Online attacks take a number of forms, and phishing is one of the more recent problems. Chrome has long featured Safe Browsing to notify people when they visit potentially dangerous websites, and today Google announces that the feature is growing to include social engineering.
Google describes social engineering as being a much broader category than traditional phishing. Typical examples include sites that trick visitors into imparting passwords or credit card details, and those which purport to be an official website when they are in fact malicious. The Safe Browsing expansion offers protection against a range of social engineering attacks that Google provides examples of.
Many malicious sites try to trick visitors into believing that they are associated with Google or Chrome. In one example, a site offers up a fake update to Chrome under the pretence of being a genuine Google site. Other tactics include mimicking Chrome's style of error message to display a warning about a browser or computer problem. Visitors are encouraged to call a fake technical support number -- at great cost -- or pushed to a malicious download.
To avoid being duped, Google advises everyone to " be sure to look at the address bar to check that the URL is correct, and also check to see that the website begins with https://". In a blog post the company explains that when a site with social engineering content is detected, the interstitial shown above will be displayed as a warning.
Aucun commentaire:
Enregistrer un commentaire