Google Malware Warnings are Bad for Business

Print Friendly, PDF & Email

In fact, it’s probably fairer to say that having your site pulled from Google’s index because of Malware is not just bad for you, it’s bad for everyone. Malware is software that has been installed in your website code that is intended to infringe people’s privacy, commit identity theft/fraud or to infect their computer with a virus or trojan. Hackers spend every waking hour working on ways to sneak their software into your website, and if google finds out, this is what you can expect (click on the image to see the next page that Google will give you):

So, if you have a website for your business, and you care about whether that website is going to be available in the next 24hrs, you really must read on!

Google – do no harm!

Google’s business ethos of “Do No Harm” has led to a pro-active approach to reducing the amount of Malware on the internet. While you may spend vast amounts of time and money on building more content, search engine optimisation, and getting backlinks to improve your website’s ranking, Google has quietly been keeping tabs on your website code to ensure that you aren’t harbouring anything nasty.

“Oh, that’s very nice of them”, you might say… Well, yes, and no.

Yes, because Google are looking out for their users, and are taking steps to prevent sending people to websites that are riddled with malware, either intentionally (because the website owner is corrupt) or unintentionally (where an honest Joe, like yourself, has had his website hacked and infected with malware.)

No, because if Google finds the slightest sniff of malware on your website, then you will be banned from receiving any visitors via the largest, most influential internet service in the world.

So, how bad is that?


courtesy sitesecuritymonitor.com

Are you kidding? For a company that relies on their website in any way, to be ex-communicated from the google index is like having your phone lines cut. It’s not being melodramatic to say the results could be economically fatal.

Google is arguably THE primary mechanism by which anyone online searches, purchases or otherwise conducts business nowadays. Getting hit with a Google malware ban or phishing warning is not an option a small/medium business customer should want to contemplate.

I could try and explain Google’s algorithms (and probably fail), or the joy of begging Google to be allowed back into their good books, but if you ever laughed at the film “Meet the Fockers” – you certainly don’t want to be on the outside of the Google “circle of trust”. Perhaps the picture opposite explains it more clearly.

Even worse, even if your customers try to access your website directly, they are likely to be met with a warning like this from their web browser (example shown is from Safari). So even without the Google factor, people are going to be put off opening your website. This is very bad indeed.

Not only is the immediate effect devastating, but your site will quickly find it’s way onto all sorts of dark lists, meaning that users of desktop based anti-virus/malware/security protection software will also start to view your website in a dim light.

A recent tale of sorrow

This whole article was prompted by a circular, sent from sitesecuritymonitor.com, highlighting this issue – within days of receiving this email we received a phone call from a new client – who was in deep trouble with Malware.

Her website had been infected with a common internet worm, and Google had banned it. In fact the site is still banned, even though we removed the infection 2 days ago, but I digress.

Her IT support company had no idea how to “clean” the website. The original web developer was no longer in business (no surprises there, then), and her existing web hosting company, when contacted, offered no support whatsoever, other than to suspend the account immediately – not only leaving her without google support, but without any website at all!

The owner was on the verge of tears – and understandably so.

We moved her site and services to our servers, and removed the infection. We are now just waiting for Google to let her back in. We haven’t yet identified how it happened, but as we run a very secure environment, protected by an application firewall, we hope to pin point the next attack through watching our security logs.

How can I avoid the google nightmare?

Two words – Prevention and detection.

Prevention

Preventing malware from getting into your website in the first place should be of paramount concern. The old maxims involving stable doors and horses bolting should still be heeded. To minimise the risks of your website becoming infected you should:

  1. Ask your web developer to update your website with any security patches at least yearly, but preferably monthly! It may be cheaper to obtain an annual agreement for this work.
  2. Host your website on a server with a good security policy – preferably with some kind of application firewall (like our sister company, ziphost.co.uk !)

Detection

If you can detect malware on your website quicker than Google, then you have a real chance of removing it before Google sees it. Even if this means taking your website down for a short time while you deal with it, at least that’s better than being banned altogether!

  1. We can carry out manual security sweeps of your website using our server based anti-virus and malware detection suite. This is a one time instruction and can normally be done on the same day. We will email you a report, detailing any corrective action required. Contact us for more information.
  2. You can employ a service, such as sitesecuritymonitor.com to check your website daily for threats. You also get to display a site seal, showing that you take security seriously.

Can you afford not to?

We’re not talking about the brand of paper clips you buy – your website may be the foundation of your business!

It’s staggering, but many people who are earning £50k+ a year from their website spend little more than a few pounds a month on the hosting services and security of their site (I’m not even going to get into the argument about keeping regular backups!)

So, if you think you are clever by hosting your site for £3 a month on a bulk server (that is probably shared with thousands of other users), you don’t know your web developers first name, and the only way to get through to your 1st line support desk is via a premium rate number, or an online ticket system, then you, my friend, are sailing very, very close to the wind!

For further information on how we can help you run a more secure website, give us a call or contact Sant Media today!

Tags: , ,

No comments yet.

Leave a Reply

Bot test * Time limit is exhausted. Please reload the CAPTCHA.