Have you ever needed to download a file from a download site, only to play a virtual game of hide and seek of “which is the real download button and not the one that will install shady malware if I click the wrong one?” Or those “your flash player requires an update” ads? Google has taken them on in their next phase of Safe Browsing.
Consistent with the social engineering policy we announced in November, embedded content (like ads) on a web page will be considered social engineering when they either:
- Pretend to act, or look and feel, like a trusted entity — like your own device or browser, or the website itself.
- Try to trick you into doing something you’d only do for a trusted entity — like sharing a password or calling tech support.
Someone posted an image some time ago on imgur saying that it was like trying to defuse a bomb to figure out which button was the real one and which ones were ads.
The other types of ads that Google cites are the fake software update ads that don’t actually lead to the true site, but scare people into thinking they are required to download updates, which actually intalls malware.
Many of the less reputable ad networks use these types of ads because they have a high accidental clickthrough and because nearly all of them download malware or adware onto the end user’s computer. So if you are running any ads like this, you need to be aware that your site may now be flagged with the red interstitial warning searchers from clicking through to your site.
It probably won’t be long before we start hearing about which ad networks are getting sites flagged, similar to how Bidvertiser is commonly associated with malware flags, or if some of the less reputable ad networks stop running these types of ads.
Latest posts by Jennifer Slegg (see all)
- Cloudflare Credentials Stolen in Web Developer Chrome Extension Hack - August 18, 2017
- Google Search Console Sends Security Warning Notices for HTTP Sites - August 18, 2017
- Bing Testing Blended Local Mini One Pack in Search Results - August 15, 2017
- Google Still Ignores Last-Modified Meta Tag - August 11, 2017
- Google Ignores Geo Meta Tags in Regular Search Results - August 10, 2017