Google Safe Browsing Deceptive Embedded Content

2016-02-04T07:31:00
ID GOOGLE-SAFE-BROWSING-EXTENDS-TO-DECEPTIVE-EMBEDDED-CONTENT/116135
Type threatpost
Reporter Michael Mimoso
Modified 2016-02-04T12:31:01

Description

Google’s Safe Browsing API is almost a living organism, constantly evolving and adapting to online threats.

On Wednesday, Google announced the latest enhancements to the service, with new features that protect users on the web from deceptive embedded content.

Related Posts

Chrome 53 Fixes Address Spoofing Vulnerability, 32 Other Bugs

September 1, 2016 , 11:52 am

Browser Address Bar Spoofing Vulnerability Disclosed

August 17, 2016 , 12:54 pm

TCP Flaw in Linux Extends to 80 Percent of Android Devices

August 15, 2016 , 5:10 pm

“You may have encountered social engineering in a deceptive download button, or an image ad that falsely claims your system is out of date,” said Google engineer Lucas Ballard. “We’re expanding Safe Browsing protection to protect you from such deceptive embedded content, like social engineering ads.”

Google has taken steps to defeat social engineering lures that trick users into downloading unwanted software such as adware, ad injectors or spyware that doesn’t behave as advertised. Now Google is extending that protection to deceptive download buttons or embedded content in image ads that purport to require system or application updates.

From Google’s announcement:

> Consistent with the social engineering policy we announced in November, embedded content (like ads) on a web page will be considered social engineering when they either: Pretend to act, or look and feel, like a trusted entity — like your own device or browser, or the website itself; or try to trick you into doing something you’d only do for a trusted entity — like sharing a password or calling tech support.

The Safe Browsing service helps protect Chrome users from malicious software and sites. The service defends against phishing and other threats by checking URLs against a database that Google maintains of malicious sites. The system also checks for sites that are suspected of serving malware. Google provides an API for Safe Browsing and it’s used in both Firefox and Safari.

Google said some examples of deceptive embedded content includes phony media player update requests embedded in ads, or download or play buttons that purport to show users streaming content and have the same look and feel as the rest of the page.

Last February, Google made its first strides toward protecting against these types of social engineering attacks that trick users into thinking they’re getting content from a trusted source. When users encountered a site hosting potentially unwanted software, the familiar red warning screen was displayed.