Last month Google warned WordPress site owners of out-of-date versions of their content management software as a preventitive strike to getting hacked. Starting Monday, Google began warning people who have a specific piece of malware that uses proxies to send your data to and from the sites you visit.
Short for "malicious software," malware is computer code that attempts to hide itself from you in an attempt to mine your data, use your computer's resources, or simply cause harm to your computer, all without your knowledge or consent. In their announcement, Google said they are taking steps to notify users who have one particular type of malware.
Since Google knows what computer sends the traffic, the search engine is aware that the request is coming from a site of ill-intent. While they don't know who you are, they know that the information they send back to you is being intercepted (and possibly tampered with) before it actually gets back to you. In the computer security world, this is called a "man in the middle" attack.
Why Should I Care?
Man in the middle attacks are particularly evil because everything you send across the Internet is transmitted through another server before reaching its destination. Conversely, all the data send back from the site you visit is also sent back through some other server.
For example, you have this particular malware installed, you go to Google and search for something. This other server knows what you've just searched for and everything Google sent back to you.
If you don't care yet, consider this: If you log into your Google Account, your username and password just got intercepted. If you go to your bank's website, everything your bank requires you to enter to login has also been sent.
If you keep your password saved in your browser, don't think you're not affected. All saving your password does is prevent you from physically typing each time you log in. The information saved in those fields is still transmitted. If you have this particular piece of malware, your information is most certainly compromised.
Bottom line: if you see this warning on Google, take it seriously. Many anti-virus software don't discover this type of malware.
Make sure your antivirus software is up to date. If you want to muck around for yourself, Google offers these tips for cleaning your system. See the collapsed section labeled "See the technical instructions for Windows Users," under step 2.
Image credit: owasp.org
The Original Search Marketing Event is Back!
SES Denver (Oct 16) offers an intense day of learning all the critical aspects of search engine optimization (SEO) and paid search advertising (PPC). The mission of SES remains the same as it did from the start - to help you master being found on search engines. Register today!