Google detects 9,500 new malicious sites daily, and about 13 million Google searches each day yield warnings about hacked sites that have seen their content changed or links added, according to a blog post. In addition, the tech giant flags 300,000 downloads each day as potentially malicious.
Google seeks to protect users from websites that may be trying to phish users of their credentials or serve malware. The company defends against two types of the latter: either sites specifically built to distribute malware or those that have been compromised to redirect users, often without their knowledge, to a malicious site.
Grant Asplund, senior technology evangelist at Blue Coat Systems, a web security company, said that despite Google’s laudable efforts, the numbers reveal that the criminals continue to find ways to spread their wares. For example, recent Blue Coat research found that one out of every 142 searches leads to a malicious link.
“The way you move mountains is with constant pressure,” he told SCMagazine.com on Tuesday. “The cyber criminals are absolutely persistent, they’re 24-7 and they’re relentless.”
Niels Provos, a member of Google’s security team, said in the blog post that the fraudsters use varying techniques to ensure their malware-foisting sites evade detection, including rapidly changing their location, using dynamic DNS records and generating automated domain names.
Asplund said making users more informed can help pick up the pieces when technology falls short.