Google targets fake download and play buttons

Google‘s Safe Browsing technology has been extended to warn users of Google Chrome, Apple Safari or Mozilla Firefox of image ads and other embedded content in web pages that the company deems as being malicious or potentially unsafe.

Later this week, when users of these browsers encounter potentially deceptive embedded adverts or download buttons for risky actions or content, Safe Browsing will pop up an alert.

The security notification will warn users about the potential for being tricked into doing something risky like installing software or sharing personal information such as passwords and phone numbers. The dialog box also invites users to share details of the incident with Google.

Google said examples of risky ads or embedded content that Safe Browsing will keep an eye on include error messages that urge users to update certain software and dialog boxes from seemingly trusted vendors that invite users to install a required component.


Specific criteria

Lucas Ballard, a member of Google’s Safe Browsing team, said the company has developed some specific criteria for identifying and labelling ads and other embedded content as being malicious or potentially unsafe.

For instance, an ad will be considered as being used for social engineering if it pretends to act, look and feel like a trusted device, browser or part of the Website itself.

The latest Safe Browsing feature builds on Google’s ongoing efforts to use its massive online presence to force Website owners to take better security precautions.

In its blog post Google says that “if visitors to your web site consistently see social engineering content, Google Safe Browsing may warn users when they visit the site”. If the problem persists, site owners should head to Google’s social engineering help for webmasters page.

Related reading

  • Cal Roscow

    This is a really good development. I spend quite a lot of time fixing or removing malicious software from older relatives’ machines because they’ve been tricked into clicking a button on an ad that looks legitimate. It puts them off using the internet, so this new feature will be very welcome!