Over the years, Google has expanded what its Safe Browsing feature protects against. Last December, Safe Browsing was fully rolled out to Android users as part of an update to Chrome and Google Play services. Today, they are expanding it to protect against deceptive download buttons increasingly found around the web.

Last November, Google got more aggressive against social engineering attacks that are more varied and numerous in comparison to traditional phishing schemes. Pages that pretend to be a trusted entity or trick users into doing something, like entering a password, will be considered as social engineering. Additionally, buttons that trick users into updating or downloading a piece of software will fall into that category. Safe Browsing is now updated to show its usual bright red warning page against these tricks.

Google lists some examples of embedded content, usually ads, that claim that a piece of software is old and in need of an update, ads that mimic a dialogue box from a trusted developer, and buttons that act as media controls. The latter is widely seen on video sites and are often indistinguishable from the site’s own controls.

Users will also be warned about sites where social engineering content is frequently present. These security updates are in effect and should be seen by Chrome and Search users.

About the Author