Google vs. PhishTank, or why we downrated Google

SiteTruth is currently rating Google as Red do-not enter “Site ownership unknown or questionable. — Negative Info”

“google.com” has a negative report in PhishTank this week. A hostile site is exploiting a security hole in Google Maps, an “open redirector”, to give themselves a phony “google.com” web address. This assists the hostile site in evading spam filters and web filters.

Once Google plugs this security hole, PhishTank should notice within a day, and SiteTruth will pick up that information and rerate automatically.

We’ve seen this with a few other major sites. “rds.yahoo.com” is an open redirector, but, confined to a separate domain used only for redirection, it doesn’t open a hole through spam filters and so we don’t downgrade the whole “yahoo.com” domain. AOL uses “r.aol.com” in a similar way, but they also have an exploitable hole in AOLsearch that’s been reported to PhishTank.

Click on any SiteTruth rating icon for a detailed report about how the rating was computed.  If “Negative Info” is reported, click on “Show Details” for a link to the data source which reported trouble.

Leave a Reply

You must be logged in to post a comment.