What would being blacklisted by Google mean for your business?
Have you ever searched Google, clicked on a relevant result, only for the search engine to tell you that the page you want to visit might be hacked? If so, you’re not alone. Google estimates that ten of millions of people are prevented from visiting an unsafe website every week, and it finds thousands of new unsafe websites every day. Of course, it feels good to know that Google is doing everything it can to stop you visiting hacked websites. But what if it’s your business website that Google is preventing people from visiting? There’ll be a fall in website visitors, which is likely to lead to a fall in sales. If your business relies on search engine traffic, then having it suddenly cut off can put a real dent in your revenue. You also have to remember that people who can navigate to your site, eg by typing the address in to their web browser, may be at risk of being infected by whatever malware has led to the site being blacklisted by Google. How and why does Google blacklist sites? Google is constantly scanning the web. It does this so it’s able to provide accurate, useful search engine results to its users. Basically, Google can understand what a website is about, and so match it to relevant search terms when people enter them. If Google considers a site to be authoritative enough, then that site is likely to rank highly for a selection of key terms. The idea is that people are able to enter a search term and quickly and easily find what they’re looking for. If that happens, it makes Google look good, and people are more likely to use Google again in the future. But how would someone feel if they were to search on Google, click the top result and then have their PC infected with a virus? Clearly that makes the site in question look bad, but it also makes Google look bad. After all – Google has indicated that site has authority by including it at the top of its search results. So because of this, Google also scans the web for sites that have been compromised. It uses this information to blacklist infected sites, and prevents people from accessing them via its search results. This helps prevent people getting viruses after clicking a Google result, and as such it helps protect Google’s reputation. So should I be worried? It always pays to be on your guard. Research shows that 86% of websites have at least one serious vulnerability that could be exploited by hackers. If you do have a vulnerability and it is exploited, then you are going to end up on Google’s blacklist and that is likely to have a negative impact on your business. The key here is to take preventative action to make sure there aren’t vulnerabilities to exploit on your site. Unfortunately, it’s unlikely you’ll be able to tell if your site is at risk just by looking at it. That’s why 123 Reg recommends using a tool such as SiteLock to scan your site for malware. Malware scanning starts from just £0.99 a month, but if you really want to make sure your site is safe, you can get top level protection, which blocks automated attacks against your site, and will automatically remove any malware that you’ve already been infected with. Prevention is vital because once your site is blacklisted, the damage is already done. And getting removed from Google’s blacklist can involve a lot of time consuming work and can require technical knowledge. You can read Google’s guide to having your site removed from the blacklist here. Help, I’ve already been blacklisted by Google! If you’ve already been backlisted by Google, then the key is damage limitation. You have two twin priorities – removing the malware from your website, and removing vulnerabilities from your site to make sure it doesn’t get infected again. For this, 123 Reg recommends using SiteLock. Automated malware removal starts from just £4.99 a month. You’ll also need to make sure you’re signed up for Google Search Console (formerly Google Webmaster Tools). This is because you’ll submit your request for Google to review your site via Search Console. If you need to, you can check out our guide to getting started with Search Console here. You can view Google’s full blacklist review request process here. You can also view their full guide to cleaning up a hacked site here. Prevention really is the best course of action here, but if your website is infected then the speed with which you are able to clean it and protect it from future attacks is crucial. Any questions? Let us know via Facebook or Twitter and we’ll be happy to help.
Could Your Website Be Blacklisted by Google?
