagged by Chrome have ways to dispute it, outlined by Google. Any deceptive content identified must be removed in order to remove the warnings; this includes any third-party resources that may be at fault. If it is a third-party problem such as an issue with a rotating ad, Google suggested multiple refreshes to aid in the identification process.

Safe Browsing Warnings Are Just the Beginning

This isn’t the first time Google has acted against deceptive websites. Last February, it announced a policy warning against programs that piggyback on other installations that automatically change a browser’s home page.

Google’s self-interest in making the open Web as usable as possible no doubt originates from its attempt to keep users using the Google search products. Regardless of the company’s motives, this particular effort will likely be welcomed by any user of the Web.

More from

CISA adds Microsoft SharePoint vulnerability to the KEV Catalog

3 min read - In late October, the United States Cybersecurity & Infrastructure Security Agency (CISA) added a new threat to its Known Exploited Vulnerability (KEV) Catalog. Cyber criminals used remote code execution vulnerability in Microsoft SharePoint to gain access to organizations’ networks. The CISA press release states that “these types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.”However, Microsoft identified and released a patch for this vulnerability in July 2024. Cybersecurity experts are…

What does resilience in the cyber world look like in 2025 and beyond?

6 min read -  Back in 2021, we ran a series called “A Journey in Organizational Resilience.” These issues of this series remain applicable today and, in many cases, are more important than ever, given the rapid changes of the last few years. But the term "resilience" can be difficult to define, and when we define it, we may limit its scope, missing the big picture.In the age of generative artificial intelligence (gen AI), the prevalence of breach data from infostealers and the near-constant…

Airplane cybersecurity: Past, present, future

4 min read - With most aviation processes now digitized, airlines and the aviation industry as a whole must prioritize cybersecurity. If a cyber criminal launches an attack that affects a system involved in aviation — either an airline’s system or a third-party vendor — the entire process, from safety to passenger comfort, may be impacted.To improve security in the aviation industry, the FAA recently proposed new rules to tighten cybersecurity on airplanes. These rules would “protect the equipment, systems and networks of transport…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today