As the internet expands, there are a growing number of documents that are potential threats to users' technical devices (computers and mobile devices).
Potentially dangerous documents can be divided into two groups:
- “Malware” causes malicious code to be executed. Running it may cause data to be leaked or lost, and can also harm user devices. It may be authorized (for example, when downloading and running an executable file) or unauthorized (for example, a spyware attack).
- “Phishing” requests confidential user data for further unauthorized use. These pages are copies of sites where the user probably has an account. When the user authenticates, confidential data is intercepted without authorization.
Yandex maintains a database of pages that are considered dangerous for user devices. The database is updated regularly.
External applications have access to the database via the Safe Browsing API (SB API). If the address of a requested document matches a URL from the database, it indicates a high risk of threat posed by this document. Access to the potentially dangerous page is blocked, and the appropriate warning message is returned to the application user.