McAfee SiteAdvisor Blog

For millions of Yahoo! users, their search experience is now a little different. Alongside their regular Yahoo! search results, they may encounter a new piece of information – the site’s risk rating!

We recently announced that McAfee and Yahoo! have partnered to launch Yahoo! SearchScan Beta Powered by McAfee, the Web’s first search engine to incorporate such site safety ratings.

What’s under the hood?

Under this beta launch, Yahoo! users in the US, Canada, UK, France, Italy, Germany, Australia, New Zealand and Spain will experience much safer searching thanks to site safety ratings from SiteAdvisor, McAfee’s 5-star rated, award winning safe search tool.

Yahoo! users will immediately benefit by avoiding Web sites that can result in spyware, spam and "browser exploits."

SiteAdvisor users will now see two annotations when they search on Yahoo! – McAfee’s circle and Yahoo! SearchScan’s red triangle. The rating and additional information are the same.

Yahoo! will remove all sites that McAfee has rated red (risky) for download and e-mail practices from sponsored results (the ones on the right and top of the page). In addition, Yahoo will remove all sites that test positive for malicious exploit or "drive-by" code, no matter where they appear on the page. Finally, Yahoo! will display alerts next to red-rated download or e-mail results in the organic part of the search page.

For those Yahoo! users who are unfamiliar with SiteAdvisor, when they mouse over a red rating and click "more details" they’ll open a site profile providing the same in-depth information about the site’s test results that SiteAdvisor’s existing users have come to expect.

The added safety will be "on"by default for all users of Yahoo!’s U.S. search portal. Under Yahoo!’s "Search preferences" consumers can easily turn off the new feature or decide to filter out all red results from search results.

What’s Different?

SearchScan uses almost all of our data – but not all of it. For example, the SiteAdvisor plug-in offers phishing protection. SearchScan does not. Why? Phishing sites are largely a "surfing" phenomenon. They almost never show up in search so it makes sense for Yahoo to work with the most common types of red for now. For another example, we use a pretty complex algorithm to mark sites red if they link to too many other risky sites. SearchScan is brand new to the Yahoo! community and they’re rightly focusing at first on threats that are easiest to understand – like downloads, spam and exploits.

Taking SiteAdvisor wherever you search and surf

If Yahoo!’s users enjoy this safer search environment, we hope they’ll consider adding the SiteAdvisor plug-in to their browser as well. This way, they can take that new layer of safety to the surfing experience.

In fact, Yahoo!’s SearchScan Beta is not a replacement for SiteAdvisor. Our existing SiteAdvisor users will want to keep their plug-in installed so they can benefit while surfing and while searching on other engines.

Permalink | TrackBacks (0)

Microsoft’s OneCare team issued an update on January 31, 2008 that resulted in SiteAdvisor users receiving a Microsoft warning message recommending that SiteAdvisor be removed due to interference with OneCare.

SiteAdvisor doesn’t interfere with OneCare in any way; we communicated this to Microsoft and they’ve begun to resolve the issue.

As of February 21st, new installations of OneCare will not message against SiteAdvisor. However, existing users of OneCare will continue to receive these messages until sometime in the spring, when Microsoft says it will fix OneCare installations made prior to February 21.

Turns out that as a general rule, Microsoft recommends running only one security application at a time because of potential performance and "PC stability" issues. We explained to Microsoft that SiteAdvisor functionality is totally unrelated to OneCare. They agreed.

Rest assured, there is no need to disable SiteAdvisor or OneCare. The two products co-exist nicely (aside from the pop-up!).

Because OneCare doesn’t allow white listing of applications, affected consumers have limited options until all installations of OneCare are patched. Thanks for your patience during this time.

Permalink | TrackBacks (0)

We’ve been hearing from some of our users that their systems are slowing to crawl when trying to access Gmail. Ugh!

It turns out Google’s November Gmail release included some fairly significant, and unexpected, changes that are affecting many SiteAdvisor users on the Internet Explorer 7 platform. The effect is unacceptably high CPU usage.

We’re finishing a patch now that will go out to all our users the week of December 10.

In the meantime, add google.com to SiteAdvisor’s Do Not Warn list and reopen the browser. Doing so will alleviate the issue.

For step-by-step instructions, please visit McAfee's support center.

Permalink | Comments (1) | TrackBacks (0)

In early September 2007, concurrent with SiteAdvisor build 2.5, we changed the privacy policy for SiteAdvisor participants in our optional Product Improvement Program (PIP). As you may know, the PIP allows us to keep anonymous statistics on how our software is performing so we are better able to improve it.

Here's what's changed: Under the new privacy policy, we can now share these anonymous statistics with partners. Examples of these statistics would be the number of active SiteAdvisor users in a day, or the number of times users 'mouse over' SiteAdvisor's safe search ratings.

Here's what hasn't changed: We do not collect any personally identifiable information from SiteAdvisor users, whether the user is in the PIP or not. The PIP remains purely optional and by default, SiteAdvisor users do not participate. Users who opt-in to the PIP can still leave at any time by clicking on the settings menu found on the McAfee SiteAdvisor logo.

Permalink | Comments (3) | TrackBacks (0)

Back in March, we published Mapping the Mal Web an in-depth look at country-level domains. Tokelau (.tk) was the riskiest overall, with 10.1% of all tested domains rated red or yellow. Turns out that the people in a position to do something about that score took notice.

Dot TK, the private company that administers the domain on behalf of Tokelau (a territory of New Zealand), says it will install a system to filter malicious content. According to the CEO of Dot TK, the McAfee report spurred the new process: “We saw a decline of approximately 10% of new registrations in the countries where this report hit the press.”

According to press reports, Tokelau earns a double digit percentage of its GDP from revenue generated by the .tk domain.

Permalink | Comments (2) | TrackBacks (0)

Update:

Thanks to the hundreds of thousands of people who took our phishing quiz. We're now examining the results. Look for more interactive features from McAfee in the future!

Can you spot the phish?

How well can you spot phishing sites? Many of the readers of this blog are pretty savvy when it comes to security issues. So, we’ve created a deceptively easy but devilishly hard 10-question phishing quiz. Are you up to the challenge?

Our Phishing Quiz follows on the heels of our Spyware and Spam quizzes. More than 120,000 test results later, we can safely say that we have a lot of work left to do. The average score for the spyware quiz was 59%. For the spam quiz, 55%.

MailFrontier published the first phishing quiz back in 2004. Given the persistence and mutability of this plague, we thought it was time to revisit the issue. Whether it's rockphishing, or Flash phish or MySpace scams, phishing continues to evolve and ensnare both the ignorant – the people who don’t know better – and the arrogant – the people who should know better. And victims continue to lose real money. According to Gartner, per victim losses soared from $257 in 2004 to $1,244 in 2006. That’s nearly a 5-fold increase.

We encourage folks to share the quiz with friends and family. Use your expertise and the opportunity presented by the quiz to share some of our hard earned collective knowledge about phishing. Who knows? We might even save a few people from getting hooked.

Permalink | Comments (4) | TrackBacks (0)