Security Blog
The latest news and insights from Google on security and safety on the Internet
Safe Browsing protection from even more deceptive attacks
2015年11月13日
Posted by Emily Schechter, Program Manager and Noé Lutz, Software Engineer
Safe Browsing
has been protecting over one billion people from
traditional phishing attacks
on the web for more than eight years. The threat landscape is constantly changing—bad actors on the web are using more and different types of deceptive behavior to trick you into performing actions that you didn’t intend or want, so we’ve expanded protection to include social engineering.
Social engineering is a much broader category than traditional phishing and encompasses more types of deceptive web content. A social engineering attack happens when either:
The content pretends to act, or looks and feels, like a trusted entity — like a bank or government.
The content tries to trick you into doing something you’d only do for a trusted entity — like sharing a password or calling tech support.
Below are some examples of social engineering attacks that try to trick you into thinking the content is delivered by Google or Chrome. Other trusted brands are also commonly abused for social engineering attacks.
This page tries to trick you into downloading and executing malware or unwanted software. It uses Chrome’s logo and name to confuse you into believing the site is operated by Google. Content like this may include an inconspicuous legal disclaimer that states it is not affiliated with Google. This does not change the deceptive nature of this content—as always, use caution when downloading files from the web.
This is a fake tech phone support page. This page mimics a warning and may trick you into calling a third-party company that pretends to be Google or some other trusted entity, but charges a fee for support. (Chrome does not offer paid remote support).
This is a fake Google login page. It might trick you into disclosing your account login credentials. Other phishing sites like this could trick you into giving up other personal information such as credit card information. Phishing sites may look exactly like the real site—so be sure to look at the address bar to check that the URL is correct, and also check to see that the website begins with https://. See more information
here
.
If we identify that a web page contains social engineering content, Chrome will warn you by displaying the following warning:
(If you believe Safe Browsing has classified a web page in error, please report it
here
.)
We'll continue to improve Google's Safe Browsing protection to help more people stay safer online. Check out the
Safe Browsing Transparency Report
to find out more.
沒有留言 :
張貼留言
標籤
#sharethemicincyber
#supplychain #security #opensource
android
android security
android tr
app security
big data
biometrics
blackhat
C++
chrome
chrome enterprise
chrome security
connected devices
CTF
diversity
encryption
federated learning
fuzzing
Gboard
google play
google play protect
hacking
interoperability
iot security
kubernetes
linux kernel
memory safety
Open Source
pha family highlights
pixel
privacy
private compute core
Rowhammer
rust
Security
security rewards program
sigstore
spyware
supply chain
targeted spyware
tensor
Titan M2
VDP
vulnerabilities
workshop
Archive
2024
11月
10月
9月
8月
7月
6月
5月
4月
3月
2月
1月
2023
12月
11月
10月
9月
8月
7月
6月
5月
4月
3月
2月
1月
2022
12月
11月
10月
9月
8月
7月
6月
5月
4月
3月
2月
1月
2021
12月
11月
10月
9月
8月
7月
6月
5月
4月
3月
2月
1月
2020
12月
11月
10月
9月
8月
7月
6月
5月
4月
3月
2月
1月
2019
12月
11月
10月
9月
8月
7月
6月
5月
4月
3月
2月
1月
2018
12月
11月
10月
9月
8月
7月
6月
5月
4月
3月
2月
1月
2017
12月
11月
10月
9月
7月
6月
5月
4月
3月
2月
1月
2016
12月
11月
10月
9月
8月
7月
6月
5月
4月
3月
2月
1月
2015
12月
11月
10月
9月
8月
7月
6月
5月
4月
3月
2月
1月
2014
12月
11月
10月
9月
8月
7月
6月
4月
3月
2月
1月
2013
12月
11月
10月
8月
6月
5月
4月
3月
2月
1月
2012
12月
9月
8月
6月
5月
4月
3月
2月
1月
2011
12月
11月
10月
9月
8月
7月
6月
5月
4月
3月
2月
2010
11月
10月
9月
8月
7月
5月
4月
3月
2009
11月
10月
8月
7月
6月
3月
2008
12月
11月
10月
8月
7月
5月
2月
2007
11月
10月
9月
7月
6月
5月
Feed
Follow @google
Follow
Give us feedback in our
Product Forums
.
Follow
沒有留言 :
張貼留言