In an attempt to provide greater transparency, Google has released data on malware and phishing scams as part of its Safe Browsing program.
As security reporter Brian Krebs added, the data included in this report seems to suggest that malware “tends to show up in legitimate sites” more than the traditional “warez” or piracy sites, reports Mashable.
How does Google’s Safe Browsing information affect your browsing?
Google Transparency Report
The recent findings on malware and phishing attempts in "safe" websites was part of Google's annual "Transparency Report" released Tuesday, the very same report in which Google had wanted to add PRISM data.
The latest report found as of June 9, 2013, that there are at approximately 10 times more compromised sites than dedicated "attack" sites, making it far more likely for users to encounter malware on a "safe" site, reports CNET.
All the sites mentioned in the Report were tagged as part of Google's Safe Browsing program, which flags and filters sites which the program indicates as compromised.
But as we have seen with the PRISM leaks, Google and other tech giants don't always act in the consumer's best interest when they're given the chance.
Google Isn't The Government
Although Google has done some fantastic work in trying to segregate malware and phishing scams from the rest of the useful Internet, they're ultimately not bound to do so. There are various agencies bound to protect consumers and punish bad businesses, like the FTC, but those agencies tend to be slow going and ineffective.
On the other hand, the snappily named United States Computer Emergency Readiness Team (US-CERT) has a decent amount of insight into recent malware attacks and security vulnerabilities.
What to Do in The Meantime
So while you're biting your nails down to the cuticles waiting for either Google or the government to give you or your firm a heads up on what sites are "safe" or not, consider a more educated search approach.
As you may already know, even Google can't prevent dangerous sites from appearing when you summon them with certain search terms, especially anything containing the word "free" in it, reports Ars Technica.
Try to repeat these mantras to ensure "safer" surfing for you and your employees:
- Google isn't a magic Internet genie. Remember, this is the same company that sends you targeted ads by scanning your emails.
- Malware can be everywhere. Don't have a dial-up era attitude about malware, it can be on any site so make sure your company or firm has virus protection software.
- Online security training, always. Employees can be the bane of your business security's existence, so you must train them not to invite malware onto your systems.
- Vast majority of malware attacks spawned from legit sites (Ars Technica)
- FTC Warns of 'Consumer Complaint' Email Scam (FindLaw's Free Enterprise)
- WordPress Sites Targeted by Hackers; Strong Password Myths (FindLaw's Technologist)
- Prank Employees, Test Security in One Fell Swoop (FindLaw's Technologist)