Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go
-->

TRUSTe Certified Websites May Still Contain Malware

Web sites labeled with the TRUSTe certificate that assures the site's security have more chances of hosting malware or malicious code than Web sites without security certificates, alleges spyware and adware researcher Ben Edelman. Net-security published this on March 28, 2007.

An independently working certification authority, TRUSTe issues 'security certificates' to secured websites. The certificate therefore helps businesses and consumers to recognize legitimate online organizations via the authority's Web Privacy Seal, E-mail Privacy Seal, and Trusted Download Programs. There are 2,000 or more Web sites under the certification of TRUSTe, some of which are AOL, IBM, Oracle, Intuit, eBay and Microsoft. TRUSTe also settles numerous privacy disputes round the year. One can visit www.truste.org to educate himself / herself about online privacy, reported Webknowhow in the first week of March.

Edelman further said in his recent report that Direct Revenue and Webhancer, providers of adware had featured their sites with TRUSTe certificates to try and appear more legitimate than they actually are. The New York Attorney General is conducting a legal action against Direct Revenue for spreading its adware program. Edelman also said that users often do not realize when Webhancer gets installed on their PCs.

The independent certifying authorities verify if the website's operator complies with the privacy guidelines. If a site meets the criteria it can then display the TRUSTe logo on its pages.

Websites wanting to push malware and adware often seek such certificates to hide their deception. In his research Edelman analyzed a comparison between TRUSTe certified websites with a number of websites hosting viruses, spam, spyware and online scams. From his sample of 500,000 websites, Edelman determined the TRUSTe certified sites and assessed them for malicious software and drew the conclusion that there is no incentive for TRUSTe to adequately verify privacy standards' compliance.

TRUSTe disagreed with Edelman saying that its certification process was thorough and specific. Further, it challenged Edelman in that blacklist does not provide an accurate analysis of websites considered untrustworthy.

TRUSTe noted that it no longer certified Direct Revenue. Also, it has asked Webhancer to surrender its software for an assessment for fresh certification.

Related article: Targeted Attacks Replace Mass Outbreaks

» SPAMfighter News - 06-04-2007

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next