BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Avoiding Google's Dreaded 'Blacklist'

From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Tue, 5 Nov 2013 22:02:20 -0700
http://www.atlantadailyworld.com/2013110410075/Business/avoiding-google-s-dreaded-blacklist

Small businesses are reeling from an increase in cybercrime, but a hacked
website can have even greater consequences if Google lists you as
"infected."

The search giant is constantly scanning the web's 60 trillion URLs for
malware and phishing scams. If it deems a site suspicious, businesses can
say goodbye to their customers until the problem is resolved.

"If Google blacklists an infected website, you're basically off the
Internet until the website is fixed," said Peter Jensen, CEO of
StopTheHacker.com.

Google estimates that it flags and quarantines 10,000 websites daily (it
doesn't use the term "blacklist"). It not only scans Google's search
results and ads, but also flags suspicious URLs typed into browsers. The
search engine Bing, run by Microsoft, treats infected sites in a similar
fashion.

Being blacklisted can quickly decimate a small firm's reputation and sales.

"Businesses say they're not at fault and shouldn't be penalized. Google
[says] it wants to keep the Internet safe for its users," said Jensen,
whose firm is contacted 20 or 30 times a day by businesses that have been
blacklisted.

Google spokesman Jason Freidenfeld emphasized that point. "About 1 billion
people receive protection against phishing and malware every day because of
the warnings we show users about unsafe websites," he said.

Margo Schlossberg owns an online handbag business in Washington D.C. that
was hacked in September. A Google search for her website still says, "This
site may be hacked."

The impact: Traffic to her site dropped 50% in the past month and her sales
have been minimal.

"It's the worst time to go through this," said Schlossberg. "The holiday
season is very important for my sales, but now I've been blacklisted by
Google."

Schlossberg hired an expert to fix her site, which cost $1,000 (although it
can cost as much as $10,000 depending on the extent of the damage).

Hackers had attacked several pages, and it's taken a few weeks to clean up
her website. She's finally ready to resubmit her site to Google.

StopTheHacker says the process to clean up infected sites typically
involves several steps: Identify the malware and how to remove it,
determine where the attack originated, change passwords and relaunch the
website once it's clean.

Google says it takes about a day to restore websites once it confirms
they're clean. But sometimes a company can think its site is clean, but
Google's review will find otherwise. This can draw out the process.

Eric Erickson's company sells eco-friendly pest control products online.
When his site was attacked in 2009, it effectively paralyzed his business.
He said it took 60 days to get back on track and cost several thousand
dollars in lost sales.

His site was attacked again in March, but this time he was prepared. "We
caught it early because we had enhanced our security," he said. The website
stayed off the blacklist.

Web hosting provider DreamHost regularly checks the sites of its 350,000
customers -- 40% of whom are small businesses -- for malware and other
security threats. In September, DreamHost identified almost 100,000
infected websites in its network of 1.3 million sites. If customers aren't
able to fix the problems themselves, co-founder Dallas Kashuba recommends
StopTheHacker to help clean up the site.

Lynda Zugec's HR consultancy site was flagged and quarantined by Google
earlier this year. Hackers had obtained her hosting password and inserted
malware into her website.

It took her nearly two weeks to get back online. Even more than an economic
impact, Zugec worries the experience could have hurt her reputation with
clients.

But even with the financial and logistical hardships, most say Google's
hardline is necessary.

"Google has its neck on the line, too," Erickson said. "When people click
on your website, Google doesn't want to worry that something malicious will
happen to its users."

His advice: "Don't go cheap with your security. You have to invest in it."

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

# OWASP http://www.appsecusa.org
# Builders, Breakers and Defenders
# Time Square, NYC 20-21 Nov
o()xxxx[{::::::::::::::::::::::::::::::::::::::::>

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security offers security intelligence, risk management services and customized security solutions. The 
YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk 
mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.
Previous By Date Next
Previous By Thread Next

Current thread: