Deciphering Google Warnings?

wkleem
wkleem
Community Member

What does anyone make of Google when a warning is made on their search page? I went to search for an old Symbian software for PC and Google stated that the site may have been hacked? The keyword is "Oxygen Phone Manager" if any one is interested.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni

    @wkleem: Can you tell me what warning you're referring to? I'm not seeing any. Is it maybe browser- or site-specific? I'm definitely curious. A screenshot would be great! :)

  • wkleem
    wkleem
    Community Member
    edited December 2015

    You can tell from the image that I've clicked on the link for more details. Interestingly, only one of the links have the message but not the others from the same website! I am currently viewing this from iOS 9.2 and Mobile Safari.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @wkleem: That is so weird. Thanks for the screenshot. It's the same on my Mac, but I completely overlooked that small text originally! As you probably already know, clicking on that message leads to this:

    "This site may be hacked" message
    You'll see the message "This site may be hacked" when we believe a hacker might have changed some of the existing pages on the site or added new spam pages. If you visit the site, you could be redirected to spam or malware.

    While probably only Google really knows what all of this means, my guess is that, because they index everything frequently, they notice changes and patterns in websites over time. Often spackers (spammers/hackers? I just made that up) will take advantage of vulnerabilities in common website platforms (scripting, layout, hosting, etc.) to inject their own information.

    Now, if they make drastic changes, it's likely to be noticed, either by the site owner or visitors. So to derive greater benefit, they make often-indiscrnable changes (links that redirect, ads of their own in place of the site's native ads, etc.) — that way, if no one notices, they can get more clicks over time from unsuspecting users.

    However, while you can I don't view the source of each website we visit (and we probably wouldn't notice minute oddities anyway), Google absolutely has the resources to do this; and after all, they're trying to index the page and all of its links and images anyway. So it's probably trivial for them to automate checking for common spam tricks, or even flagging patterns to discover new ones.

    As for why only the main page is flagged, it may be that the other's haven't been modified, or that Google hasn't detected it for some reason. That's just my best guess. :)

This discussion has been closed.