Over 90% of webmasters surveyed did not notice any strange activity when their website was compromised, despite the fact that their sites were being abused to send spam, host phishing pages, or distribute malware, according to the report Compromised Websites: An Owner’s Perspective.
Perhaps more surprising, nearly two-thirds of the webmasters surveyed did not know how the compromise had happened.
The survey found that about half of site owners discovered the hack when they attempted to visit their own site and received a browser or search engine warning.
“We put that down to the bad guys doing things in a way that did not attract too much attention because that lets them use the site for whatever they are trying to do with it”, noted Avi Turiel, director of product marketing at Commtouch.
“We would have thought there would be a huge increase in traffic to a particular page. Suddenly you’d notice that an html file on your theme page had become the most popular page on your website. Obviously people are not analyzing their website all the time to see what is going on”, Turiel told Infosecurity.
Around one-quarter of site owners had not yet figured out how to resolve the problem at the time they completed the survey. “One or two said that they filled out the survey hoping it would lead to a resolution of the problem. They will probably be a bit disappointed”, Turiel noted.
“What is interesting is that, although the people that responded didn’t seemed to be that in touch with the mechanisms of their site to pick up that something was wrong, we had nearly 60% that claimed to have fixed the site themselves”, Turiel observed.
“Once they found out, they went online, looked up what the problem could be, and found some online resources…they were then able to fix the problem themselves. They are very resourceful webmasters”, he added.
In addition, 40% of survey respondents changed their opinion of their web hosting provider following a compromise. “Around 30% were considering leaving their hoster based on their experience. It seemed like just being compromised was enough to give them this bad impression”, Turiel said.
“We found that 75% of the people who did get help from their hoster felt more appreciative. So the takeaway for the hosting provider is that if one of your user comes to you with this problem, then helping them out is good for your name”, he observed.
The report included examples of hacked websites as well as the spam emails that may trick users into visiting these sites. In addition to analysis and quotes from site owners, the report provides tips to help webmasters prevent their sites from being compromised.