Threat Management, Network Security

Google Safe Browsing cracks down on repeat offenders

Google on Tuesday announced that it has revised its Safe Browsing policy and will now designate certain websites as repeat offenders if they are caught multiple times engaging in malicious activity such as malware distribution and phishing.

If a website earns this dubious distinction, Google Safe Browsing will flag it as unsafe, issuing a warning to any user that attempts to access the site via a web search. Webmasters will have to wait 30 days before they can request a website review to remove the designation.

The Safe Browsing service helps prevent potentially dangerous searches conducted via Google, the Chrome browser and other browsers that employ the Safe Browsing API. Until this recent change, Google's policy was simply to remove warnings that a site was unsafe once the company could verify that malicious activity had ceased.

However, according to a corporate blog post written by Google Safe Browsing Team strategist Brooke Heinichen, a “small number” of flagged websites would stop their dubious activity just long enough for Google to remove its warnings, only to resume their malicious operations once again. Google's adjusted policy is meant to curb such shady practices.

Google noted that when a site is branded a repeat offender, the webmaster will be notified of the decision via an email to his registered Search Console email address. It is through the Search Console that webmasters would normally be able to request a review.

“Browsers are one of the top infection vectors via drive-by download attacks and social engineering. Security filters play a critical role in thwarting many compromises at this particular layer," said Jerome Segura, lead malware intelligence analyst at Malwarebytes, in an interview with SC Media. "With this revised policy, Google wants to send a clear message that it is not going to play cat-and-mouse with rogue webmasters that want to game the Safe Browsing API.”

“Despite Google saying only a small number of sites are involved in this kind of behavior, we can infer that it is a big enough issue in that it affects Google Safe Browsing's reputation,” Segura continued.

Google asserted in its blog that websites that are hacked to distribute malware or perform other malicious acts will not be penalized as a repeat offender.

SC Media has reached out to Google for additional comment.

Bradley Barth

As director of community content at CyberRisk Alliance, Bradley Barth develops content for SC Media online conferences and events, as well as video/multimedia projects. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.