Safe Browsing -Google to the Rescue


Google is a lot of things to a lot of people, but until I read a blog post today by Niels Provos of the Google security team, I had no idea how they were protecting all of us from malware and phishing expeditions by the bad guys. 

The full blog is definitely worth a read, but here are a few things noting of what Provos rightly praises as the company’s five year and counting efforts to mitigate the risks of a bad experience. Google says they:

  • Protect 600 million users through built-in protection for Chrome, Firefox, and Safari, where they show several million warnings every day to Internet users.
  • Find about 9,500 new malicious websites every day.
  • Find approximately 12-14 million Google Search queries per day showing the Google red warning.
  • Provide malware warnings for about 300 thousand downloads per day through the download protection service for Chrome.
  • Send thousands of notifications daily to webmasters viaWebmaster Tools, and their partnership with helps webmasters who can't sign up or need additional help.
  • Send thousands of notifications daily to Internet Service Providers (ISPs) & CERTs to help them keep their networks clean.

A series of graphs show the history of protection provided. Below is just one that shows the number of phishing sites discovered monthly that is a bit frightening given the fact that phishing is typically aimed at e-commerce sites like PayPal. 

 Provos also points out that phishers are:

  • Faster - Many phishing webpages (URLs) remain online for less than an hour in an attempt to avoid detection.
  • More diverse - Targeted “spear phishing” attacks have become increasingly common. Additionally, phishing attacks are now targeting companies, banks, and merchants globally (Chart 2).
  • Used to distribute malware - Phishing sites commonly use the look and feel of popular sites and social networks to trick users into installing malware. For example, these rogue sites may ask to install a binary or browser extension to enable certain fake content.

The good news is the Google Safe Browsing team know the enemy and appear to be on their game. Provos notes that not only are there clear metrics for measuring the impact of the team’s efforts, but the company’s free data feed has become the de facto base of comparison for academic research in the space. The message here is that there is safety in numbers.

Looking ahead there is also cause for peace of mind. Google is committed to continuing to invest in the Safe Browsing team to keep up with the bad actors. Provos says this includes getting the technology needed for recent efforts which include:

·         Instantaneous phishing detection and download protection within the Chrome browser

·         Chrome extension malware scanning

·         Android application protection

As noted at the top, this is a case of who knew? What I can say as a devoted Chrome and Andorid user is that I appreciate the efforts – past and promised – as well as the insights.

Edited by Allison Boccamazzo
Related Articles

Coding and Invention Made Fun

By: Special Guest    10/12/2018

SAM is a series of kits that integrates hardware and software with the Internet. Combining wireless building blocks composed of sensors and actors con…

Read More

Facebook Marketplace Now Leverages AI

By: Paula Bernier    10/3/2018

Artificial intelligence is changing the way businesses interact with customers. Facebook's announcement this week is just another example of how this …

Read More

Oct. 17 Webinar to Address Apache Spark Benefits, Tools

By: Paula Bernier    10/2/2018

In the upcoming webinar "Apache Spark: The New Enterprise Backbone for ETL, Batch and Real-time Streaming," industry experts will offer details on clo…

Read More

It's Black and White: Cybercriminals Are Spending 10x More Than Enterprises to Control, Disrupt and Steal

By: Cynthia S. Artin    9/26/2018

In a stunning new report by Carbon Black, "Hacking, Escalating Attacks and The Role of Threat Hunting" the company revealed that 92% of UK companies s…

Read More

6 Challenges of 5G, and the 9 Pillars of Assurance Strategy

By: Special Guest    9/17/2018

To make 5G possible, everything will change. The 5G network will involve new antennas and chipsets, new architectures, new KPIs, new vendors, cloud di…

Read More