Invasões e hackers são a regra no mundo web. O que melhor protege seu site contra essa praga é o que chamamos de “efeito cardume”, a proteção dos números: são tantos milhões de websites na web que os hackers não conseguem, e nem têm uso pratico, para infectar todo mundo.
Óbvio, a escolha cuidadosa de um bom provedor de hospedagem, que utilize equipamentos de ponta e mantenha seus softwares originais (acredite, tem alguns que não), sempre atualizados, e disponha de ferramentas de manutenção e proteção é primordial.
Uma coisa tem se mostrado principal: mantenha seu website cuidado. Sites parados, esquecidos, são sempre presa fácil. Evite que seu cliente entre em seu site e veja a tela acima. Ou pior, que ele seja induzido a ser fraudado, confiando na sua reputação, ou ainda tenha seus dados pessoais roubados.
Nos mesmos moldes que o Google, o Bing anunciou que a partir de agora também passa a mostrar que aquele site está infectado e inseguro, ao mesmo tempo em que avisa ao webmaster responsável sobre o ocorrido.
Aplaudimos esta iniciativa!
Malware can be a confusing term. A survey of what is “malware” leads to a slew of incoherent answers. Microsoft uses malware as an umbrella term for threats listed in the following glossary, which, of course, Bing also uses.
Bing has been warning users about malware for a long time. Additionally, webmasters receive notifications when a threat is detected on their site. Previously, a generic warning was used to cover all of the different malware threat types.
By refining the generic malware warning, Bing now gives more details about the type of threat the user is facing. Furthermore, this improvement enables webmasters to clean their site quicker by having stronger insights into why their site was flagged.
Phishing site warnings
The trick to fishing is making the fly float through the air as if it were alive. Done right and the hungry trout eyeballing the fly is convinced to take the bait. It is not a coincidence that criminal activity shares a similar name: phishing. The bait are fake websites designed to look and feel like the legitimate ones. These sites catch people by taking advantage of a user’s trust in entering information such as passwords, usernames, and credit cards.
Bing has refined the generic warning to specifically call out this threat. When users click a URL suspected of phishing, a warning will appear. This looks similar to the generic warning except it now warns that the site might steal personal information.
Webmasters still get notified through the dashboard, and they can then ask for a review after performing the cleanup.
Sites that link to malware
Sites might not always be malicious; however, they might link to malicious binaries. While safe to load into the browser, there is a hidden bomb waiting to be clicked. In contrast, some hacked pages cause infections just by visiting them. The generic warning is now refined to specifically call out pages (likely) safe to visit as long as links are not clicked.
This refined warning has a similar look and feel to the generic warning – the biggest change has been to the webmaster dashboard page.
The webmaster dashboard shows which binaries are causing the warning. As such, removing the harmful links leads to the warning being removed.
Clicking (View), under Additional Details, displays the path to the malicious binaries.
Sites with warnings are not always bad actors
We understand that sites with warnings are not always bad actors. Websites are vulnerable to being hacked, and webmasters are vulnerable to being tricked, just like any other customer. By refining our generic malware warning, our hope is that users are more informed and webmasters are able to clean their sites more efficiently.
Bing Program Manager