The Web is a rather dangerous place, not because the technologies that build it up are inherently insecure (thought they do have bugs). It’s because of social engineering, the term used to describe techniques that con people into clicking on links or downloading things they normally wouldn’t, leading to infected computers and devices. Google launched its Safe Browsing feature for Chrome late last year to combat social engineering scams and now it is expanding it to cover deceptive “embedded content”, also known as ads.
Safe Browsing protects users from malicious websites that try to make them enter their credentials (phishing) or install malware that pretend to be legit software, usually some antivirus or media player. Embedded content, on the other hand, are a bit harder to catch. That’s because in most cases, they are integrated into the web page, taking the place of ads, and look as if they are a legitimate and friendly part of the web page itself.
These can take the form of ads that try to make you install updates or apps that don’t exist. But one of the hardest ones to notice are those that present themselves as download buttons, sometimes right beside or beneath the actual download link or button. These sometimes even adjust to the host website’s theme, making them even harder to distinguish.
Google’s Safe Browsing, which is available on Chrome, both for desktop and Android, will now protect you from those as well and will flag deceptive content, giving users some fair and really obvious warnings about these malicious activities.
Google also warns web page owners about how such embedded content might affect their site without them knowing it. Safe Browsing will flag sites with such ads and, if encountered by visitors regularly, will flag the whole site itself. In both cases, owners should troubleshoot the sites to make sure they’re clean.