Google has adjusted its Safe Browsing policy in order to stop repeat offender websites from burning users and their machines with malware and phishing scams.
Google has adjusted its Safe Browsing policy in order to stop repeat offender websites from burning users and their machines with malware and phishing scams.

Google on Tuesday announced that it has revised its Safe Browsing policy and will now designate certain websites as repeat offenders if they are caught multiple times engaging in malicious activity such as malware distribution and phishing.

If a website earns this dubious distinction, Google Safe Browsing will flag it as unsafe, issuing a warning to any user that attempts to access the site via a web search. Webmasters will have to wait 30 days before they can request a website review to remove the designation.

The Safe Browsing service helps prevent potentially dangerous searches conducted via Google, the Chrome browser and other browsers that employ the Safe Browsing API. Until this recent change, Google's policy was simply to remove warnings that a site was unsafe once the company could verify that malicious activity had ceased.

However, according to a corporate blog post written by Google Safe Browsing Team strategist Brooke Heinichen, a “small number” of flagged websites would stop their dubious activity just long enough for Google to remove its warnings, only to resume their malicious operations once again. Google's adjusted policy is meant to curb such shady practices.

Google noted that when a site is branded a repeat offender, the webmaster will be notified of the decision via an email to his registered Search Console email address. It is through the Search Console that webmasters would normally be able to request a review.

“Browsers are one of the top infection vectors via drive-by download attacks and social engineering. Security filters play a critical role in thwarting many compromises at this particular layer," said Jerome Segura, lead malware intelligence analyst at Malwarebytes, in an interview with SC Media. "With this revised policy, Google wants to send a clear message that it is not going to play cat-and-mouse with rogue webmasters that want to game the Safe Browsing API.”

“Despite Google saying only a small number of sites are involved in this kind of behavior, we can infer that it is a big enough issue in that it affects Google Safe Browsing's reputation,” Segura continued.

Google asserted in its blog that websites that are hacked to distribute malware or perform other malicious acts will not be penalized as a repeat offender.

SC Media has reached out to Google for additional comment.