Skip to content

At The Identity Organisation, we're here to help!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038

    The Average Malicious Website Exists for Less Than 10 Minutes

    A new Chrome update brings to light Google findings about malicious websites that have serious implications on detecting malicious links, spoofed brands and the use of legitimate web services.

    This month, Google released a new feature to Google Safe Browsing, a feature that is used by over 5 million devices today and better protects Chrome browser users.

    The new feature employs real-time checking of websites against Google’s server-side list to see if a site is suspicious or malicious before visiting it. Previously, a client-side list was updated every 30 to 60 minutes. With the new feature, the moment Google deems a website to be dangerous, it is no longer accessible by users of Google Safe Browsing.

    What’s interesting is nestled deep in the middle of this announcement is a mention about why the “every 30 to 60 minutes” wasn’t good enough:

    “We’ve found that the average malicious site actually exists for less than 10 minutes.”

    That’s a huge piece of information that materially impacts cybersecurity efforts. Any security solution that checks websites against a database to see if they’re dangerous may fail their customer completely. Google goes on to say “By checking sites in real time, we expect to block 25% more phishing attempts.”

    In other words, at the rate dangerous websites are spinning up and being torn down, a victim organization is more likely to allow access to “instant” websites, despite having solutions in place that are designed to spot this from happening. 

    The only last resort you have is the user. When properly educated via new-school security awareness training, the user can play a role in vigilantly seeing a malicious webpage for what it really is and choose to simply disengage. Or better yet, not fall for the phishing email that would have brought them there in the first place!

    The “less than 10 minutes” state should both surprise you and not surprise you all at the same time; with so many malicious automation toolkits coming to the cybercrime market, this number may not materially drop from 10 minutes, but it certainly will stay where it is for a long time to come.

    KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

    Request A Demo: Security Awareness Training

    New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn’t a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4’s security awareness training and simulated phishing platform and see how easy it can be!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser:

    Sign Up to the TIO Intel Alerts!

    Back To Top