Could Your Website Be Blacklisted by Google?
Even if you’ve never heard of the Google Safe Browsing service, you’ve probably used it. Chrome, Firefox and Safari all incorporate the service into their browsers. Services like Trust Inn also use it to help their users know when to avoid a particular website. Here’s how it works in a browser. When you click on a link to a site, the browser contacts Google and checks whether the website you are about to visit is in the Safe Browsing database. Websites are added to this database, or “blacklisted,” if they are considered dangerous – usually because they have been caught phishing or harboring malware. When you attempt to visit a blacklisted website, the browser first displays a scary-looking page warning you that the site you’re trying to visit may harm your computer. For site owners, the impact of being blacklisted by the Google Safe Browsing service is catastrophic. All web browsers that rely on the service will begin to show alarming dialogs to people who try to visit the website. With Chrome, Firefox and Safari boasting a combined market share of over 50%, that’s a majority of the Internet. Most small business owners don’t think website blacklisting concerns them. After all, they don’t traffic in malware or phish their users. But here’s the danger they are overlooking. Small business websites tend to be developed quickly and inexpensively. Once a website is deployed, little thought is given to its ongoing maintenance. It is treated like a sign hanging on a building or in a window. There’s no need to worry about it as long as it is still around and operating. The reality is more complicated. A website, like any computer system, is susceptible to hacking. Hackers take advantage of the business owner’s inattention, breaking into websites and infesting them with malware and phishing. If this happens to your site, it will probably be blacklisted. Because Google automates its blacklisting process, your website doesn’t have to be reported; Google will likely find it on their own while indexing your website for their search engine. So, what can a small business owner do? First, have your website built by a reputable organisation that understands safe design and deployment. Second, retain personnel or a service to manage and monitor your website with scanning tools like SiteLock. If something does go wrong, you need to find and fix the problem before Google’s next index of your site. Getting blacklisted in the Safe Browsing database costs far more than just lost site visitors. You can recover your site’s traffic fairly quickly. But even a brief brush with phishing or malware can deal your business’s reputation a blow that could take much longer to recover from. — Dave Hess is the founder of Data Bakery. He’s been designing, building, and operating reliable, secure, user-friendly services and software for 20 years. Data Bakery’s latest innovation is Trust Inn, your trusty web safety companion.
Interview: Fighting Malware with Anirban Banerjee
2012 continues to be a year of great excitement for 123-reg. We are thrilled to announce the release of Site Scanner, powered by Stop the Hacker. For those not in the know, Site Scanner is a SaaS based malware monitoring tool that scrutinises a user’s website, notifying the customer when malicious code/viruses are found via email and in the 123-reg control panel. Furthermore, the software provides the user information on where the damaging code is located (the line of code it starts and ends on) and provides steps on how to eradicate it. Protecting your online business against malicious code couldn’t be more important in 2012. This year has seen the issue of internet security rise to the front pages of the national newspapers. Whilst events such as the Linkedin security breach are unfortunate, they are helpful in educating the market. 123-reg spoke to Anirban Banerjee, Co-Founder of StopTheHacker Inc., in a bid to help inform website owners of the growing threat of malware and detail how purchasing Site Scanner can give you peace of mind. A blacklisted website can have serious implications for any online business in terms of lost revenue, potential customers and credibility. We asked Banerjee about the threats to 123-reg customers who run websites with little or no malware detection service. ‘Malicious hackers are targeting websites in order to compromise them. If your website gets compromised and is misused to distribute malware to innocent visitors, the infected website is put on a blacklist by Google and other search engines.’ The potentially spiralling affects could be disastrous for your online business as Banerjee explains. ‘If your website is blacklisted, users will be blocked from coming to your website. This could lead to a loss of revenue. Moreover, this could result in an irreparable loss to the reputation of your website and business.’ The threat of being blacklisted by Google is one that is not only very real but one that every website owner needs to protect against. Once malware infects a website, it harms both the company and its customers. Website owners typically have no idea they have been infected, and many do believe that anti-virus protection software is enough. However, it is not. ‘9,500 websites get added to the Google blacklist every single day. Given the UK market is quite big; this represents a substantial number of UK businesses. It takes 7-10 days for a blacklisted website to clean up its act, on average, this process can cost thousands of pounds in lost revenue before even considering the potential revenue lost from your brands’ reputation being tarnished.’ Prevention is better than cure, but having said that, Site Scanner also acts as a quick reaction, something users can take heart from. If malicious code is found on the user’s website at any time, they are sent an email detailing exactly where the code is, and just as importantly, how to delete it. ‘Site Scanner incorporates the best of breed technology when it comes to malware detection, Antivirus engines, signature databases and reputation monitoring. It will help 123-reg customers by providing them with peace of mind. Together, we will help fight the battle for them!’ Central to seeking a partnership, 123-reg looked-for a provider with a real passion for the online security industry. What 123-reg customers should also take from the partnership is Banerjee’s passion for helping people secure their websites as well as the quality of product that his company provides. ‘Our goal is to make website security ubiquitous. Having a secure website and not worrying about hackers installing malware on your site and getting blacklisted shouldn’t be a luxury, everyone should have access to a high quality, reliable and accurate malware detection prevention like Site Scanner.’ Releasing a product like Site Scanner highlights 123-reg’s commitment to helping its customers secure their websites. 123-reg is working with everyone involved with Site Scanner to bring website security to millions of users. Remember, you don’t have to be a high traffic website to be targeted. Even if you see yourself as a small site, you are attractive to hackers because your site will have more vulnerable openings for hackers.
Why virus risks are not to be sniffed at
While a human virus like Flu can cripple your business if it spreads through your employee base, a computer virus can literally kill your business, yet there is much more you can do to protect and in the main resist computer viruses but too many people ignore the threats. The term computer virus is actually fairly wide in definition but effectively covers programs (some large, some simple lines of code) that change how your computer works. That might mean actual damage to the components or – and a potentially greater risk for a business – making the computer do things that the owner didn’t intend. Usually a virus also has a built-in ability to self-replicate too helping it spread its destruction quicker. There are three types of virus: True Virus A true computer virus infects not the hardware of your computer but the software you already trust. That means piggy-backing itself to a host program on the machine. Once infected, each time that program runs the virus runs too . The ‘Melissa’ Word document is probably the most well-known of this type – replicating itself to the top 50 people in the unlucky recipient’s email account, with a message “Here is that document you asked for, don’t show it to anybody else”. Be aware too that you don’t need to double-click the attachment to spread the virus. In many cases just appearing in the preview window will be enough. Worm Just like the animal that gives it its name, a worm finds holes and moves into them. A worm is a stand-alone piece of software that exploits security flaws and uses them as a route to replicate itself. Worms scan computer networks and dive into the holes they identify, replicating itself on the receiving machine and then beginning the replication process again. Trojan Named after the Greek classical trojan horse, a computer trojan is a program that has similar deceptive tendencies. Claiming to do one thing but really do another. The most common trojans truly live up to their name by effectively creating a back door into a computer that can be exploited by remote user. Other trojans may cause physical damage, perhaps to a hard drive, or . Some might damage a victim’s hard drive. Pretty much all viruses have a multitude of functions. Some are even disguised as helpful programs that will do a job for you while creating back door access for hackers or spying on your PC usage and sending the information elsewhere. Usually without replicating functions, this kind of ‘malware’, has become an increasing threat, with those behind them running elaborate business schemes that uses the information gleaned or scammed from the infected end-user. Viruses are nothing new They actually pre-date the internet. The first virus was launched 30 years ago when in 1971 the ‘Creeper’ virus was launched ‘under control’ by one of the technicians working on building ARPANET, the Internet’s ancestor. Much like the modern day worm, the Creeper looked for a machine on the network, transfers to it, displays the message “I’m the creeper, catch me if you can!” and then replicated itself. A very real threat The biggest problem with computer viruses is that they don’t go away and every day new ones are added via the