Report Reveals Google Is Blacklisting Some Sites That Handle Passwords via HTTP

itman · May 27, 2017

A report released today by security experts from Sucuri and Unmask Parasites (UP) describes numerous instances where sites that handled password and credit card via HTTP pages found themselves on Google's Safe Browsing blacklist.

As soon as those sites were moved to HTTPS, investigators said that Google removed the sites from the Google Safe Browsing blacklist.

Not all blacklisted sites were infected with malware

While some websites were infected with malware, experts said that in many cases the sites where they were called in to investigate had no malware infection.

Initial requests to have these sites removed from the Safe Browsing blacklist were met with a refusal on Google's part, despite the lack of any malware or suspicious content. It was only after SSL was added to those sites that Google security experts cleared them to show up in search results and removed the scary "Deceptive Content" warning.

After some clever sleuthing on the researchers' part, they also realized that most of these cases happened with relatively new sites that hadn't had the chance to build a reputation. Domain age is important because most phishing sites operate from newly registered domains.

Google appears to be using HTTP status for Safe Browsing alerts

Putting all the clues together, Sucuri and UP experts believe that Google has started using a new combination of factors when blacklisting sites.

The first is the domain age, while the second is the presence of password or credit card input fields on HTTP pages.

In other words, Google was seeing newly registered domains being used to collect password and credit card data via HTTP, and it thought they were used for phishing.
Click to expand...

https://www.bleepingcomputer.com/ne...ng-some-sites-that-handle-passwords-via-http/

elapsed · May 27, 2017

At this point, any site asking for passwords and such over HTTP actually is malicious, when you consider the amount of people that re-use passwords.

Log in or Sign up

Report Reveals Google Is Blacklisting Some Sites That Handle Passwords via HTTP

itman Registered Member

elapsed Registered Member

Log in or Sign up

Report Reveals Google Is Blacklisting Some Sites That Handle Passwords via HTTP

itman Registered Member

elapsed Registered Member

Useful Searches