Google’s Safe Browsing initiative has expanded recently to provide users of the search engine with greater protection from malware, viruses, or from other online dangers such as identity theft. Google’s social engineering policy, announced in November, blocks attempts at social engineering. ‘Social engineering’, in this case, refers to embedded images or advertisements that attempt to lead the end user into an insecure and dangerous situation, often by deceiving them with elements that look legitimate. This includes classic phishing schemes, such as login and password boxes that provide that information to an untrusted third party, as well as advertisements that claim to provide critical updates or downloads relevant to the page, such as button links that claim to lead to a Flash Player update, but that are not provided by Adobe themselves. Although these advertisements are effective, they are not part of any legal and proper online marketing campaign, and should not show up on the website of any business. Google’s default assumption is that legitimate websites flagged by Safe Browsing have been hacked. Google’s Safe Browsing provides services to businesses and their webmasters as well. In addition to providing security within the browser itself, Safe Browsing also alerts a vulnerable website’s webmaster, often providing specific examples of the code that caused a website to be flagged in the first place. Google also tracks each webmaster’s clean-up time, gaining an idea of how long it took (or takes) the webmaster to fix and clean a security breach, as well as re-infection rates, which estimates the probability that a website could have been affected again (either by social engineering gaffes or by malware, for example). This encourages webmasters to use the information that Google provides quickly and effectively, preventing future security breaches entirely. In the event a website is flagged by Safe Browsing due to a security breach, the webmaster should first assess and fix the problem, then contact Google for a malware review. A malware review should also be requested in the event that a website is erroneously flagged, although Google reports that its accuracy is “very high”. Google’s own website includes a guide to the resolution process for affected webmasters.