Having worked in IT for more than a decade, I’m pretty skilled at picking out fake download buttons and ads that look like legitimate notifications. However, there are still plenty of times where one of these will make me pause, as I have to look for extra clues as to what it really is. If one of these ads is clever enough to give an IT professional pause, just imagine how easily tricked your elderly relatives are, when confronted with them.
Google has been in the advertising game long enough to know good ads from bad ones, and they’re putting that knowledge to good use, in their latest Chrome update. They know how easy it is for sites to trick you using social engineering tactics, and they’re aiming to stop them. Back in November, they announced a new social engineering policy, which helped weed out some of these problems, but today they’re taking it to the next step.
Their November update helped block things like fake security warnings, fake updates, and fake remote support offers. While this was great, the company knew that they wouldn’t be able to stop there. Today, they’re targeting embedded content, such as ads, which look like they’re a legitimate offer to download new software that you want, or to update existing software. Some examples of these types of deceptive ads are below.
As you can see, these look somewhat legitimate. To the untrained eye, this could be something that someone would easily click on. But now instead of taking the user to some page where they’re loaded up with malware of every sort, they’ll see a red screen from Google, letting them know that the site is deceptive, and that they should return to safety. There will still be the option to move forward, if they’re absolutely sure that this is the place they want to be, but most users will turn back.
Google says that the changes will be rolling out today, so we should expect an update to Chrome before the end of the day.