Stay organized with collections
Save and categorize content based on your preferences.
Monday, February 26, 2007
In the fight against badware, protecting Google users by showing warnings before they visit
dangerous sites is only a small piece of the puzzle. It's even more important to help site owners
protect their own users, and we've been working on this with
StopBadware.org.
A few months ago we took the first step and integrated malware notifications into
Webmaster Tools. I'm pleased to
announce that we are now including more detailed information in these notifications, and are also
sending them to site owners via email.
Webmaster Tools notifications
Now instead of simply informing site owners that their sites have been flagged and suggesting
next steps, we're also showing example URLs that we've determined to be dangerous. This can be
helpful when the malicious content is hard to find. For example, a common occurrence with
compromised sites is the insertion of a 1-pixel iframe causing the automatic download of badware
from another site. By providing example URLs, site owners are one step closer to diagnosing the
problem and ultimately re-securing their sites.
Email notifications
In addition to notifying Webmaster Tools users, we've also begun sending email notifications
to some of the owners of sites that we flag for badware. We don't have a perfect process for
determining a site owner's email address, so for now we're sending the notifications to likely
site owner aliases for the domain in question (for example, webmaster@, admin@, etc). We
considered using whois records, but these often contain contact information for the hosting
provider or registrar, and you can guess what might happen if a web host learned that one of its
client sites was distributing badware. We're planning to allow site owners to provide a preferred
email address for notifications through Webmaster Tools, so look for this change in the future.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],[],[[["\u003cp\u003eGoogle is working with StopBadware.org to protect users and help site owners combat badware.\u003c/p\u003e\n"],["\u003cp\u003eGoogle is providing more detailed malware notifications including example URLs in Webmaster Tools to help site owners identify and fix issues.\u003c/p\u003e\n"],["\u003cp\u003eGoogle is emailing site owners with malware notifications, starting with likely aliases, to broaden awareness and encourage remediation.\u003c/p\u003e\n"],["\u003cp\u003eSite owners can expect future updates to Webmaster Tools that allow specifying a preferred email address for these notifications.\u003c/p\u003e\n"]]],["Google expanded its efforts to combat badware by enhancing notifications for site owners. Through Webmaster Tools, they now provide example URLs of dangerous content found on flagged sites, helping owners identify and fix issues. Additionally, email notifications are being sent to likely site owner aliases (e.g., webmaster@) with plans to allow owners to specify their preferred contact email in Webmaster Tools. The focus is to assist owners in securing their sites and protecting their users from badware.\n"],null,["# Better badware notifications for site owners\n\nMonday, February 26, 2007\n| It's been a while since we published this blog post. Some of the information may be outdated (for example, some images may be missing, and some links may not work anymore). Read our [up-to-date documentation about malware](/search/docs/monitor-debug/security/malware).\n\n\nIn the fight against badware, protecting Google users by showing warnings before they visit\ndangerous sites is only a small piece of the puzzle. It's even more important to help site owners\nprotect their own users, and we've been working on this with\n[StopBadware.org](https://www.stopbadware.org/).\nA few months ago we took the first step and integrated malware notifications into\n[Webmaster Tools](/search/blog/2006/11/badware-alerts-for-your-sites). I'm pleased to\nannounce that we are now including more detailed information in these notifications, and are also\nsending them to site owners via email.\n\nWebmaster Tools notifications\n-----------------------------\n\n\nNow instead of simply informing site owners that their sites have been flagged and suggesting\nnext steps, we're also showing example URLs that we've determined to be dangerous. This can be\nhelpful when the malicious content is hard to find. For example, a common occurrence with\ncompromised sites is the insertion of a 1-pixel iframe causing the automatic download of badware\nfrom another site. By providing example URLs, site owners are one step closer to diagnosing the\nproblem and ultimately re-securing their sites.\n\nEmail notifications\n-------------------\n\n\nIn addition to notifying Webmaster Tools users, we've also begun sending email notifications\nto some of the owners of sites that we flag for badware. We don't have a perfect process for\ndetermining a site owner's email address, so for now we're sending the notifications to likely\nsite owner aliases for the domain in question (for example, webmaster@, admin@, etc). We\nconsidered using whois records, but these often contain contact information for the hosting\nprovider or registrar, and you can guess what might happen if a web host learned that one of its\nclient sites was distributing badware. We're planning to allow site owners to provide a preferred\nemail address for notifications through Webmaster Tools, so look for this change in the future.\n| **Update** : More information is available in our [Help Center article on malware and hacked sites](/search/docs/monitor-debug/security/malware)."]]
