Yesterday I got an email from a friend with nothing in it, but a link to a website. The link was a domain name followed by a lot of garbage directory names like this www.example.com/oyv/q/xljoz/wfcy/zkibb/uwde
Now I’m sure all MakeUseOf readers know (I hope) that’s extremely suspicious and not to click the link so I’m thinking about those who don’t know it’s dangerous.
I’m concerned that the normally very good Gmail filters didn’t spot there was a problem, nor did OpenDNS, nor did my usual PC security suite, so I checked the domain name against email blacklists – came up clean.
I’d had a similar incident a couple of weeks ago with the link going to a different domain, so I ran the blacklist check on that too – no blacklisting reports. Netcraft gives that link from 2 weeks ago a high risk rating, but Netcraft base their assessment on “…site longevity, hosting location and historical trends” (the site was only set up in July 2012) rather than stronger danger signals.
It looks to me as if these domains have been hacked, but rather than vandalise them the hacker has buried some malware deep in their directory structure and is then directing traffic there. The website owner is probably unaware – or perhaps pleased because he’s seeing a boost in web site visitor numbers, perhaps congratulating his SEO…
So my question: does anyone know of any effective and safe way of checking those links and of any good reporting mechanisms.