Every week, over 10 million users encounter harmful websites capable of delivering a barrage of spam and stubborn malware. Many of these sites are personal blogs or SMB-owned pages that have been compromised due to weak passwords or outdated software. More often than not, many webmasters are unaware that anything is amiss.
Worse yet, even when they learn of a security issue, they may lack the expertise to take effective action and address the root cause.
Over the last year, Google detected close to 800,000 compromised websites on the web – which equates to roughly 16,500 new sites every week.
Whilst browser and search warnings alert visitors about potentially harmful sites, these warnings can feel redundant to webmasters who often learn after-the-fact that their site has been compromised.
In order to balance the safety of users with the experience of webmasters, we set out to find the best approach to help webmasters recover from security breaches and ultimately reconnect sites with their audience.
One of the hardest steps on the road to site recovery is finding that first point of contact.
As we work to make the web a safer place, it’s critical to empower both webmasters and users to make assured security decisions. It’s easy to be pessimistic about attacks, but starting dialogue early can significantly expedite recovery, so don’t fall too far behind.
You should always pay close attention to legitimate email, browser and search warnings.
We hear everyday that Google shouldn’t be trusted with sensitive information, but for webmasters who have registered their site with Search Console, a simple email notification can lead 75% to re-securing their pages.
Browser and search warnings help 54% and 43% of webmasters clean up, on average.
Attackers typically rely on hidden files, easy-to-miss redirects and remote inclusions to serve up scams and malware. This makes the removal process increasingly tricky.
Once a site has been scrubbed of malware, it’s vital to make sure attackers aren’t capable of reasserting control.
At Connect, we provide relevant, up-to-date tips and samples of pages containing harmful content. This, combined with timely notifications, helps webmasters solve security issues faster than ever before.
- Make sure you have registered for Google Analytics and Search Console
- Establish a reliable communication channel before any security incident can occur
- Understand that a compromise can be distressing for users
- Provide victims with clear recovery steps, and promptly reply to all queries so the process feels helpful, not punitive