Do you know where your mouse has been?

Posted May 5th, 2008 at 9:15 pm by Vish Makhijani, Yahoo! Search

 9 Comments / Filed in: Trends & News

Did you know that every year Internet scams and traps cost Americans over 7 billion dollars? Searching on the Web can present a minefield of spyware, malware and other malicious sites that can cause serious harm to your PC and cost you valuable time and money.

We are taking steps to make you feel safe when searching the Web — warning you about dangerous sites before you click on them. Today we’ve launched SearchScan (in beta), a new safety feature tucked into Yahoo! Search, courtesy of our friends, the dedicated security experts over at McAfee.

It provides alerts that appear within your search results, flagging “risky” sites with dangerous downloads that can include spyware and viruses. SearchScan will even warn you about sites that have dubious email practices to help you keep your email box free of spam.

No other search engine today offers you this level of warning before visiting sites. Period.

Yahoo! Search with the SearchScan feature is like your Internet security guard, warning you of danger so you can search with confidence… another reason to make Yahoo.com your starting point

Vish Makhijani
SVP & GM, Yahoo! Search

Tagged: news, search, security

Post a Comment Bookmark This Digg This

9 Comments Add your own

badUI | May 6th, 2008 at 5:46 am

Agent K: There’s always an alien battle cruiser, or a Corellian death ray, or a plague intended to wipe out life on this miserable little planet. The only way these people can get on with their happy lives is that they DO NOT KNOW ABOUT IT!

Judy Friddle | May 6th, 2008 at 3:59 pm

McAfee – SiteScan – Bad Decision for Yahoo!

We are very upset that McAfee has put a note on our website listing when searched through Yahoo: “Warning: Unsolicited E-mails” This is totally misleading, as when you read McAfee’s report explaining this, they state that they submitted their email to us and it was posted on our site. Well, the only way that statement would be true is if they submitted the birthline registry form – this is the only place on our website that we post email addresses, with the submitter’s permission. The registry is provided for adult adoptees or birthparents to post listings in order to contact each other. And so I assume that McAfee made up a fake listing that they submitted, because every listing is read and posted by me, not automatically, and has to have the right information provided. What a fraud! McAffee has spammed OUR site! I really resent this and also that McAfee has worded their warning to suggest that WE send out unsolicited email if someone contacts us. Please ask them to let us know which is their listing so we can take it off so that it doesn’t mislead a sincere adoption searcher, what a mean, underhanded company they are!

Then with further investigation, we noticed that HUNDREDS of websites when searched on Yahoo have this warning – and they are all legitimate sites that have a guest list that can be signed or are a registry of some sort where people willingly post their emails – this kind of bad press from Yahoo sounds like perfect grounds for a class-action lawsuit! “Sally Kraus” with a multitude of variations of an email address seems to have posted on all these sites. Yahoo – lose McAfee or you will lose a lot more very quickly.

Please know that I am not trying to down Yahoo, but I see such potential damage to your company from this unfair, gestapo-like tactic to rate sites.

Sincerely,

Judy Friddle

ResearchEtcInc@cox.net

Vish Makhijani | May 7th, 2008 at 1:12 pm

@Judy: Thanks for flagging this. McAfee identifies security risks that include, among other things, sites that accept user email addresses and then generate spammy emails or cause spammy emails to be received by the user from other websites. If you disagree with any ratings or believe you have fixed the security issues the McAfee cited, please contact McAfee or write in to us using the Yahoo! SearchScan Rating Form that appears when you click on “Site Owner Support” in the warning window.

Vish

Judy Friddle | May 8th, 2008 at 12:39 pm

Vish,
I appreciate your reply, and yes I have already contacted McAfee & sent an email via Yahoo!SearchScan Rating Form (no replies from either one) – but instead of just fighting over McAfee’s misleading warning on our site, I wish someone could do something about McAfee submitting false listings to hundreds of legitimate websites’ guestbooks or registries, and then pointing the finger at THEM as spammers.

It appears that McAfee is really the internet’s biggest security risk, as the spammer, phisher, spybotter, etc. that we all need protection from.

