Malware, and the possibility of infection, is an unfortunate reality facing internet users today. At Bing, we take our job of providing a safe searching experience to our customers very seriously and this anti-malware effort is one of the core elements of the Bing Index Quality charter. We’ve been in this game for many years and have developed comprehensive solutions that minimize user’s risk of infection and maintain the integrity of our index. Inevitably, we get many questions from Webmasters and Bing users about our malware detections and warnings as well as how to clean up and re-evaluate sites. In this continuation of the Bing Index Quality blog series started on July 15 my colleague, David Felstead, in our Anti-Malware team provides an overview of the changes we recently rolled out to Bing Site Safety Page as well as some improvements we hope to ship in the coming months.
Igor Rondel, Principal Development Manager, Bing Index Quality
As Igor mentions in the introduction, Bing has been in the malware detection business for quite a while now, and all this time we’ve been working hard to make sure our users are well protected. A little over a year ago we enhanced the Bing Webmaster Portal with an improved malware reporting and re-evaluation pipeline, providing webmasters with greater insight into compromises on their sites, as well as the ability to streamline their re-evaluation request workflow. This information was not available to all users, however, because to access it a Webmaster account was required, limiting non-webmaster Bing customers’ visibility to the warning we showed in-line with SERP results cautioning against navigating to a site; until now.
The BSSP page allows the curious web searcher to understand more of the reasoning behind Bing’s classification of the page as potentially malicious, including:
- The date the infection was first detected
- How often the URL has been scanned
- The date the infection was most recently detected
All of this information is available for each and every one of the tens of millions of URLs discovered as malicious by Bing, and we are seeing thousands of our customers hitting this page daily already. So far over tens of thousands URLs have been queried foracross thousands of hosts, all by customers in dozens of markets, each curious to understand what is going on with their search results. This is a great uptake, and based on our data a welcome addition to a warning that is already ~94% effective at deterring searchers from visiting infected sites.
However, we’re not done yet. While having information about a single URL on a site is interesting, it doesn’t allow someone to understand if this was a transient issue (perhaps from a malicious ad) or a wide-spread problem (perhaps from a badly compromised server). With this in mind, in the near future we will enhance the page to show data aggregated up to the site level for any query performed against the Bing Site Safety page. This information will enable searchers to understand:
- The total number of URLs detected as malicious on the site
- The types of malware found
- The last date of suspicious activity
- When the site was last scanned
- Warning trigger rate/ coverage
We hope that these changes, and the changes to come will de-mystify some of the issues around malware on the web, and allow searchers to gain a little more insight when a malware warning is presented to them.
Good luck, stay safe on the web, and happy searching!
David Felstead, Principal Development Lead, Bing Index Quality