Every day, thousands of websites are tricked into delivering badware to their visitors. Thousands more are set up specifically for malicious purposes.
Firefox warns you about these "attack sites" so you can avoid them and keep badware off your computer.
This information is provided by StopBadware, a non-profit organization that works with its partners, like Google and Mozilla (the creators of Firefox), to fight computer viruses, spyware, and other badware.
How does Firefox determine which sites are attack sites?
Firefox uses data from the Google Safe Browsing initiative. Google scans millions of websites and identifies those that are, or recently were, hosting or distributing badware. If Google later determines a site is clean, Firefox no longer reports it as an Attack Site.
StopBadware keeps track of sites that Google and others have reported as badware.
I visited the site and didn't see any badware.
Badware is not always evident when you visit a site. Some badware only gets distributed under certain conditions; some installs silently, without alerting the user. It's also possible that the site was infected and has been cleaned up but hasn't yet been removed from the list of badware sites. Owners of websites in this situation may want to request a review.
How does a website become an attack site?
There are three common ways for a website to become an attack site:
- The site is created for malicious purposes.
- The site serves malicious content from an ad network or other third-party content provider.
- The site is infected through a security weakness in the site or the webmaster's computer.
What can an attack site do to my computer?
Some attack sites will try to infect your computer using a "drive-by download," which automatically seeks out holes in your computer's defenses and installs badware without any action on your part. Other attack sites will try to trick you into installing badware, frequently by showing fake security alerts or offering free stuff. Once the badware is on your computer, it might steal your passwords or account numbers, send junk e-mail (spam) to others, or try to extort money from you.
I visited a reported attack site. Is my computer infected now?
Maybe. Many factors affect your computer's risk of infection: the website's "payload," your operating system, the applications and plug-ins you have installed, your security software, how up-to-date all of this software is, your settings, and what you clicked on while at the site. Because drive-by downloads often install silently, it may not be easy to determine whether your computer has been infected.
Help! My site is listed as an attack site!
StopBadware is here to help. See our tips for cleaning & securing your website. Once your site is clean, you will need to request a review. You can request additional assistance in our online community, BadwareBusters.org.
Can I disable the attack site warnings in Firefox?
Yes, but doing so will leave your computer more vulnerable to being infected with badware. If you are willing to accept this risk, you may disable the warnings in the Firefox options/preferences by clicking the Security tab, unchecking “Block reported attack sites,” and clicking OK.
Where can I learn more about badware?
You can start with What is Badware? and then browse around the rest of our site, as well as our online community.
