http://www.siteadvisor.com/sites/www.jwaala.com
How can we determine what it is that is causing mcafee siteadvisor to flag our site as "Use with extreme caution".
We are not spam/porn/etc or anything bad. This is causing us some serious problems.
-- Thank you
Tom K3TG is right, I'm afraid, you'll have to contact either SiteAdvisor or TrustedSource (the link Tom provided also covers TrustedSource).
You're an established site, I looked you up. You even got a write-up last year as a Microsoft Case Study. However, according to Trusted Source yours is now a Malicious Site, and given that Jwaala "provides online personal finance management solutions for banks and credit unions" it is possible that your site has somehow been compromised. As a financial site it would be a prime target for hackers and malware distributors.
As a quick check I ran your site through Sucuri, and it came back with the following warning :
- and the mention of WordPress rang an alarm bell. I checked back through the last week's reports of trouble and found this article detailing an attack on WordPress sites :
"A few days ago, hundreds of websites, based on WordPress 3.2.1, were compromised. The attacker uploaded an HTML page to the standard Uploads folder and that page redirects the user to the Phoenix Exploit Kit. Its logs show that users from at least four hundred compromised sites were redirected to Phoenix exploit pages ...."
Your site is almost certainly one of those compromised sites, and if so having an out-of-date version of WordPress would have been the reason the attack succeeded.
The subject is also analyzed in an article by Websense ("3-2-1 Wordpress vulnerability leads to possible new exploit kit") which has this to say :
The number of Web pages running the vulnerable, targeted version of Word Press 3.2.1 is in the hundreds of thousands. It is unknown at this time how the attackers are choosing which sites to infect.
What To Do If You Are Running WordPress 3.2.1
If you're running WordPress 3.2.1, we recommend that:
- You upgrade to the latest stable version of WordPress.
- Check the source code of all your Web pages to see if you've been infected (see the code above). If you have been infected, be sure to upgrade WordPress while simultaneously removing the injected code so that your Web pages aren't simply being reinfected after being cleaned.
I suggest you read through the articles linked to above, and then check your site code to see if any of the injection code highlighted in the articles is present anywhere, before contacting TrustedSource. If you can confirm that your site is clean then it should be relatively easy to retest and re-rate it.
Message was edited by: Hayton on 04/02/12 05:50:24 GMT
Message was edited by: Hayton - Jive lost the Sucuri screenshot image - on 06/02/12 12:29:53 GMTNew to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.
Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership: