Have you ever needed to download a file from a download site, only to play a virtual game of hide and seek of “which is the real download button and not the one that will install shady malware if I click the wrong one?” Or those “your flash player requires an update” ads? Google has taken them on in their next phase of Safe Browsing.
Consistent with the social engineering policy we announced in November, embedded content (like ads) on a web page will be considered social engineering when they either:
- Pretend to act, or look and feel, like a trusted entity — like your own device or browser, or the website itself.
- Try to trick you into doing something you’d only do for a trusted entity — like sharing a password or calling tech support.
Someone posted an image some time ago on imgur saying that it was like trying to defuse a bomb to figure out which button was the real one and which ones were ads.
The other types of ads that Google cites are the fake software update ads that don’t actually lead to the true site, but scare people into thinking they are required to download updates, which actually intalls malware.
Many of the less reputable ad networks use these types of ads because they have a high accidental clickthrough and because nearly all of them download malware or adware onto the end user’s computer. So if you are running any ads like this, you need to be aware that your site may now be flagged with the red interstitial warning searchers from clicking through to your site.
It probably won’t be long before we start hearing about which ad networks are getting sites flagged, similar to how Bidvertiser is commonly associated with malware flags, or if some of the less reputable ad networks stop running these types of ads.
Latest posts by Jennifer Slegg (see all)
- JSON-LD Google’s Preferred Structured Data Markup - October 21, 2016
- How Google Handles Site Moves When Old Domain Cannot Be Redirected - October 20, 2016
- Exit Page Interstitials Not Impacted by Google’s Mobile Interstitial Change - October 19, 2016
- Google: Leave 301 Redirects in Place at Least a Year, Preferably Longer - October 19, 2016
- Site Wide & Blogroll Links Are Not Automatically Bad Links for Google - October 19, 2016