Google Warns Users Of Malware Infections

After discovering unusual patterns of activity, Google is now using notices on its search engine results pages (SERPs) to warn users that their computers are infected with malware.

In a recent post on Google's Online Security Blog, Damian Menscher, a Google Security Engineer said: "Recently, we found some unusual search traffic while performing routine maintenance on one of our data centers. After collaborating with security engineers at several companies that were sending this modified traffic, we determined that the computers exhibiting this behaviour were infected with a particular strain of malicious software, or malware. As a result of this discovery, today some people will see a prominent notification at the top of their Google web search results."

Menscher stated that malware was causing infected computers to send traffic to Google through a small number of intermediary servers called "proxies". Anyone using an infected machine would receive prominent notification at the top of their Google web search results page, warning them of the fact. "We hope that by taking steps to notify users whose traffic is coming through these proxies, we can help them update their anti-virus software and remove the infections."

Although Google aren't aware of a common name for the malware, they have indicated that the malware appears to have gotten onto users' computers from one of roughly a hundred variants of fake antivirus, or "fake AV" software that has been in circulation for a while. They believe that there are approximately 2 million machines effected by this malware which is quite a serious issue, if these numbers are correct. However, since the prominent notification has been in effect, Google have indicated that they have already warned hundreds of thousands of users that their computer is infected.

Google hopes that the knowledge they have gathered will help assist as many people as possible. In case their notice doesn't reach everyone directly and if you're concerned that your computer maybe infected, they have advised that you run a system scan on your computer yourself by following the steps in their Help Center article.

Note: If for some reason you haven't got Antivirus/Antispyware software installed on your computer, may I suggest using either PC Tools or AVG. Both of these packages offer a wide range of powerful tools to protect your computer against online threats.

Have you been affected by malware? What's your thoughts on this new notification? Please let me know.

Related articles:
Google's New Malware Warning
Does Google Consider Your Site Safe?
Google Adds New Security Layer To SERPs


As ever, if you want to stay up to date with the latest blog posts, don't forget to follow via Google Friend Connect (button on sidebar), on Facebook or subscribe to our feed at: http://feeds.feedburner.com/DereksHomeAndBusinessBlog

You can also follow me on Twitter @djones1509, Google+ and on Facebook at:
http://www.facebook.com/djones1509
http://www.facebook.com/DereksHomeandBusinessBlog

Until my next post, have a fabulous weekend!

Google's New Malware Warning

When you're in the business of directing people to websites, not taking them to sites riddled with harmful malware is a priority. As the world's most popular search engine and with a very important reputation at stake, Google is focusing on keeping its search results clean, or at least letting its users know when search results are suspicious and potentially dangerous.

Google now displays a warning for search results that appear to have been hacked or compromised. Specifically, on search results pages, the notification sits below each suspicious website's title as a hyperlink that says, "This site may be compromised."

Google started warning users of malware-laden sites years ago. Since 2006, Google has been prompting users with the warning, "this website might harm your computer," when they try to visit sites that are suspected of distributing malware. With infected search results continuing to deceive unsuspecting web surfers, Google has decided to add an extra warning.

On a support page dedicated to explaining the new warning, Google clarifies the distinction between the older warning and the new one. The older one (i.e. "this website might harm your computer") shows when Google's malware detection system determines that a site is "potentially hosting malware." Google displays the new warning: "this site may be compromised" when it suspects that a site has been hacked or compromised while not detecting any malware.

Hackers typically compromise a site with a couple of goals in mind. Their intention could be phishing, which consists of tricking users into sharing personal details like credit card information. It could also be spamming, a practice that violates search engine quality guidelines in order to fraudulently achieve a higher page rank.

Google is working closely with webmasters who believe their websites have unjustly been classified as hacked or compromised. Such a label could be devastating for a business. On the other hand, as an individual, it's better to err on the side of caution. Update your Antivirus/Antispyware software and watch out for hacked websites!

Note: If for some reason you have not got Antivirus/Antispyware software installed on your computer, may I suggest using either PC Tools or AVG. Both of these packages offer a wide range of powerful tools to protect your computer against online threats.

Related articles:
Does Google Consider Your Site Safe?
Google Adds New Security Layer To SERPs


As ever, if you want to stay up to date with the latest blog posts, don't forget to follow via Google Friend Connect (button on sidebar), on Facebook or subscribe to our feed at: http://feeds.feedburner.com/DereksHomeAndBusinessBlog

You can also follow me on Twitter @djones1509 and on Facebook at:
http://www.facebook.com/djones1509
http://www.facebook.com/DereksHomeandBusinessBlog

Be safe online!

Does Google Consider Your Site Safe?

Recently, Google introduced a new security layer to it's search engine results pages (SERPs) which informs users if a site has been compromised through hacking (see post: Google Adds New Security Layer To SERPs).

Although this new security layer is good at protecting users and their computers from sites that have been hacked, what you may not know is that Google maybe warning users not to visit your site, because of your outbound links.

