Google search results warn of compromised sites

Company adds warning in search results when a site appears to be compromised, even if it's not actually downloading malware to visitors' computers.

Elinor Mills Former Staff Writer

Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service and the Associated Press.

See full bio

Elinor Mills

Dec. 17, 2010 10:00 a.m. PT

2 min read

Google's new warning in search results lets you click on the warning label to get more information about the risk associated with the site or ignore the warning and click the result to go straight to the site. — Google's new warning in search results lets you click on the warning label to get more information about the risk associated with the site, or ignore the warning and click the result to go straight to the site. Google

Google has been warning Web surfers about sites that appear to be hosting malware in search results for years. Now, the company is adding a warning in search results when the site appears to be compromised but may not be actually downloading malware to visitors' computers.

Starting today, Google search users should start seeing a new hyperlink warning that says "This site may be compromised," adjacent to some results if Google's system has detected something on the site that would indicate that it has been hacked or otherwise compromised. Clicking on the warning link leads to a Help Center article with more information.

"If a site has been hacked, it typically means that a third party has taken control of the site without the owner's permission," the article says. "Hackers may change the content of a page, add new links on a page, or add new pages to the site. The intent can include phishing (tricking users into sharing personal and credit card information) or spamming (violating search engine quality guidelines to rank pages more highly than they should rank)." Web surfers can also just click on the result to go directly to the site.

Google first started putting warnings next to results in late 2006, but focused on sites that were hosting or actively serving malware. Those warnings say "This site may harm your computer," and clicking on the result itself takes you to another page that provides more information.

The new warning is designed to focus on Web sites that may not be actively infecting computers, but that may be compromised and conducting other types of attacks, such as spam or phishing.

Along with warning Web searchers, Google tries to notify Web masters when they detect that their site may be compromised via messages in the Google Webmaster tools console, Google said.

"Of course, we also understand that Webmasters may be concerned that these notices are impacting their traffic from search," Google says in a post on the Webmaster Central blog today. "Rest assured, once the problem has been fixed, the warning label will be automatically removed from our search results, usually in a matter of days. You can also request a review of your site to accelerate removal of the notice."