Gone are the days when Google let malware sites off the hook with a stern warning and a solemn promise not to revert to their harmful ways. The search engine has instituted a new policy — effective immediately — for sites it deems to be repeat offenders of its “Malware, Unwanted Software, Phishing, and Social Engineering” policies.
Under the terms of the new policy, Google will slap warning messages alerting users that sites are malware distributors once it has determined that those sites are repeat offenders. Google’s decisions are irrevocable for 30 days, with no possibility for appeal. After the 30-day period has expired, webmasters can request that Google review the status of their sites.
Gaming the System
While the change in policy is a new wrinkle, Google’s Safe Browsing system has been in place since 2005, with webmasters receiving an automatic message once their sites have been deemed harmful. However, the e policy had previously called for the automatic launch of a verification process.
However, Google said that this process, which could also be instigated at the behest of the webmasters, had been allowing a small number of malware distributors to game the system. Malware sites were able to clean up their acts just long enough for Google to recertify them as safe, before returning once again to their criminal ways.
“As a result of this gap in user protection, we have adjusted our policies to reduce risks borne by end users,” Google said in a post on its Security Blog. “With regards to Safe Browsing-related policies, repeat offenders are Web sites that repeatedly switch between compliant and policy-violating behavior for the purpose of having a successful review and having warnings removed. ”
Adapting to the Enemy
Google was quick to point out that sites that have been hacked by third parties to distribute malware will not be subject to the policy. Only sites that purposefully distribute malicious code are being targeted.
Once the Safe Browsing system has determined that sites are repeat offenders, the webmasters will be unable to request additional reviews through their Search Consoles for 30 days, during which time warnings will continue to be displayed to visitors of the sites. Webmasters will be informed by email once their sites are classified as repeat offenders.
By automatically enforcing the repeat offender status over a longer period of time, Google expects that malicious actors will be less able to find ways around the Safe Browsing system.
“We continuously update our policies and practices to address evolving threats,” the company said on its blog. “This is yet another change to help protect users from harm online.”