Last Friday, I received a message from John Gilbert of The Blog Farm informing me that my blog was unsafe to visit because it had a link to a site that has malware. After doing some checks on Google, Webmaster Tools and even on Google Safe Browsing Diagnostic Page, there was no indication any said links existed on my blog and that my site was safe.

John then provided a screenshot of the message he was receiving from Google when trying to access my blog. Here's a copy of that screenshot (Site omitted due to legal reasons. Click image to enlarge):

Initially, I was shocked because I'm very careful who I link to on my blog. Furthermore, I could not understand why Google's SERPs, Webmaster Tools and the Google Safe Browsing Diagnostic Page were not picking this up.

After further investigation, it was found that John was using Google Chrome whereas I was using Internet Explorer. It was also found that the said link was actually a comment from a reader on one of my blog posts. The link that this reader had posted was actually to a respected site. However, because it had recently been hacked and malware left on the site, that site plus my blog was now considered harmful by Google. If it wasn't for John, I wouldn't of been aware of the problem, costing me crucial visitors.

So the moral of the story is this:

If you run a blog, discussion board or any site that allows visitors to post messages and links, be warned. You may be careful in ensuring that your site is safe, but it only takes one outbound link to a site that has been compromised to cost you visitors, money and maybe your reputation.

Also, don't fully rely on Google SERPs, Webmaster Tools or Google Safe Browsing Diagnostic Page to pick anything out of the ordinary. These might indicate everything if fine but as you can see from my case, it wasn't.

My suggestion is check your outbound links often using Google Chrome to access your site on a regular basis. That way, you can be sure your site is considered safe and not being blocked by the major search engine.


If you want to stay up to date with the latest blog posts, don't forget to follow via Google Friend Connect (button on sidebar), on Facebook or subscribe to our feed at: http://feeds.feedburner.com/DereksHomeAndBusinessBlog

You can also follow me on Twitter @djones1509 and on Facebook at:
http://www.facebook.com/djones1509
http://www.facebook.com/DereksHomeandBusinessBlog

To Your Success!

Google Adds New Security Layer To SERPs

About 1.2 million sites have been compromised by hacker attacks that integrate malware into the sites source code. The strong majority of these sites were just typical spots on the web, intending to give customers some useful features or information - not steal their identity or sell their contact information.

However, security issues with coding (and more specifically with PHP and Javascript elements that are improperly structured) can let hackers tap into the site and bend it to serve their own purposes.

That's why Google has added an additional layer of security to its search engine results page. When Google finds a site that seems to be hacked, it displays the message "This site may have been compromised" below the standard link. Additionally, just in case this warning is missed, users who click directly on the link will be taken to a confirmation page from Google with a repeat warning before they're redirected.

Users who click on the warning itself will be taken to an informational page where they're told about how issues like this occur and the risks they present for visitors. These risks include the loss of private data, having login information captured by third parties, having contact information sold, or even having spyware or malware downloaded unintentionally to your computer.

Google has stated that they will try to get in touch with anyone running a site that seems to have been compromised, informing them of what's happened, how it happened, how to fix it, and how to have the warning label that essentially serves as a "keep out" sign removed.

Google may have learned some of these lessons about vulnerable code the hard way. Their own Website Optimizer Tool, a prominent part of their Webmaster utility belt, had a fracture that let previously vulnerable sites be re-accessed through Google's code.


Published by Jen Williams, guest author for Pronet Advertising

UPDATE 3/1/2011: After posting the above, Jen has published another article on the subject which may be of interest.


Site Hacking Alerts Added to Google Searches

To make your Google search results more productive for your needs, a new feature has recently been added by the search engine industry leader that promises to make users more confident while searching and visiting sites.

Google recently introduced a new feature that will alert users to potential hacking activity from their online searches. Google's goal is to help users avoid these malicious sites and any fallout that could result from visiting them. Google promises to also go as far as notifying the site's webmaster through their main account or via any email addresses available of any suspicious hacking activity.

Just how will the alert work?

According to one of the associate product managers at Google, Gideon Wald explained that there will be several automated tools that Google will have in place to detect the common signs of a site that has been hacked. The automated tools will then add a notification to the search results to warn users that the suspicion of hacker activity exists on the site. If the user chooses to proceed despite the notification, it is at their own risk.

While this new Google feature will not eliminate malware and hackers, it will give users the choices they need to make decisions that will likely affect their PC and its productivity. With this information, users will be able to enjoy their searches with slightly more confidence in the material that's given to them.

The attempt to reduce malware and spamming activity has been one that webmasters and the industry as a whole has worked to reduce for quite a while. Hackers and spammers are very clever, and new ways of launching vicious computer viruses are always surfacing. Google hopes to counteract the back end of that activity by at least notifying users that possible activity of that sort may be present on certain sites that are returned on their search engine queries.


Published by Jen Williams, guest author for Pronet Advertising