Judy

Bob | June 22nd, 2008 at 1:00 am

SiteScan -A BAD DECISION MADE WORSE…

Same same with our site, Mcafee spam WARNING….

This is SLANDER, it is also aimed with special intensity at competitors in the travel industry
The rating was made over a year ago and never changed despite our elimination of all email private addresses from guestgooks, product rating and review databases many months ago. (even though the visiblity of a product raters e-mail was
purely optional)

Contact with Yahoo gets you a form letter: ‘Mcafee decisions are final’ answer…which is not nearly good enough…..
“like hiring a hit man and then saying…’Oh we didn’t do it, no, no…it was our hit man…..”.

Contact with McAfee gets you another form letter: “We rescan spam warning sites every 8-10 weeks…this is a lie.

The damage this warning is doing to thousandss of legitimate sites is CALCULABLE.
HINT: (as it must be in order to sustain a damages lawsuit).

But since the behemoth does not listen, I think it would be much more fuitful if the Yahoo /McAfee mafia suddnly started getting jabbed with thousands of little lawsuits in local small claims courts around the world. As it will cost them much more to defend than for us to file charges.

And if their lawyers doesn’t show up, you will win by default.
Which is exactly what we are preparing to do about it.

So:
1. Keep good records of when the warning first appeared..
2. Find out who was the ’supposed’ rater for McAfee
3..Keep a list of the other sites which this rater bombed.
3. Keep screen shots of your Yahoo listings (by date).
4. Keep copies of your Yahoo generated website traffic.
5. Prepare as much proof as you can that your site does not generate spam.
6. Calculate the percentage of users from Yahoo that bought from you before and after the warning appeared.
7.Keep copies of the Yahoo and Mcafee form letters you recieve when you request an explanation (and recieve instead of a decent answer)
7. Make estimates of your financial damage (by week, by month, by year)

Take it all to your local courthouse and file your charges. Costs you practically nothing.

Good luck

Jim Buckley | July 9th, 2008 at 8:15 pm

I just read the comments by Judy and Bob concerning Yahoo/McAfee/SiteAdvisor’s false warnings.

I couldn’t agree with them more. Yahoo/McAfee/SiteAdvisor has treated us similarly – a false “Warning: Unsolicited E-mails” which has to be a mistake since there is no way to post a test email address on our website.

So far I have spent a month trying to contact someone with a name who has the authority to correct the mistake. No luck. I must say I’m not encouraged to see that Judy and Bob have been at it even longer.

Bob, I appreciate your advice about filing lot’s of local lawsuits. We were thinking more of a class action suit.

Please contact me so we can discuss our options.

Best,
Jim Buckley
360 385 9974
buckley@rumford.com

Robert Phipps | July 10th, 2008 at 1:00 am

Dear Group

I also have the same problem with Site Advisor.

Here is the email address of the McAfee solicitor. I have written to him and have met exactly the same arrogant self assured attitude as you all have.

I do not understand why Yahoo are using such a product. Although something definitely needs to be done for internet security, it should not be at the cost of innocent parties.

The last update of the McAfee Site Advisor database was December 2007. This is published on their website.

At the moment my intention is to gather support against McAfee. I suggest the following:

1: Take a screen shot of you site listing on Yahoo.
2: Go to the McAfee site and do a search on your URl and then take a csreen shot of the results.
3: Ask your service provider to confim that you do not have dangerous downloads, or get independant proof that the claim of site advisor is incorrect.
4: Get a copy of your IP logs, or/and other supporting information that shows clearly a negative change in your business/visitors, which should conincide with the time your website was first indicated by McAfee as being dangerous.
5: If you contact McAfee customer support, do it by email or in chat and make copies of the conversations.
6: If you are a business, get a customer’s independant confirmation of their change in feeling, concerns or worries after seeing your website listed.
7: If you loose a customer, ask them if they counld confirm in writing whether their departure was due to the Yahoo red warning.
8: Write to the McAfee Solicitor. His email address is ‘Warren_Nickerson@Avertlabs.com’

Remember that there is a fine line between freedom of speech and slander. You will need the above information to prove your case. You need to prove that the listing of your website as dangerous and any loss of business happened at the same time. You need to prove the effect the listing has had on your customer base. You will need to quantify and prove the loss of business you have sustained.

