Headlines say one thing, Google’s actions say another

Despite headlines, it’s still business as usual for Google — Piracy sites full of malware and deceptive ads remain at top in Google search results

Last fall Google introduced a series of steps to strengthen its Safe Browsing initiative announcing it would include protection against, “social engineering attacks – deceptive tactics that try to trick you into doing something dangerous, like installing unwanted software or revealing your personal information (for example, passwords, phone numbers, or credit cards).  

In February Google went further and announced it would add protection against what it called “deceptive embedded content, like social engineering ads” to its “Safe Browsing” strategy.  According to Google, such sites would:

  • Pretend to act, or look and feel, like a trusted entity — like your own device or browser, or the website itself.
  • Try to trick you into doing something you’d only do for a trusted entity — like sharing a password or calling tech support.

If a user attempted to visit such a site, Google said this warning screen would appear.


Of course to benefit from “safe search” one has to set Chrome preferences to “protect you and your devices from dangerous sites.”

Is re-posting 2 month old news Google’s technique for generating positive headlines?

Today, the very same post re-posted on Google’s Official Webmaster Central Blog.  Why repost an old post?  Could it be Google’s way of generating positive headlines and muddying the waters as to its real business practices?  Despite the fact today’s post was identical to the February announcement, a new round of headlines splashed across multiple websites making it seem like the “news” was new news….Google’s PR folks must be patting themselves on the back.

Google explains Safe Browsing this way:

Google’s Safe Browsing technology examines billions of URLs per day looking for unsafe websites…

When we detect unsafe sites, we show warnings on Google Search and in web browsers.

These unsafe sites fall into two categories, both of which threaten users’ privacy and security:

  • Malware sites contain code to install malicious software onto users’ computers. Hackers can use this software to capture and transmit users’ private or sensitive information.
  • Phishing sites pretend to be legitimate while trying to trick users into typing in their username and password or sharing other private information. Common examples are web pages that impersonate legitimate bank websites or online stores.

Sounds like a positive step against online piracy since malware and deceptive advertising is online piracy’s bread and butter,  right?  WRONG…

Google’s “safe search” warnings are nowhere to be found on piracy websites I checked as part of a little test I conducted today using Google Chrome.

Carol heavily piratedUsing Google search I looked for the recently released film ‘Carol’ using the search terms, “watch carol online.”
What I found was the same old, same old. In typical Google fashion, three out of the top four results lead to pirate websites that offer up free, full pirated copies of the movie.  In addition–contrary to Google’s new “safe browsing” policy–all two of the pirate sites featured embedded and pop-up featuring the very type of deceptive content Google claimed it would slap with warnings. Despite this, nary a Google “warning” to be found on any of these sites.

Google search leads to piracy websites

3 out of 4 top results are for piracy sites that feature malware or Google advertising

Google pirate search results
Pirated copy of Carol with Google AdSense ads

Google warns against visiting scam sites, but continues to send consumers there via its search engine?

What’s even more puzzling is that I Google’s “safe search” initiative is also more talk than action when sites (flagged warnings about “deceptive content”) that are found via its own search engine.

Below is an example from a SolarMovie site which offers up links to pirated movies galore. Amid the pirated movies were sporadic warnings from Google.  If Google is serious about protecting users from malware and phishing scams, why not simply remove these flagged sites from Google search?


Of course Google hypocrisy is nothing new.  Google flacks can generate all the fresh headlines they want by reposting old news, but in the end, the story remains the same. The team from Mountain View talk a good game, but in reality, nothing changes.  Google search continues to point the way to pirated content, malware or scams be damned…maybe the safest way to browse is to avoid Google entirely?