Roughly 9,500 new malicious sites are caught and flagged by Google every day, according to statistics released by the company on June 19.
The statistics come from the company’s Safe Browsing initiative, which it started five years ago to combat malicious content on the Web. At the time, the primary goal was to safeguard Google’s search engine results against malware and phishing, as well as educating webmasters on security, explained Niels Provos, a member of Google’s security team.
“We protect 600 million users through built-in protection for Chrome, Firefox and Safari, where we show several million security warnings every day to Internet users,” he blogged. “When we detect malware or phishing, we trigger a red warning screen that discourages clicking through to the Website. Our free and public Safe Browsing API allows other organizations to keep their users safe by using the data we’ve compiled.”
The 9,500 new malicious sites Google identifies each day are either legitimate sites that have been compromised by attackers, or malicious sites created intentionally to spread malware. Online commerce sites are a favorite of phishers, who as a group are getting more creative, he noted. Phishers move fast to try to stay ahead of anti-fraud efforts, with some phishers remaining online for less than an hour to avoid detection.
Attackers who compromise legitimate sites will often try to redirect users to an attack site and strike users with drive-by downloads that launch malware programs of Web surfers without their knowledge.
“To try to avoid detection, these attack sites adopt several techniques, such as rapidly changing their Internet location with free Web hosting services and auto-generated domain names,” Provos explained. “Although less common than drive-by downloads, were also seeing more malware authors bypassing software vulnerabilities altogether and instead employing methods to try to trick users into installing malicious softwarefor example, fake anti-virus software.”
“Approximately 12-14 million Google Search queries per day warn users about current malware threats, and we provide malware warnings for about 300,000 downloads per day through our download protection service for Chrome,” he added.
Just recently, Google announced it would send warnings to Gmail users if the company believes they are being targeted by state-sponsored cyber-attacks aimed at stealing personal information or blocking email message streams.
“We are constantly on the lookout for malicious activity on our systems, in particular attempts by third parties to log into users accounts unauthorized,” Eric Grosse, Google’s vice president of security engineering, explained in a blog post. “When we have specific intelligenceeither directly from users or from our own monitoring effortswe show clear warning signs and put in place extra roadblocks to thwart these bad actors.”