I have implemented Safe Browsing API. I have domains that are declared as phishing domains. I have tested them and as the response I get empty array.
My question is, does google safe browsing API has type PHISHING anymore? I have fetched the safe browsing list but I have only find those types:
MALWARE,
UNWANTED_SOFTWARE,
SOCIAL_ENGINEERING,
POTENCIALLY_HARMFUL_APPLICATION
Now I'm concerned because I can't test my domains on type phishing.
Does anyone knows anything about this?
Social engineering is a newer term for what people used to call phishing.
With phishing you think of the traditional e-mail that tries to lure someone onto a specific website, resp. a fake clone of it, to input their login credentials or perform certain actions.
Social engineering is a little broader, and includes other forms of getting people to perform certain actions – might be phone calls, etc. The main part is that the attacker uses information gathered about the person/company that make their request seem genuine. (F.e. employees wiring large amounts of money into foreign accounts because they thought it was their boss instructing them to do so is the kind of case that’s making headlines recently.)
So it looks like Google just change the name here, to better reflect what the category (Google calls it “threat types”) represents.