Does Dr. Google Have Your Site Quarantined?
Google search results and Gmail messages warn users when they’re about to click on a malware-infested site. But often, the marketers themselves don’t know that their sites have gone bad. Enter Google to the rescue.
“Helping Webmasters Re-secure Their Sites” was Tuesday’s post on the Google Webmaster Central Blog and it got into how Google will notify webmasters that their sites are delivering malware and scams.
“When Google works directly with webmasters during critical moments like security breaches, we can help 75 percent of webmasters re-secure their content,” write Kurt Thomas and Yuan Niu, who work on spam and abuse research for Google. “The whole process takes a median of three days. This is a better experience for webmasters and their audience.”
In the meantime, searchers see a notice saying: “This site may harm your computer.” Similarly, Gmail account-holders are warned that visiting the sites may harm their computers.
Thomas and Niu say mostly personal and small business websites with weak passwords or outdated software end up infected. [Author’s note: So that’s an obvious prevention option: Strengthen passwords and update software.]
Tuesday’s post says these are the ways Google will try to help site owners repair the damage:
Emails, Google Analytics, Search Console, search warnings and browser warnings will give site owners the heads up that something awful’s happened. “For webmasters who proactively registered their site with Search Console, we found that email communication led to 75 percent of webmasters re-securing their pages,” reads Tuesday’s post. “When we didn’t know a webmaster’s email address, browser warnings and search warnings helped 54 percent and 43 percent of sites clean up, respectively.”
Site owners should register for Google Analytics and Search Console, where they can receive the notices, Thomas and Niu say. In turn, site owners should help any visitors harmed by their sites. “Provide victims with clear recovery steps, and promptly reply to inquiries,” they say.
Find and Fix Harmful Content
“Attackers rely on hidden files, easy-to-miss redirects, and remote inclusions to serve scams and malware,” reads Tuesday’s post. “This makes clean-up increasingly tricky. When we emailed webmasters, we included tips and samples of exactly which pages contained harmful content. This, combined with expedited notification, helped webmasters clean up 62 percent faster compared to no tips — usually within three days.”
Keep Sites Clean and Safe
“We monitored recently cleaned websites and found 12 percent were compromised again in 30 days,” Thomas and Niu say. That’s why marketers need to cure the illness, not just treat the symptoms. Add authentication.
What do you think, marketers?
Please respond in the comments section below.
Related story: Gmail Cracks Down Harder on Security