Google continues to bolster its security infrastructure for its huge user base, this time by updating the search giant’s safe browsing application programming interface in keeping abreast with the expanding threat landscape.
The newest update to the safe browsing service includes features designed to safeguard Google users from the risk of phony embedded content, which abound in the Internet at present and continues to increase in number.
It is a common incident in the Web that a user might stumble upon a social engineering tactic that hides under the innocent disguise of a download button. There’s a lot of this kind of deceptive tool used by attackers to lure unsuspecting users.
Sometimes you will encounter a pop up message that says your computer is out of date and needs to be updated. Other times, there’s a seemingly legit Facebook Messenger chat notification that tells you a friend has messaged you. Still some other times, you will see ads that purport to offer the best deals for clothing or gadgets, but in reality are designed to deceive you. These are just some examples of social engineering, and often it is the less sophisticated Internet users that fall prey to this fraudulent tactic.
With Google’s latest update to its safe browsing API, the Mountain View company aims to protect its billion users from the claws of manipulative actors that use embedded content to cash in on less tech savvy internet users.
This is just the most recent in Google’s efforts to counter social engineering tactics that have since been using adware, ad injectors and spyware that tricks Internet users into downloading malicious Web content. The new enhancements to the safe browsing API is seen as a move to further Google’s intention to expand the protection given to users of various Web services, especially at a time when the importance of security cannot be understated.
Google most recently revamped its policy on social engineering in November 2015. The new policy states that an embedded content on a web page will be treated as a form of social engineering if the image purports to be a trusted material but in fact appears otherwise, or when the content asks you to share your password and other sensitive personal information.
The policy has been changed especially for Chrome users who have frequently encountered social engineering attacks when they visit websites. Google Chrome will now scan URLs for potential phishing campaigns and other forms of threats by referring to Google’s database of malicious websites.
In addition to the safe browsing API for Chrome, Google also released the same service for Firefox and Safari browsers.