About Me

Simon Hunt

Simon Hunt
Chief Technology Officer, Endpoint and Innovation
VP and CTO, Endpoint Security Simon Hunt has more than 20 years experience in software development, design and ...

Read More

Corporate Blogs

Feeds & Podcasts

Meet the Bloggers

Archive

Tags

12 Scams of Christmas, 2012 Virtual Sales Kickoff, Accredited Channel Engineer, ACE, ACE certification partner, Acquisition, Alex Thurber, Annual Partner Survey, Apple, ASIC, attacks, Australia, automobile, automotive, award, awards, beyond the PC, Biological Computer, Blackhat, C-SAVE program, Change Control, channel partner, Channel Partners, Channel Partner Town Hall, Channel Program, Channels Town Hall, chromebook, CIO Insomnia Project, Citrix, Civil War, cloud, Cloud computing, cloud security, Commercial/SMB, Commercial and Enterprise Deal Registration, Compliance, Consumer, consumerization, consumerization of IT, Continuing Education, Corporate Responsibility, critical infrastructure, cyberattacks, Cybercrime, Cyber risks, cybersafety, cybersecurity, cyber security awareness, Cyber Security Mom, cyberthreats, Database, database security, data breach, data center, data center security, Data Loss Prevention, Data Protection, Dave DeWalt, Dave Marcus, David Small, Deal Registration, Deep Command, DeepDefender, Deep Defender, DeepSAFE, DLP, Dmitri Alperovitch, education, Email & Web Security, Email Protection, embedded, EMEA, encryption, Endpoint Protection, Endpoint security suite upgrade, Enhanced Deal Registration, enterprise, epo, ePO DeepCommand, ePolicy Orchestrator, Family Safety, Focus, Focus11, FOCUS 2011, Foundstone, France, France Law, French Law, Gartner, Gavin Struthers, George Kurtz, Global Risk 2012 report, global threat intelligence, gold software support, google, government, GTI, Hackers, heidi klum, identity fraud, identity protection, IDF 2011, Incumbency Advantage Program, India, Initiative to Fight Cybercrime, innovation, integration, intel, intellectual property, intrusion prevention, iPad, IPv6, I Series, IT as a Service, IT Security market, Joe Sexton, julian Assange, kurtz, labs, law, LCEN, mac, Mac OS X, malware, Marc Olesen, mcaf.ee, McAfee, McAfee Application Control, McAfee Channel, McAfee Channel Partner, McAfee Cloud Security Platform, McAfee Data Loss Prevention, McAfee Employees, McAfee Firewall Enterprise, McAfee FOCUS, McAfee Identity Protection, McAfee Initiative to Fight Cybercrime, McAfee Labs, McAfee Labs Q3 Threat Report, McAfee Network Security Platform, McAfee Network Threat Response, McAfee Partner, McAfee Partner Learning Center, McAfee Partner of the Year Award, McAfee Partner Program, McAfee Partner Summit, McAfee Rewards, McAfee Security Management, mcafee total protection, McAfee Vulnerability Manager, Microsoft, Microsoft Security Bulletin, Mid-Market, Middle East, Mike Decesare, Mike Fey, Mobile, mobile applications, Mobile Data Protection, mobile malware, mobile security, MS12-020, M Series, national cybersecurity awareness month, National Cyber Security Awareness Week, NCSA, Network Security, Next Generation, next generation data center, Night Dragon, NitroSecurity, Nitro Security, north america, OCTO, Operation Aurora, Operation Shady RAT, PARC, Partner Acceleration Resource Center, Partner Care, partners, Partner Summit, Patch Tuesday, Paul Otellini, PCI, PCI DSS, Pemberton, peter king, policies, president obama, privacy, Products, promotion, Public Sector, quarterly threat report, regulation, regulations, Renee James, risk, risk and, Risk and Compliance, Risk Management, Riverbed, ROI, RSA, RSA 2010, s, SaaS, SaaS Monthly Specialization, safe, SAIC, Saudi Arabia, SCADA, scareware, security, Security-as-a-Service, Security Connected, security management, short url, SIEM, Small Business, Smart Grid, smartphones, SMB, SMB Advisor Tool, SMB Extravaganza, SMB Specialization, social media, social networking, social networks, social responsibility, solid state drive, spam, Steve Jobs, Stop.Think.Connect, Support, targeted attacks, TCO, Tech Data, technology trends, Telecommunications, The VARGuy, threat reduction, thurber, Todd Gebhart, Trust and Safety, twitter, UAE, Ultrabook, Underground Economies, United Arab Emirates, Vanity Fair, Virtualization, Virtual Sales Kickoff 2012, virus, VMworld 2011, WAN, Web 2.0, web security, wikileaks
Corporate : CTO :

About Spam Sites, Malware and Heated Lunchtime Conversations

Tuesday, October 26, 2010 at 8:12am by Simon Hunt
Simon Hunt

This last week we’ve been having some heated (but friendly) discussions between the McAf.ee team and the Global Threat Intelligence teams. The problem we’ve been discussing is quite interesting – it’s how to rank, or what to do about spam sites?

You know the ones, Canadian Pharmacy etc, The sites which advertise “Click here to learn about kittens” etc, but when you click there, it’s some site offering you cheap Viagra etc.

Not surprisingly, the owners of these sites have realized that McAf.ee links might be a good way of promoting their wares, and, 1500 or so short links later it comes to our attention. In fact today, two links to the same spam domain are over 90% of our recorded clicks. I have no idea how they are generating that traffic, but it’s surprising (and annoying) indeed.

The dilemma is this – these sites are (mostly) safe, in that they don’t contain any malware. Yes, I agree they use misleading practices to peddle their links, but is this bad behavior, or is it good marketing? As I said to the team here, if it was Amazon.com creating all the links would we be worried? Probably not.

What is universally acknowledged, is that promoting your Web site through spam emails, and misleading links (short or long) IS BAD PRACTICE and will get your site blacklisted sooner rather than later. Also,if you happened to buy something from these sites, there’s a good chance you won’t get what you ordered, and a good chance your credit card details will be misused by some criminal gang.

So, I hope you can see my dilemma – McAf.ee’s original premise was to make the Web safer by protecting you from going to known malware sites, but now we’re considering protecting you from going to sites with known (or highly suspect) business practices as well.

In this weeks revision of McAf.ee we’re going to implement a new “Blue” block page (going live Tuesday Morning), in which we are going to warn you if you’re being sent to a site on our suspect list. I’m interested to hear how you feel about this change, and if you felt it went far enough (or too far) in protecting you.

You can of course always report suspect sites that we’re not properly categorizing or protecting you from by posting a note on the http://community.mcafee.com forum.

Bookmark and Share

Tags: ,

Comments are temporarily suspended due to blog maintenance, comments will be available again from Monday 21st May.