Even if you’ve never heard of the Google Safe Browsing service, you’ve probably used it. Chrome, Firefox and Safari all incorporate the service into their browsers. Services like Trust Inn also use it to help their users know when to avoid a particular website. Here’s how it works in a browser. When you click on a link to a site, the browser contacts Google and checks whether the website you are about to visit is in the Safe Browsing database. Websites are added to this database, or “blacklisted,” if they are considered dangerous – usually because they have been caught phishing or harboring malware. When you attempt to visit a blacklisted website, the browser first displays a scary-looking page warning you that the site you’re trying to visit may harm your computer. For site owners, the impact of being blacklisted by the Google Safe Browsing service is catastrophic. All web browsers that rely on the service will begin to show alarming dialogs to people who try to visit the website. With Chrome, Firefox and Safari boasting a combined market share of over 50%, that’s a majority of the Internet. Most small business owners don’t think website blacklisting concerns them. After all, they don’t traffic in malware or phish their users. But here’s the danger they are overlooking. Small business websites tend to be developed quickly and inexpensively. Once a website is deployed, little thought is given to its ongoing maintenance. It is treated like a sign hanging on a building or in a window. There’s no need to worry about it as long as it is still around and operating. The reality is more complicated. A website, like any computer system, is susceptible to hacking. Hackers take advantage of the business owner’s inattention, breaking into websites and infesting them with malware and phishing. If this happens to your site, it will probably be blacklisted. Because Google automates its blacklisting process, your website doesn’t have to be reported; Google will likely find it on their own while indexing your website for their search engine. So, what can a small business owner do? First, have your website built by a reputable organisation that understands safe design and deployment. Second, retain personnel or a service to manage and monitor your website with scanning tools like SiteLock. If something does go wrong, you need to find and fix the problem before Google’s next index of your site. Getting blacklisted in the Safe Browsing database costs far more than just lost site visitors. You can recover your site’s traffic fairly quickly. But even a brief brush with phishing or malware can deal your business’s reputation a blow that could take much longer to recover from. — Dave Hess is the founder of Data Bakery. He’s been designing, building, and operating reliable, secure, user-friendly services and software for 20 years. Data Bakery’s latest innovation is Trust Inn, your trusty web safety companion.
Interview: Fighting Malware with Anirban Banerjee
2012 continues to be a year of great excitement for 123-reg. We are thrilled to announce the release of Site Scanner, powered by Stop the Hacker. For those not in the know, Site Scanner is a SaaS based malware monitoring tool that scrutinises a user’s website, notifying the customer when malicious code/viruses are found via email and in the 123-reg control panel. Furthermore, the software provides the user information on where the damaging code is located (the line of code it starts and ends on) and provides steps on how to eradicate it. Protecting your online business against malicious code couldn’t be more important in 2012. This year has seen the issue of internet security rise to the front pages of the national newspapers. Whilst events such as the Linkedin security breach are unfortunate, they are helpful in educating the market. 123-reg spoke to Anirban Banerjee, Co-Founder of StopTheHacker Inc., in a bid to help inform website owners of the growing threat of malware and detail how purchasing Site Scanner can give you peace of mind. A blacklisted website can have serious implications for any online business in terms of lost revenue, potential customers and credibility. We asked Banerjee about the threats to 123-reg customers who run websites with little or no malware detection service. ‘Malicious hackers are targeting websites in order to compromise them. If your website gets compromised and is misused to distribute malware to innocent visitors, the infected website is put on a blacklist by Google and other search engines.’ The potentially spiralling affects could be disastrous for your online business as Banerjee explains. ‘If your website is blacklisted, users will be blocked from coming to your website. This could lead to a loss of revenue. Moreover, this could result in an irreparable loss to the reputation of your website and business.’ The threat of being blacklisted by Google is one that is not only very real but one that every website owner needs to protect against. Once malware infects a website, it harms both the company and its customers. Website owners typically have no idea they have been infected, and many do believe that anti-virus protection software is enough. However, it is not. ‘9,500 websites get added to the Google blacklist every single day. Given the UK market is quite big; this represents a substantial number of UK businesses. It takes 7-10 days for a blacklisted website to clean up its act, on average, this process can cost thousands of pounds in lost revenue before even considering the potential revenue lost from your brands’ reputation being tarnished.’ Prevention is better than cure, but having said that, Site Scanner also acts as a quick reaction, something users can take heart from. If malicious code is found on the user’s website at any time, they are sent an email detailing exactly where the code is, and just as importantly, how to delete it. ‘Site Scanner incorporates the best of breed technology when it comes to malware detection, Antivirus engines, signature databases and reputation monitoring. It will help 123-reg customers by providing them with peace of mind. Together, we will help fight the battle for them!’ Central to seeking a partnership, 123-reg looked-for a provider with a real passion for the online security industry. What 123-reg customers should also take from the partnership is Banerjee’s passion for helping people secure their websites as well as the quality of product that his company provides. ‘Our goal is to make website security ubiquitous. Having a secure website and not worrying about hackers installing malware on your site and getting blacklisted shouldn’t be a luxury, everyone should have access to a high quality, reliable and accurate malware detection prevention like Site Scanner.’ Releasing a product like Site Scanner highlights 123-reg’s commitment to helping its customers secure their websites. 123-reg is working with everyone involved with Site Scanner to bring website security to millions of users. Remember, you don’t have to be a high traffic website to be targeted. Even if you see yourself as a small site, you are attractive to hackers because your site will have more vulnerable openings for hackers.