Not All Search Engine Sites Are Safe: The Fallibility Of Blacklisting

Many users count on their search engine to tell them if a website is blacklisted, meaning it's not safe to visit. However, according to the SiteLock 2019 Website Security Report, only 15 percent of websites that are infected with malware show up as blacklisted by cybersecurity software.

Attacks are becoming stealthier, making them more difficult for search engine scanners to detect and blacklist. Websites must become more proactive in monitoring for malware, rather than relying on search engines.

The report also states that only one percent of all websites are infected with malware. However, that refers to 17.6 million total infected websites.

Websites attacks increased 59 percent in 2018, yet the total number of infected sites remained constant. This suggests that cyber defenses may be improving.

SiteLock examined 6,056,969 websites for its report. Backdoors, shells, and JavaScript files are the most common types of malware infections. Kevin Townsend "Website Infections Holding Steady at 1%, But Attacks Becoming

Stealthier: Report" securityweek.com (May 13, 2019).

Commentary

Search engines "blacklist" websites in order to protect users from sites that are likely infected with malware. Blacklisting is a process whereby search engines like Google remove a suspicious website from their index. When users search for topics related to a blacklisted website, it will not show up in their results.

Rather than typing in the address of a website that you are not familiar with, search for the topic in a trusted search engine. Only visit sites that show up at the top of your search engine's results to avoid visiting a blacklisted—and potentially harmful—website.

However, as discussed above, only a small fraction of all infected websites are blacklisted. Therefore, do not assume that if a website appears on a search engine that it is malware-safe.

In addition to only visiting websites that appear at the top of search results, you must take other cyber precautions. Install high-quality cybersecurity software on all computers and devices. Make sure the software protects your devices from infected websites. Never visit a website that your software warns you may be unsafe.

Regularly scan your computers and devices for malware. Watch for signs of an infection, such as a decline in computer performance. If you suspect that your computer or device is infected, immediately disconnect it from the internet and have a cybersecurity professional check it for malware.

Finally, your opinion is important to us. Please complete the opinion survey:

News

Recycle The Trash, Not Your Passwords

Reusing the same password for multiple accounts invites cybercrime. We examine. Read More

Lessons Learned From The Equifax Data Breach

Recent large data breaches like Equifax, Capital One, and American Medical Collection Agency illustrate the risks of storing confidential and personal information. We examine. Read More

Not All Search Engine Sites Are Safe: The Fallibility Of Blacklisting

Blacklisting helps users avoid malware-infected sites, but there are flaws. We examine. Read More