Google calls for help in flagging up the bad guys

Google is hoping its users will report "bad sites" to help the company fight criminals exploiting the company's infrastructure to distribute malware.

According to the Google security blog, the search giant already knows about hundreds of thousands of "bad" websites but is hoping its users will add to the list by completing an online form to report malware-hosting sites that are not already flagged.

Security from A to Z

Click on the links below to find out more...

A is for Antivirus
B is for Botnets
C is for CMA
D is for DDoS
E is for Extradition
F is for Federated identity
G is for Google
H is for Hackers
I is for IM
J is for Jaschan (Sven)
K is for Kids
L is for Love Bug
M is for Microsoft
N is for Neologisms
O is for Orange
P is for Passwords
Q is for Questions
R is for Rootkits
S is for Spyware
T is for Two-factor authentication
U is for USB sticks/devices
V is for Virus variants
W is for Wi-fi
X is for OS X
Y is for You
Z is for Zero-day

Security company Sunbelt said in a blog how the fight is important to Google because sites containing malware endanger the search giant's reputation by exploiting and infecting its users.

Last year, Google started flagging sites listed in its search results which contain malware. When a "bad" site is selected, instead of being sent to the site, the user is shown a message saying "Warning - the site you are about to visit may harm your computer". Users then have the option to continue or return to the search page.

According to StopBadware.org, which is working together with Google in its fight against malware-carrying websites, Google "independently checks the web for badware and badware-linking code using its own test procedures".

This is nothing new for security company McAfee, which already trawls the web for sites hosting malware and has members of the public reporting malware sites to McAfee SiteAdvisor.

Google's flagging of "bad sites" is not nearly as comprehensive as SiteAdvisor, according to a McAfee spokesperson.

SiteAdvisor sits in the browser and ranks all sites as red, yellow or green. These are ranked via information concerning whether the site hosts malware, if it is a spamming site - where entering your email address could result in thousands of spam emails, if the site is linked to sites hosting malware, or if it is a scamming site - where some form of money scam is conducted.

In addition, if a user enters the URL of a rated website at www.siteadvisor.com, detailed information on the tests run and reasons for ranking the site are displayed. This helps decide if a user can still make use of the site while avoiding its bad elements.

According to McAfee, SiteAdvisor downloads are "running into the tens of millions".

Suzanne Tindal writes for ZDNet Australia