Google boosts malware protection for high-risk accounts

[tarekma7]

Google has added improved malware protection for all Google Chrome users who are also enrolled in the company's Advanced Protection Program (APP).

 

Google's Advanced Protection Program is a free service that aims to protect the accounts of users including but not limited to activists, journalists, business leaders, and political teams who have a higher risk of being targeted by online attacks.

 

APP blocks unauthorized access to enrolled users' accounts, offers additional protection from harmful downloads, and secures the users' info.

 

More to the point, the program will provide APP-enrolled users with enhanced protection against Google account phishing attacks, malicious apps, and data theft attempts.

 

Real-time warnings

"Specifically, when Chrome detects a potentially suspicious file download, users will see a new prompt asking whether they want to send the file to Google Advanced Protection to check for malware," Google explained today.

 

"If they choose to send it, Google Safe Browsing will scan it in real-time and will warn the user if it determines the file is unsafe."

The new enhanced malware protection and warnings are enabled by default for all users enrolled in the Advanced Protection Program and who are also signed into Chrome.

 

This feature is available starting today for all users in the Advanced Protection Program. Users who aren't yet enrolled can do so using their phone’s built-in security key or a physical

 

Once enrolled, they will be required to use the security key used during the registration process when signing into their accounts on new devices.

 

With this extra protection, even if a Google user falls victim to a phishing campaign, the threat actor behind it won't be able to gain access to the victim's account without the security key.

 

They will also receive extra alerts when installing apps or downloading files that look suspicious due to the more strict APP protection settings and checks. as well as because of several optional account security features that are turned on by default for APP-enrolled users.

 

Not a single APP-enrolled user phished in 2019

 

Earlier this year, Google announced that it sent roughly 40,000 warnings of state-sponsored phishing or malware hacking attempts to its users during last year.

 

Journalist and news outlet impersonation were among the most commonly identified phishing tactics used by state-backed threat actors during 2019 said Toni Gidwani, a Security Engineering Manager with Google’s Threat Analysis Group (TAG, at the time.

 

"We’ve yet to see people successfully phished if they participate in Google’s Advanced Protection Program (APP), even if they are repeatedly targeted," Gidwani explained.

 

"APP provides the strongest protections available against phishing and account hijacking and is specifically designed for the highest-risk accounts."

 

Source