Forget sueing Yahoo. I am positive that their contract with McAfee keeps them in the clear. McAfee is the target and not Yahoo.

This is just a brief idea of what we can do from my lawyer. I recommend you seek your own legal advice.

trinity | July 10th, 2008 at 7:36 pm

Yahoo and Mac Afee marked two of my sites with the unsolicited email warning. Like Judy, we post the email addresses to the sites and they are ALL voluntary.

Mac Afee has told us that we must remove every email address from the website. I know that on one of the sites, no email address was posted, and because Mac Afee originally said both sites generated the same 12 emails in one week, I suggested that neither website generated the emails.

I am glad to see my instincts were right–If I removed all email addresses on the 1700+ pages of the snowwowl.com website, it would not change my status, but it would eliminate a way for people to exchange information.

I made a comment as the owner of the site at the Owner Comment form, and it was not posted. Further others went up to make a comment about visiting the site and having their email address on the site over the last 3 years, and their comments were not added.

At this point Yahoo and Mac Afee can say whatever they want, and we are at their mercy.

I have stats showing the impact on the site of this warning. The site has been up for 7 years, we get 70,000 visitors a month and we have never had any complaints.

While Yahoo and Mac Afee have torn down the reputation of this non-commercial educational website, we can claim no monetary damages. They have tagged a site that was put up in the true spirit of the Internet. That is we created and have maintained the site for no other reason than to make sure the information was made public and would be available for all those that want to learn.

Now people are being scared away by this bogus test.

dom | February 12th, 2009 at 6:42 am

I have had the runaround with site advisor for some time.

We used to have a download section where people could download free software. We tested all downloads personally repeatedly with no ill effects whatsoever.

Advisor redflagged us with questionable downloads.

We decided to remove the downloads.

A couple of months later, after several petitions to rescan, nothing had changed. So we decided to spend the money to obtain a macafee secure site certification.

The sales person told me macafee would scan the site daily, and the site advisor flag would be expedited for removal. Since this had already hurt our business, we decided to pay.

This was a couple of months ago. Removal of the siteadvisor flag is a condition for displaying the macafee secure symbol on the site. Site advisor has not removed the flag, the macafee secure sign is not displayed, I have paid good money for the scans, they come up clean, and I am still losing business.

I have had some mail exchanges with both site advisor and macafee (who claim to be seperate entities. This was the explanation I received:

“Hello,
When a site provides potentially unwanted downloads, that impacts the site’s overall rating for period of time. The rating does not clear the moment the downloads are replaced or removed. Our ratings are reputation
based, which is not something that changes instantaneously. Potentially unwanted programs were detected on this site for a number of months prior
to their being removed. SiteAdvisor’s engineers will re-test your site in the future and, if no other negative activity is found over the course of that time, a rating change will be made.

Sincerely,

Andrew
Customer Support
McAfee SiteAdvisor”

Just how many months after the removal of the (non malignant!!!!!!!!!) downloads will we be marked? Who decides we have a bad reputation? Do we wait until bancruptcy and then get a green flag? We are the leading information site in our industry, with some 8000 pages of information and it is being updated daily.

In any case, we received one final correspondence:

“Hello,

Thank you for your e-mail. Should you retain legal counsel, please direct all related messages to McAfee’s attorney, Warren Nickerson (Warren_Nickerson@Avertlabs.com).

Sincerely,

Andrew
Customer Support
McAfee SiteAdvisor”

Strangely, these two “seperate entities” share the official macafee lawyer. Yet, one party can accept money for scans to lay the issue to rest, while the other continues to ruin your reputation.

What’s worse, two sites ( probably a lot more, these were brought to our attention) linking to our site are now redflagged – specifically for linking to us, while they have absolutely nothing even remotely identifiable as unwanted on their sites. This is a sure fire way to kill a business, redflag other sites that link to it for no reason but said link.

I realize that Yahoo is only trying to add a valuable service to it’s search, but siteadvisor is rogue and macafee is profiting directly from this by accepting generous amounts of cash under the pretense of clearing the undeserved reputation flags through daily scans.

What a scam!