Google recently announced on its Online Security Blog that its safe browsing concept was being extended to what it called “deceptive embedded content, like social engineering ads.”
Google defined embedded content classified as social engineering as content that acts, looks and feels like a trusted entity. Examples of trusted entities would be a device or browser, or the legitimate website.
This classification also extends to content that would try to trick users into doing something they would only do for a trusted entity, which might include sharing a password, supplying personal information or calling tech support.
Google Chrome and Social Engineering
The Chrome update, which was pushed out Feb. 3, is an extension of Google’s default safe browsing feature. Mashable noted that it can be turned on by checking a box located in the advanced privacy settings of the browser.
When Google encounters a site it suspects is hosting social engineering ads, it will display a red warning page. According to Google’s security blog, the warning reads: “Attackers on [the site] may trick you into doing something dangerous like installing software or revealing your personal information (for example, passwords, phone numbers or credit cards).”
Webmasters whose sites are flagged by Chrome have ways to dispute it, outlined by Google. Any deceptive content identified must be removed in order to remove the warnings; this includes any third-party resources that may be at fault. If it is a third-party problem such as an issue with a rotating ad, Google suggested multiple refreshes to aid in the identification process.
Safe Browsing Warnings Are Just the Beginning
This isn’t the first time Google has acted against deceptive websites. Last February, it announced a policy warning against programs that piggyback on other installations that automatically change a browser’s home page.
Google’s self-interest in making the open Web as usable as possible no doubt originates from its attempt to keep users using the Google search products. Regardless of the company’s motives, this particular effort will likely be welcomed by any user of the Web.
Principal, PBC Enterprises