Bing users who are about to venture to Websites that pose a risk to their security are already familiar with the generic malware warning that Microsoft shows them in the hopes that they turn back or at least proceed with caution. On June 3, Microsoft announced that its search engine now provides more informative notifications, alerting both users and Webmasters about the specific dangers they may encounter.
“By refining the generic malware warning, Bing now gives more details about the type of threat the user is facing,” wrote Microsoft Bing Program Manager Chad Foster in a June 3 blog post. “Furthermore, this improvement enables webmasters to clean their site quicker by having stronger insights into why their site was flagged.”
Instead of lumping sites that serve up malware and phishing sites together, the new warnings inform users of the particular risk each type of site poses. For example, when encountering a phishing Website, Bing cautions users that the site is intended to trick them into disclosing personal information and recommends that they click on another result.
Similarly, sites that host or link to malicious software will be labeled as such. However, Bing now takes the extra step of explaining the difference.
“Sites might not always be malicious; however, they might link to malicious binaries. While safe to load into the browser, there is a hidden bomb waiting to be clicked,” said Foster. “In contrast, some hacked pages cause infections just by visiting them.” Bing will now indicate to users that the former is likely safe to visit as long as they refrain from clicking on links when they arrive.
Using the Bing Webmaster tool, Website operators can pinpoint the offending links, enabling them to takes steps toward removing them. The new “Malware on Linked Sites” view generates a list of links and redirects that lead to malware that has been detected by Microsoft. Digging deeper, Webmasters can view the full URL path leading to harmful binaries.
Foster acknowledged that not all Webmasters running sites with warnings attached are trying to con visitors or foist malware onto unsuspecting users. Bing’s new alerting system is intended, in part, to help Webmasters recover faster from a hack that may have deposited unwanted content or links onto their sites.
Often, hacked sites are used in phishing schemes. Last month, the Anti-Phishing Working Group (APWG) reported an alarming rise in URLs used for phishing attacks. While many of the 123,000 unique URLs used by phishers in March 2016—up from 48,000 in October 2015—were seemingly generated quickly to overwhelm systems that detect phishing, most phishing URLs are hosted on hacked sites.
“Usually, the domain used in an attack is not malicious,” Luis Corrons, a contributing analyst to the APWG report and technical director of computer security specialist PandaLabs, explained to eWEEK’s Robert Lemos. “There will be a Website, and someone, somehow hacks into the site and creates a number of phishing pages inside the domain.”