Google Finds 9,500 Malicious Sites Every Day

Google today provided an update on its security efforts, revealing that it identifies almost 10,000 new malicious websites every day and serves up millions of daily malware-related warnings to users.

Google finds about 9,500 new malicious websites every day, Niels Provos from Google’s security team wrote in a blog post.

“These are either innocent websites that have been compromised by malware authors, or others that are built specifically for malware distribution or phishing,” Provos wrote. “Our detection techniques are highly accurate—we have had only a handful of false positives.”

Those websites result in 12-14 million daily search-related warnings and 300,000 download alerts via Chrome’s download protection service.

“We protect 600 million users through built-in protection for Chrome, Firefox and Safari, where we show several million security warnings every day to Internet users,” Provos wrote. “When we detect malware or phishing, we trigger a red warning screen that discourages clicking through to the website. Our free and public Safe Browsing API allows other organizations to keep their users safe by using the data we’ve compiled.”

Provos penned today’s blog post to commemorate the fifth anniversary of Google Safe Browsing, which looks to protect Google users from malware and phishing.

The effort also sought to educate webmasters about how to protect their websites. Google said that it still send thousands of notifications to webmasters every day.

“Malware and phishing aren’t completely solvable problems because threats continue to evolve, but our technologies and processes do, too,” Provos wrote.

Google found that e-commerce sites are still the most popular targets for phishing attacks since “phishers are motivated by money.” Phishers are often highly sophisticated and geographically dispersed, with some staying online for less than an hour to avoid detection, Provos said. Malware authors, meanwhile, often try to take over legitimate sites.

Google has implemented a number of security warnings across it services of late. Last year, it added malware warnings to search results after it noticed some unusual activity on its network while conducting routine data center maintenance.

More recently, Google pledged to warn users whose computers or home routers appear to be infected with the DNSChanger malware, as well as those targeted by state-sponsored attacks.

Original Source: PC Mag