Improvements to Safe Browsing Alerts for Network Administrators

Posted by Nav Jagpal, Software Engineer

We launched Safe Browsing Alerts for Network Administrators over 5 years ago. Just as Safe Browsing warns users about dangerous sites, this service sends notifications to network administrators when our systems detect harmful URLs on their networks.

We’ve made good progress:

• 22k ASNs are being monitored, or roughly 40% of active networks
• 1300 network administrators are actively using the tool
• 250 reports are sent daily to these administrators

Today, to provide Network Admins with even more useful information for protecting their users, we’re adding URLs related to Unwanted Software, Malicious Software, and Social Engineering to the set of information we share.

Here’s the full set of data we share with network administrators:

• Compromised: Pages harming users through drive-by-download or exploits.
• Distribution: Domains that are responsible for launching exploits and serving malware. Unlike compromised sites, which are often run by innocent webmasters, distribution domains are typically set up with the primary purpose of serving malicious content.
• Social Engineering: Deceptive websites that trick users into performing unwanted actions such as downloading software or divulging private information. Social engineering includes phishing sites that trick users into revealing passwords.
• Unwanted Software: URLs which lead to software that violates our Unwanted Software Policy. This kind of software is often distributed through deceptive means such as social engineering, and has harmful software traits such as modifying users’ browsing experience in unexpected ways and performing unwanted ad injections. You can learn more about Unwanted Software, or UwS, here.
• Malware Software: Traditional malware downloads, such as trojans and viruses.

Network administrators can use the data provided by our service to gain insights into the security and quality of their network. By working together, we can make it more challenging and expensive for attackers to profit from user harm.

If you’re a network administrator and haven’t yet registered your AS, you can do so here. If you are experiencing problems verifying ownership, please contact us.