Sites Hosting Malware Get 30 Day Google Ban

John Lister's picture

Google is to take harsher actions against sites that it determines house malware or attempt to steal user data. Repeat offenders will effectively be hidden from view from many users for 30 days.

The changes are to Google's Safe Browsing feature, which vets sites for malicious content. The feature is built into the Chrome browser and made available for other online tools. It's also built-in to all the links from Google search results, regardless of the user's browser.

When Google detects a site is potentially harmful, it won't take users directly to the page when they click on a link. Instead they'll see a warning page detailing the problem. While it is possible to advance anyway, the user has to make a couple of extra clicks and explicitly acknowledge the risks. As a result, pages hit by the label are likely to suffer a big drop in traffic.

Site Owners Try to Game System

At the moment, when a site is labeled as harmful, the label will stay in place until Google verifies the issue has been corrected, either through an automatically scheduled check or by a check in response to a report from the site owner.

Google says this doesn't always work as well as possible because some site owners will "fix" the problem just long enough to get the label removed, then go straight back to housing malware or trying to scam users into handing over personal data.

30 Day Time Out For 'Repeat Offenders'

From now on, Google will record such a pattern of behavior and classify such sites as repeat offenders. In these cases, the site will remain blocked for 30 days before the owner can ask for a review. (Source: googleblog.com)

According to Google, this won't happen to sites that have been hacked by third parties. Instead, it will only label a site as a repeat offender where it determines the legitimate owners are deliberately trying to harm users. (Source: pcworld.com)

What's Your Opinion?

Have you noticed the Safe Browsing warnings and do you ever proceed to the site anyway? Do you approve of Google's new policy targeting repeat offenders? Should it allow reviews within the 30 days if the owner can show Google has made a mistake in labeling the site?

Rate this article: 
Average: 5 (5 votes)

Comments

Dennis Faas's picture

I think they should tweak this algorithm so that repeat offenders get 30 days, and then if they repeat again, 60 days, then 90 days. If you block them long enough they won't receive any traffic at all and will eventually die off. Sites that spew malware don't belong on the Internet, period.

gar.suitor_4798's picture

I think it should be two strikes and you're out - Unless the website in question can demonstrate that they were truly hacked. Repeat offenders are sleaze, and should be dealt with as such.

matt_2058's picture

Finally. Google is doing what it can to help. Next in line should be the ISPs. They are truly the first path into the system. Some ISPs still have a policy to handle complaints about bulk spam emailers, so why not add malware, spyware, and other intrusion peddlers to the policy?

dan400man's picture

Don't know that ISPs can really do anything, and not really sure I would want them to. I think the solution you are looking for is a DNS provider. I've been using OpenDNS, which can warn you about these kind of sites. I don't know how it compares to Google's filters.

Now that I think about it, Google offers a public DNS. I just found https://developers.google.com/speed/public-dns/docs/intro, and it explicitly says that "Google Public DNS is not a malware-blocking service." However, this page was last updated on 6/23/2016, so I wonder if this is still a work in progress.

matt_2058's picture

Maybe I'm using the wrong terminology. What I mean is the company that provides the internet connection for the offender. If I were running a site from my home server and spewing this crap, I'm sure Comcast would terminate my connection once they receive complaints. It wouldn't be long before I ran out of providers, as many towns only have 2 or 3 paths....telephone, cable, and independent. At least in the US.

And if they use a hosting service, then that too. Couldn't a hosting service run checks on its system to detect those things? Shoot, Google is doing it, so why can't the hosting company?

Navy vet's picture

Ban them permanently. They will never learn.