Google is to start warning users when a “download” button on a website might be a malware trick. Let’s hope it means less work for those of us who act as IT support, for work, friends or family.
Bogus download buttons will be particularly familiar to anyone who has searched for software download sites, often promising free applications, or for video streaming sites with a lax attitude to copyright law. However, the tactic can also target even the most innocent (and naive) computer use, particularly when accompanied by pop-ups and displays falsely claiming a plug-in or other tool needs updating.
Google is, to say the least, giving few details about exactly how it will assess sites and trigger the warnings. It has confirmed the new feature will be an addition to the existing Safe Browsing, which warns users if a page itself is a security threat, such as a “drive-by attack.”
It appears the warnings will pop-up as and when a user tries to click on a relevant link from a Google search page, rather than the browser itself checking every page it visits.
Whether the tool will be a problem for false positives or for more confident users who are happy to hunt for a genuine download on the said sites remains to be seen. The warning message includes a link marked “Details” which, if previous Google moves are anything to go by, may bring up an option to proceed to the page after confirming you do so at your own risk.
If that is the case, this seems like a smart balance. More savvy users can still access sites, while those more vulnerable to an unwanted download should be clearly deterred by the plain language of the warnings.
And that’s great news for those of us who have a friend or family member who, like Jen in the IT Crowd, just can’t say no: