Google Detects Record Number of Phishing Websites, Whereas Malware Sites Are On The Decrease

Google Detects Record Number of Phishing Websites

Although 2020 is not yet at an end, Google’s Transparency report already shows a record high number of phishing websites. 2.02 million sites year to date, to be more exact, averaging around 40,000 per week. This is an increase of almost 20% compared to last year. The number of unsafe malware websites, on the other hand, decreased significantly, and now stands well under 2,000 per week.

Safe Browsing

Every day, Google’s blacklist service, called “Safe Browsing”, discovers thousands of unsafe websites that contain malware or phishing content. Some of these websites are purposely created, others are legitimate websites that have been compromised by hackers. Google Chrome, Safari, Firefox, Vivaldi and Gnome browsers all

+use Google’s blacklist to flag infected pages.

Google uses several techniques to determine whether a page is genuine. Automated detection tools examine page content and structure in order to catch potentially misleading pages, for example. Users can also report a phishing page themselves, if they believe that a page is designed to look like another in an attempt to steal personal information.

Of course, Google Safe Browsing doesn’t offer complete protection. Therefore, it is wise to be on the lookout for indications that a link or website is not secure. Users can, for example, check the URL for any misspellings and TLS/SSL protection, and visit a website directly instead of clicking on a link. To better protect themselves, users can also use a VPN in combination with a good antivirus and antimalware program.

Phishing Websites On The Increase

When Google suspects a page or a website is malicious, an alert appears. This is to warn users that the page they are visiting could potentially steal their personal information or install malware on their computer. Google also notifies webmasters whose websites are compromised, provides information to ISPs, and updates the status of websites in their Transparency Report.

According to new statistics Google published this week, 2020 is heading for a record number of phishing websites. The total number of phishing websites already amounts to a staggering 2.02 million since the beginning of 2020. That’s an increase of almost 20% compared to last year.

The data reveals two spikes. One in February, topping at 58,021 phishing websites detected in week 3. Coincidentally or not, this is when, in most countries, people were confined to their homes because of the coronavirus pandemic. And then another spike towards the end of April to the beginning of May, when many countries faced another Covid-19 wave. In that period Google detected around 59,000 Phishing websites every 7 days for 3 consecutive weeks.

The second half of the year seems to be “steadier”, but not in a good sense, as the average number of phishing websites now hovers around 45,000 per week.

Malware Sites On The Decrease

While phishing websites trick users into typing in their username and password and/or personal information, malware websites contain code that installs malicious software onto a visitor’s computer. This can happen without the user’s knowledge. Or when the user downloads software from a page they deem “safe”, but is not.

When Google Safe Browsing started recording data in 2006, the number of malware websites was many times higher than the number of phishing websites. Now it is the exact opposite. In June 2009, Google recorded 76,845 malware sites in just 1 seven-day period. Since 2016, however, malware websites appear to have become less and less prevalent.

The number has fallen sharply since then, with the numbers coming down to around 2,000 per week and later under a thousand per week in the last 12 months. One of the likely reasons for this is that users have become more risk-aware when a website automatically launches a download window, or when a “You have won…” message or an unusually high number of annoying ads pop-up.

IT communication specialist
Sandra has many years of experience in the IT and tech sector as a communication specialist. She's also been co-director of a company specializing in IT, editorial services and communications project management. For she follows relevant cybercrime and online privacy developments.