internet increasing the risk. Of course older viruses are usually easily detected and dealt with by modern anti-virus software but the threat is still there and those writing the virus programmes are as up to date with new technology and opportunities as anybody in the IT field. An interesting insight into the threat of security risks can be seen on Symantec’s Security Response website, where you can see what viruses are spreading quicker, etc. The last report from Symantec themselves which examined security threats in 2011 suggested that web based attacks increased by 36% in 2011 alone with over 4,500 new attacks each day. So what can you do protect your business The biggest defence you can provide is ensure that every machine attached to your network is running up to date virus protection. There are countless options out there all geared at doping the same job of protecting your systems but the key is making sure they stay up to date. Make updates automatic, but also make checking that software is up to date as part of your regular housekeeping. Include in your scheduling not only updating of your anti-virus software but also updating of all your software. Many viruses replicated due to security flaws identified in popular programs. Software manufacturers are constantly battling to cover and close all these potential holes and usually issue these as ‘patches’ or updates and you should always make sure you keep these up to date too to minimise the risk. In addition you need to be savvy in your use of your machine. Smartphones and tablets can be affected by viruses too so don’t think it is limited to your desktop machine. Malware can also infect your website, so make sure you protect that too with a system like SiteLock. Be wary of what you click on, especially what you download. Is it from a trusted source? Do you know the full implications of what this piece of software might do? If you are concerned don’t click on links and don’t download files. Know who and what you are dealing with and you are less likely to be caught out.
How to build a site that visitors trust
Every business on the Internet wants to achieve four goals: increase sales, get more revenue, increase customer loyalty and get new customers. There are many ways to achieve these goals like offering discounts, creating contests and promoting products and services on every relevant channel. Even if these techniques are good and work most of the time, there is one thing that most people ignore but that can help get more revenue: building a site that visitors trust. When a visitor believes a site it trustworthy, chances are he or she will complete the sale and not abandon their cart because they don’t feel your site is secure enough. To gain the trust of your visitors and get them to convert, you must first build a trustworthy site. A trustworthy site refers to reputation and security. Reputation A company’s reputation reassures visitors that your business is not only a popular business, but also a reputable and reliable business. If you are a reputable brand like Amazon, people expect to get their orders on time and be provided with excellent customer service when needed. However, to determine what your selling point is and what impresses your visitors, you need to get to know them first. We’re all different and we’re affected by different elements. For example, some may be impressed by a company’s number of customers, years of experience or awards. Others can be impressed by a huge number of Facebook fans or Twitter followers or flattering testimonials from former or current customers. So, get to know your customers and show them what they need to see to feel more confident when buying from your site. On a different note, one thing is for sure: if your content has grammar or spelling errors, few visitors will dare to buy from your site. So, pay closer attention to the finer points of the content on your site. If you’re just starting out, it may be a bit more difficult to get visitors to trust you but not impossible! Find your selling points and promote them heavily. Offer free trials and ask for feedback to get others to see how great your product or customer service is. Security Your visitors need a guarantee that your site is safe and secure. You may be taking all the precautions, using website protection solutions like the 123-reg Site Scanner to keep your site secure, but you visitors don’t know that unless you show it to them. Now, more than ever, people are scared to share their sensitive information online because of the recent hacks and breaches on important sites that were believed to be 100% secure. So, one thing you can do to show visitors that your site is trustworthy is to use a security seal. The security seal appears in your visitor’s browser letting him know your site is secure. We have just launched Site Scanner, a website protection solution that helps keep your site secure against hackers. This also includes a Site Seal that you can use on your site to show visitors that your site is protected by an advanced security solution from 123-reg. Find out more about the 123-reg Site Seal and our recently launched Site Scanner solution. What other things are you doing to build a trustworthy site?