Google adds malware, phishing numbers to its transparency report to make the Web 'safer'

The data come from the company's Safe Browsing technology, whicht flags up to 10,000 sites daily

Phishing and malware sites detected by Google

Phishing and malware sites detected by Google

Google is revealing some new numbers around malware and phishing attempts in an effort to get more people thinking about online security and to make the Web safer.

The data is being incorporated into the company's biannual transparency reports, which are meant to provide clarity on the numbers for user data requests Google receives from government agencies and courts, as well as figures on removal requests received from copyright owners and governments and traffic reports for Google services worldwide.

The malware and phishing data stems from Google's Safe Browsing technology, which was established in 2006 to examine billions of URLs each day to find unsafe websites. These unsafe sites, Google said, generally fall into two categories: malware sites, which use code to install malicious software on users' computers; and phishing sites, which fake their legitimacy while trying to trick people into giving their user names and passwords or other private information online.

As of June 16, for instance, the company's Safe Browsing program had detected nearly 42,000 malware sites per week, according to data Google released Tuesday. For phishing sites, the rate clocked in at roughly 26,000.

Concerns over online security have been heightened in recent months following a spate of cyberattacks carried out against major companies such as The New York Times and the Jeep car company on sites like Twitter.

Google's thinking is that by providing details about these sorts of threats, "we hope to shine some light on the state of web security and encourage safer web security practices," the company said in its report.

Google Safe Browsing is currently used by some 1 billion people, the company said. The service shows warnings when users navigate to unsafe websites while using the Google Chrome, Mozilla Firefox and Apple Safari browsers.

With the new figures, people can see how many Safe Browsing warnings are delivered to users each week (more than 88 million as of June 16); where malicious sites are hosted around the world (Europe is a bit of a hotbed); how quickly websites become reinfected after malware is removed (the rate "rises dramatically," due to periodic rescanning of infected sites, Google said); and other tidbits like webmaster response time.

"We're always looking for new ways to protect users' security," said Google software engineer Lucas Ballard in a blog post announcing the data.

Users can report websites suspected of hosting or distributing malware here, or a suspected phishing site here, Google notes.

The report also includes a section on "notable events," which details some specific security incidents that are responsible for the larger trends contained in the report. Earlier this month, for instance, a campaign targeting vulnerabilities in Java and Acrobat Reader infected more than 7,500 sites, resulting in more than 75 million Safe Browsing users to receive malware warnings.

As part of its larger transparency report, Google last released numbers on data removal requests in April, when they spiked to over 2,000.

Zach Miners covers social networking, search and general technology news for IDG News Service. Follow Zach on Twitter at @zachminers. Zach's e-mail address is

Join the CSO newsletter!

Error: Please check your email address.

Tags Internet-based applications and servicesExploits / vulnerabilitiesIdentity fraud / theftinternetdata protectionsearch enginesmalwaremozillaAppleGooglesecuritymobile securitydata breachDesktop security

More about AppleGoogleIDGMozilla

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Zach Miners

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts