Google announced that it will start blocking the so-called “social engineering attacks” through its “Safe Browsing” service. The type of attacks it will stop are things such as deceptive download buttons or image ads that try to trick you into installing malware-infected software.
Safe Browsing is used by Google’s own Chrome browser, as well as Mozilla’s Firefox and Apple’s Safari browsers, which means over one billion people benefit from its protection. The service was initially built to block known malware-infected domains in order to stop the infections from spreading to other web users, as well as phishing sites that try to steal users’ personal information by looking like clones of real web sites.
As Google’s Artificial Intelligence improves, services such as Safe Browsing can become better at recognizing dangerous code on the Web and protect users more effectively without too many false positives (that is, blocking things that shouldn’t be blocked).
Social engineering is one of the most effective ways to “hack” someone’s personal information and getting their passwords, credit card numbers, phone numbers and so on. Google’s Safe Browsing will consider social engineering ads when they either:
Pretend to act, or look and feel, like a trusted entity — like your own device or browser, or the website itself. Try to trick you into doing something you’d only do for a trusted entity — like sharing a password or calling tech support.
This can include an ad that says some software in your system needs an “update:”
It can also include ads that say it’s necessary to install a certain software before you continue:
Finally, it also includes the much-maligned fake download buttons, which are usually hard to distinguish from the real download or play buttons, even by more experienced Web users.
Google said that its fight against social engineering attacks is merely just starting and that it will continue to improve the service to increase the kind of protection Web users need.
Google also said that if web developers' websites are flagged by the service, they can troubleshoot them with the Search Console.
Lucian Armasu is a Contributing Writer for Tom's Hardware. You can follow him at @lucian_armasu.
More likely, this will be used to target torrent and porn sites.
I'm surprised that there does not seem to be any government regulation of online ads. TV and Radio is regulated, you put a fake claim or product on there, you will get fined. Yet you can put in all sorts of claims or misleading links online and not get blocked.
I think they'd find a great source of "training" for their AI by checking out download sites (similar to mediafire) or pretty much anything that is linked through ad.fly to get to...