Establishing Digital Trust: Don't Sacrifice Security for Convenience
In a recent blog post, Google software engineer Niels Provos reported that the company uncovers approximately 9,500 new malicious sites every day. "These are either innocent websites that have been compromised by malware authors, or others that are built specifically for malware distribution or phishing," Provos writes. "While we flag many sites daily, we strive for high quality and have had only a handful of false positives."
"One thing that's left unsaid in the Google report is how many of the compromised sites are re-infected once they're flagged by Google or another company and cleaned up," notes Threatpost's Dennis Fisher. "In some cases, sites are infected several times if the underlying vulnerability that's leading to the compromise isn't addressed."
"With Google bots scanning huge swaths of the Internet, the company is almost uniquely qualified to know which ones are being used to steal passwords or spread malware that gives attackers remote control of people's computers. ... According to Provos, about 600 million people tap in to that awareness through programming interfaces built in to the Google Chrome, Mozilla Firefox, and Apple Safari browsers," writes Ars Technica's Dan Goodin. "Some 12 million to 14 million end users also receive warnings when Google search results lead to a site the company believes is malicious."
"Website owners, meanwhile, should register with Google Webmaster Tools, the company says," writes ITworld's Katherine Noyes. "'Doing so helps us inform you quickly if we find suspicious code on your website at any point,' Provos explained."