“Deceptive site ahead”: Google helps protect users from deceitful download buttons

There is a good chance you benefit from Google’s Safe Browsing API without even realising it.

Popular browsers such as Chrome, Firefox and Safari use the Google Safe Browsing service to check whether a webpage they are about to visit is suspicious, or is known to contain any threats (such as phishing forms or malware).

Google Safe Browsing already helps protect surfers from some of the risk of downloading adware and spyware, but it hasn’t stopped there.

This week, Google has announced that its is extending its Safe Browsing protection to shield you from another threat often used by scammers and malicious hackers: deceptive download buttons.

Download buttons that attempt to dupe innocent users into making unwise choices may be served up in your browser via a website’s embedded ad content and – with some careful social engineering – might trick you into doing something foolish, thinking that their messages are legitimate communications from the website or your computer.

Here are some examples of deceptive ads that Google shared to illustrate the issue.

In the first example, users might be fooled into thinking that they need to update the media player installed on their computer and click the “Update” button. Of course, doing so takes the unsuspecting user to a webpage which is likely to download a Trojan horse to their PC.

In the second example, the deceptive advert poses as a dialog box suggesting that a program needs to be installed to watch Flash Video content. Again, the program is likely to be malicious – and the message has not come from the website itself but from an ad that it is being served to the site’s visitors.

Google warns website owners that if visitors to their webpages consistently see social engineering content, their Google Safe Browsing functionality “may warn users when they visit the site.”

Here is what such a “Deceptive site ahead” warning would look like in the Google Chrome browser:


The truth is that deceitful download buttons could appear anywhere on the web, not just on seedy sites offering pirated software and porn. So it’s handy that your browser can help protect you from such risks rather than just having to rely upon your wits.

And, if you are a webmaster and believe that your site is being unfairly categorised by Google’s Safe Browsing API as containing deceptive content, you can do a lot worse than check out the company’s guide for webmasters.

Leave a Reply