Google will start telling web users when they encounter deceptive sites that may try to trick them with misleading ads, the company announced in a blog post. Now, when Google detects fishy "embedded content," such as an ad that masquerades as a download to steal personal information, Google will warn users with a page declaring a "deceptive site ahead."
The company says the content that will trigger the warning includes anything that tries "to act, or look and feel, like a trusted entity," or that attempts to "trick you into doing something you’d only do for a trusted entity." The plan is part of Google's Safe Browsing program, which was updated in November to flag for similarly suspicious content. Safe Browsing is set on by default for Chrome users.
Safe Browsing would protect you from social engineering attacks - deceptive tactics that try to trick you into doing something dangerous, like installing unwanted software or revealing your personal information (for example, passwords, phone numbers, or credit cards). You may have encountered social engineering in a deceptive download button, or an image ad that falsely claims your system is out of date. Today, we’re expanding Safe Browsing protection to protect you from such deceptive embedded content, like social engineering ads.
Consistent with the social engineering policy announced in November, embedded content (like ads) on a web page will be considered social engineering when they either:
source:
The company says the content that will trigger the warning includes anything that tries "to act, or look and feel, like a trusted entity," or that attempts to "trick you into doing something you’d only do for a trusted entity." The plan is part of Google's Safe Browsing program, which was updated in November to flag for similarly suspicious content. Safe Browsing is set on by default for Chrome users.
Safe Browsing would protect you from social engineering attacks - deceptive tactics that try to trick you into doing something dangerous, like installing unwanted software or revealing your personal information (for example, passwords, phone numbers, or credit cards). You may have encountered social engineering in a deceptive download button, or an image ad that falsely claims your system is out of date. Today, we’re expanding Safe Browsing protection to protect you from such deceptive embedded content, like social engineering ads.
Consistent with the social engineering policy announced in November, embedded content (like ads) on a web page will be considered social engineering when they either:
- Pretend to act, or look and feel, like a trusted entity — like your own device or browser, or the website itself.
- Try to trick you into doing something you’d only do for a trusted entity — like sharing a password or calling tech support.
Below are some examples of deceptive content, shown via ads:
This image claims that your software is out-of-date to trick you into clicking “update”.
This image mimics a dialogue from the FLV software developer -- but it does not actually originate from this developer.
These buttons seem like they will produce content that relate to the site (like a TV show or sports video stream) by mimicking the site’s look and feel. They are often not distinguishable from the rest of the page.
source:
Post a Comment