Google is introducing new warnings for social engineering sites to its Safe Browsing service. Social engineering is a broad category of deceptive online content, typically a website which disguises itself as a trusted entity such as a bank, government, or popular brand. Such online content attempts to coerce the user into performing additional tasks, such as downloading a program, providing login credentials, or calling a tech support phone number. It is a broader category of what is traditionally referred to as phishing. 

Google’s Safe Browsing service is a database of URLs that are known to contain malware, phishing, and now social engineering content. The list of malicious websites is frequently updated and utilized by the Google Chrome, Apple Safari, and Mozilla Firefox browsers to warn users attempting to visit these sites. The company also provides the information to internet service providers to assist them in protecting their customers. Approximately one billion people use Google Safe Browsing. 

In addition to the new social engineering warnings, the company is also developing in-product warnings for Gmail users. As a result of recent research into email encryption, these warnings will let users know when an email they receive has passed through a non-encrypted connection. There are still email providers which do not encrypt their users’ messages, leaving the text susceptible to being read if the message is ever intercepted. The new warnings are also a response to two findings from the research: “First, we found regions of the Internet actively preventing message encryption…Second, we uncovered malicious DNS servers publishing bogus routing information to email servers looking for Gmail. These nefarious servers are like telephone directories that intentionally list misleading phone numbers for a given name. While this type of attack is rare, it’s very concerning as it could allow attackers to censor or alter messages before they are relayed to the email recipient.”

There was positive news from the research as well: between December 2013 and October 2015, the number of encrypted emails that Gmail received from non-Gmail senders increased from 33% to 61%.