Security experts have long warned computer users to beware of links that come via instant messenger or e-mail, the most common ways for adware, spyware and other bad stuff to get into your PC. But few people think twice about the unfamiliar links that turn up after a Google, MSN or Yahoo search and how those sites might also expose users to a security risk.
For the past few weeks I've been surfing the Web with the help of SiteAdvisor, a beta version browser add-on for Internet Explorer and Firefox that attempts to interpret the relative safety of Web sites that show up in search results.
With SiteAdvisor installed, search listings are accompanied by a small color-coded icon, such as the red "X" that comes up next to sites that have had reports of suspicious or malicious activity. If you use IE and click on the link for one of those questionable sites, the program immediately redirects you to a SiteAdvisor page that offers more information on the threat.
Hover over the red "X" with your cursor arrow and a small window appears urging you to exercise "extreme caution" in visiting the site. If you then visit the site, a red dialogue box emerges that offers a brief description of why SiteAdvisor doesn't like it.
SiteAdvisor also may assign a green check mark (all clear), a yellow exclamation point (some odd behavior found) or a gray question mark (not enough info to assign a rating yet). Regardless of the rating, hovering over a rating will produce a dialogue box that offers a "more info" link.
I ran my test by searching for "lyrics" in Google. The result: two "Red X" listings, including one next to lyricsplanet.com.
SiteAdvisor warned me that the site would try to install a plug-in that ranked high on SiteAdvisor's "Nuisance Score." Below the scoring meter, the site offers a link to a warning by anti-spyware vendor Pest Patrol that flags the plug-in as adware that will bombard the user with pop-up ads and track online activities.
I decided to test SiteAdvisor's claims by allowing the plug-in to be installed. Almost immediately, just as I was warned, the pop-ups appeared.
Clicking on the red X next to the other suspicious listing on our "lyrics" search results in Google -- a "sponsored link" paid for by rewardsgetaway.com -- we learned that the site was flagged because users who sign up can expect to receive no fewer than 134 e-mails a week as a result. SiteAdvisor knows this because it uses a unique e-mail address to register for sites that require e-mail addresses for registration and tracks the subsequent e-mails that arrive in the inbox.
SiteAdvisor also provides a graphic that shows which other sites have an advertising relationship with the Web site you're visiting. For example, SiteAdvisor says Lyricsplanet.com is linked via advertising to absolutelyrics.com, a site which the software flagged as deceptive or fraudulent.
Overall, SiteAdvisor does a good job. Still, its extensive database is not necessarily authoritative. We found a handful of Internet addresses that have been flagged by anti-virus and anti-spyware firms as serving up malware that were marked "safe" by SiteAdvisor.
Brian Krebs is a washingtonpost.com reporter who writes regularly about security issues athttp://www.washingtonpost.com/securityfix.
