Search Engines Fail To Catch Malware On Infected Sites

Search Engines Fail To Catch Malware On Infected Sites

by  @lauriesullivan, June 12, 2020

Search Engines Fail To Catch Malware On Infected Sites | DeviceDaily.com

An increasing online presence by businesses is driving up the number of cyber attacks worldwide.

Website attacks rose 52% so far in 2020, accounting for about 94 attacks daily and 15 attacks per minute. WordPress sites are three times more vulnerable and are more likely to have malware than non-content management systems, according to the data.

SiteLock estimates 12.8 million sites are infected with malware worldwide. About two-thirds of consumers won’t return to a website that has been compromised, exposing their information to cyber criminals, said Neill Feather, Chief Innovation Officer-cofounder at SiteLock, which spiders and scans websites, mostly small business sites, to determine if and when they are compromised.

“Many of these companies rely on results from search engines to tell them,” he said, referencing internal data that suggests about 2,608 weekly bot visits per website. 

Small business owners should not solely rely on search engines to identify malware on their websites.

Google and Bing bots crawling the web don’t scan as frequently as they should. They are mainly concerned with flagging new content and ranking, Feather said.

For every five plugins someone adds to their website, it nearly doubles the risk of getting compromised. As a best practice, users should remove any plugins they no longer use. Some 88% of websites infected with malware were not blacklisted by search engines.

SiteLock’s analysis of 7 million websites suggests security threats are the most prevalent types of attacks facing website owners this year.

Understanding how attacks surface helps website owners make educated and proactive decisions about cybersecurity strategy. It also helps prevent security breaches that could impact the company’s reputation and revenue, along with customer data.

Top threats include backdoor at 65%, file hacker at 48%, malicious eval requests at 22% and shell script at 22%.

SEO spam is on the list of the top nine types of malware, but at 5%, it is one of the least in terms of cyber threat.

MediaPost.com: Search & Performance Marketing Daily

(20)