Last month Google announced the launch of a new feature added to the Google Webmaster Tools. This feature provides Webmasters with assistance in identifying Malicious code on their sites that have been detected by Google’s automated scanners while crawling their site.
According to a new post by Google on Tuesday, Google has further enhanced the service through upgrades in the backend which will allow them to provide Webmasters with even more data, both earlier and more accurately.
The program overall is an attempt by Google to keep the Internet clean and users safe. I appreciate the R&D and engineering investment Google is making to combat malware. After all, they are crawling the Internet anyway, so why not put in some additional intelligence to analyze and report on Malware-infected sites they find!
One further step Google takes on its War on Cyber Terror is to provide their Malware scanning data to multiple browser companies (Firefox, Safari and… not, not IE) so end users will be alerted by their browser when they visit a site which Google has flagged as dangerous.
For example, recently I visited www.mastersswimming.com, and before the site even opened I was presented with the below screen by Firefox:
Good news for an end user, awful news if you’re a Webmaster!
Call to action
If you’re a groovyReader who doesn’t run a blog/website, think of this as a good education. You now know what’s going on the next time you get the scary page above “Reported Attack Site.” If however, you run a blog, I highly recommend the following:
1 – Register your site with Google Webmaster Tools and confirm your site is clean by reviewing the Labs/Malware Details tab. If it’s clean, keep a close eye on it.
2 – Take a look at your site and network using the Google Safe Browsing Diagnostics Tools. Here’s an example of what an infected site/network looks like through the tool with the tool: http://www.google.com/safebrowsing/diagnostic?site=mastersswimming.com/&hl=en
Not only can these tools help you detect when you are infected by something nasty, but by keeping a close eye on them, you can also find out quickly if your site has been flagged possibly in error. Just imagine the negative impact you might experience if your users were greeted by the dreadful screenshot above instead of your homepage! Just ask Dropbox. I’m sure they can tell you how it felt. 🙂
IMPORTANT: Dropbox has not been hacked or exploited; working with Google urgently to resolve false browser warnings.
— Dropbox (@Dropbox) November 11, 2009