Google's anti-malware Safe Browsing feature ups penalties for repeat offenders

Kyle Wiggers
Digital Trends
Google Chrome to begin marking HTTP sites as not secure to coax them to HTTPS
The tech giants of the world are continuing in their efforts to make the web a safer place. On Thursday, Google announced that Chrome will begin marking HTTP pages as nonsecure if they collect passwords or credit card information.

Google does its best to protect Chrome and Google Search users from unsafe websites via Safe Browsing, an on-screen alert that prevents the browser from automatically visiting a website that’s been flagged as unsafe. But it doesn’t catch everything — in particular websites that, once flagged by Google’s algorithms, temporarily “clean up” their activity in order to avoid triggering Safe Browser’s short-term detection.

That’s why Google is changing how the feature works: on Monday, the company said “repeat offenders” — sites that draw Safe Browser’s algorithmic ire more than once — will remain on a blacklist for 30 days.

“We’ve observed that a small number of websites will cease harming users for long enough to have the warnings removed, and will then revert to harmful activity,” Brooke Heinichen, a member of Google’s Safe Browsing Team, said.

Related: New Android banking malware steals your data with the snap of a selfie

Previously, Safe Browsing only temporarily halted navigation to sites that’d tripped Google’s anti-malware systems. Going forward, Google said, websites that “repeatedly switch between compliant and noncompliant behavior” — the latter of which includes distributing malware or unwanted software, or perpetrating phishing and social engineering — will be unable to appeal Safe Browsing for 30 days.

Google will notify affected webmasters through Search Console, Google’s web development portal. And it will send an email to website owners who’ve registered an address.

Heinichen stressed that “hacked” websites — webpages that have been illicitly commandeered by bad actors — won’t be subject to the new policy. “Only sites that purposefully post harmful content will be subject to the policy,” Heinichen said.

Related: Google safe browsing API is here to make Android apps a whole lot safer from malware

Then changes to Safe Browsing come as Google expands the feature’s reach.

Earlier this year, Safe Browsing hit Android as part of an update to the company’s Google Play Services suite and version 46 of Chrome for Android. It’s “highly optimized” — Google said that thanks to mobile devices’ limited storage, slow connectivity, weak processors, and limited batteries, it had to minimize the number of bits of security data.

More recently, Google brought Safe Browsing to Gmail for Android in the form of a message that warns users when they receive an email from an unauthenticated sender.

Related: Google sneaks in upgrade of Safe Browsing API, says it’s been guarding some users for months

The improvements to Safe Browsing are timely. According to Kaspersky Labs, the first quarter of 2016 saw a “dramatic increase” in the number of unsolicited emails containing malicious attachments. The threat to businesses are particularly acute: Symantec reports that last year, phishing campaigns targeting employees increased 55 percent.

Google said Safe Browsing protects more than two billion internet-connected devices worldwide.