Google has been warning Web surfers about sites that appear to be hosting malware in search results for years. Now, the company is adding a warning in search results when the site appears to be compromised but may not be actually downloading malware to visitors’ computers.
Starting today, Google search users should start seeing a new hyperlink warning that says “This site may be compromised,” adjacent to some results if Google’s system has detected something on the site that would indicate that it has been hacked or otherwise compromised. Clicking on the warning link leads to a Help Center article with more information.
“If a site has been hacked, it typically means that a third party has taken control of the site without the owner’s permission,” the article says. “Hackers may change the content of a page, add new links on a page, or add new pages to the site. The intent can include phishing (tricking users into sharing personal and credit card information) or spamming (violating search engine quality guidelines to rank pages more highly than they should rank).” Web surfers can also just click on the result to go directly to the site.
Google first started putting warnings next to results in late 2006, but focused on sites that were hosting or actively serving malware. Those warnings say “This site may harm your computer,” and clicking on the result itself takes you to another page that provides more information.
The new warning is designed to focus on Web sites that may not be actively infecting computers, but that may be compromised and conducting other types of attacks, such as spam or phishing.
Along with warning Web searchers, Google tries to notify Web masters when they detect that their site may be compromised via messages in the Google Webmaster tools console, Google said.
“Of course, we also understand that Webmasters may be concerned that these notices are impacting their traffic from search,” Google says in a post on the Webmaster Central blog today. “Rest assured, once the problem has been fixed, the warning label will be automatically removed from our search results, usually in a matter of days. You can also request a review of your site to accelerate removal of the notice.”
Originally posted at InSecurity Complex