How to report malicious URLs
One of the topics I frequently get asked about by customers when they visit SophosLabs, is what do we do about the hoards of legitimate web sites that we see getting hit with malware? How do we go about alerting them to the problem? How can we help to get things cleaned up quickly thereby reducing risk for users?
Sophos customers can take advantage of our WebAlert service, but this is not relevant to non-customers.
Web security is a topic that affects us all. The web has become the predominant way in which malware is delivered nowadays. Thanks to techniques such as black hat search engine optimisation (SEO) or drive-by download attacks, failings in the security of a single site or hosting provider can expose many innocent users to malware. Improving the process by which the bad stuff gets reported and cleaned up is in all of our interests.
I am pleased to have been involved in a great initiative over the last few months, coordinated by the folks at StopBadware. They put together a working group in order to thrash out a process for reporting malicious URLs. I am happy to say that a few days ago the final version of Best Practices for Reporting Badware URLs was published.
Hopefully the initiative will facilitate communication between the parties that discover the bad stuff, and those in a position to do something about it, mitigating the effects of malicious URLs.
- Best practices for reporting malicious URLs (nakedsecurity.sophos.com)
- Stopping Badware (blacknight.com)
- Sophos: New malicious URLs appear every half-second (thetechherald.com)
- Google warns on ‘unsafe’ websites (firstrate.co.nz)