Alerts

“Deceptive site ahead”: Google helps protect users from deceitful download buttons

deceptive-site

There is a good chance you benefit from Google’s Safe Browsing API without even realising it.

Popular browsers such as Chrome, Firefox and Safari use the Google Safe Browsing service to check whether a webpage they are about to visit is suspicious, or is known to contain any threats (such as phishing forms or malware).

Google Safe Browsing already helps protect surfers from some of the risk of downloading adware and spyware, but it hasn’t stopped there.

This week, Google has announced that its is extending its Safe Browsing protection to shield you from another threat often used by scammers and malicious hackers: deceptive download buttons.

Download buttons that attempt to dupe innocent users into making unwise choices may be served up in your browser via a website’s embedded ad content and – with some careful social engineering – might trick you into doing something foolish, thinking that their messages are legitimate communications from the website or your computer.

Here are some examples of deceptive ads that Google shared to illustrate the issue.

deceptive-ads

In the first example, users might be fooled into thinking that they need to update the media player installed on their computer and click the “Update” button. Of course, doing so takes the unsuspecting user to a webpage which is likely to download a Trojan horse to their PC.

In the second example, the deceptive advert poses as a dialog box suggesting that a program needs to be installed to watch Flash Video content. Again, the program is likely to be malicious – and the message has not come from the website itself but from an ad that it is being served to the site’s visitors.

Google warns website owners that if visitors to their webpages consistently see social engineering content, their Google Safe Browsing functionality “may warn users when they visit the site.”

Here is what such a “Deceptive site ahead” warning would look like in the Google Chrome browser:

deceptive-site-ahead

The truth is that deceitful download buttons could appear anywhere on the web, not just on seedy sites offering pirated software and porn. So it’s handy that your browser can help protect you from such risks rather than just having to rely upon your wits.

And, if you are a webmaster and believe that your site is being unfairly categorised by Google’s Safe Browsing API as containing deceptive content, you can do a lot worse than check out the company’s guide for webmasters.

About the author

Graham CLULEY

Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by companies such as Sophos, McAfee and Dr Solomon's. He has given talks about computer security for some of the world's largest companies, worked with law enforcement agencies on investigations into hacking groups, and regularly appears on TV and radio explaining computer security threats.

Graham Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011, and was given an honorary mention in the "10 Greatest Britons in IT History" for his contribution as a leading authority in internet security.

5 Comments

Click here to post a comment

Your email address will not be published. Required fields are marked *