McAfee SiteAdvisor Red Site My Story

I found out from one of my customers that they couldn’t access my site. I asked them why that was and they said McAfee Siteadvisor wouldn’t let them in because I had a red mark against my site.

As I wasn’t aware of this I did some research and sure enough if you go to siteadvisor.com and key in the site in question there is a big red “no entry” sign against the site. It also said that the site was downloading spyware onto peoples’ pcs.

Well I knew of a small issue when a cpanel exploit was around and there was a iframe download on the site but I cleared that up straight away - and in any case, this was a 6 year old site with no history of wrong doing.

So why did siteadvisor provide a red rating on the site and why wasn’t I told ?

Well I trawled the siteadvisor site trying to find who I could contact and after about an hour I found an email address at complaints@siteadvisor.com so I duly fired off an email asking what was going on and why they were stopping people coming to my website.

While I waited for a reply I went back to the siteadvisor page and saw that you could write comments about your site if you were the site owner. So I duly downloaded a specific piece of code onto my site, got it verified and put up my comments.

A few days later I had not had an email reply so I sent another email. Additionally the comments on my siteadvisor page had been deleted without any mention to myself by a siteadvisor employee.

As nothing was happening and they didn’t want to discuss anything with me I tracked down McAfee on the Better Business Bureau. They were very fast and within 24 hours a charming customer services rep. got in touch by the name of Kimberley (Kimberly_Smith@McAfee.com) - she said she could help. Unfortunately nothing really happened except I did get an email from a real live siteadvisor employee by the name of Jonathan (Jonathan_Cohen@McAfee.com) who basically told me what I already knew. But he did state I would be back in the green zone within 10 days.

I replied 10 times to his email requesting further information and anyone who could help me. I replied to Kimiberley and Jonathan but no response which said what could be done.

10 days had also past and I was still in the red.

But a week later an Attourney emailed me by the name of Warren (Warren_Nickerson@Avertlabs.com) - He basically said the same thing that other McAfee employees had told me. I had an exploit (yes, we know that) and siteadvisor would turn me green after some time (yes I know that too, but 10 days is turning into lengthly weeks) and that siteadvisor does not stop people visiting the site.

Well let’s just take this last point.

If your site is green, nothing happens. Siteadvisor does not pop up and say “this site is OK, go ahead and browse” but if you are red it doesn’t go through to the site it says in red bold letters “this site made unauthorised changes to our test pc” with a BIG RED CIRCLE AND WHITE CROSS THROUGH IT

There is no link to my site either such as “please progress to the site by following this link” - so despite what siteadvisor state, they are stopping people accessing the site.

As no particular progress was being made I copied Kimberley, Warren and Jonathan again to ask what was being done. Eventually Warren replied that it could be weeks to change over to green and that I had not said what I was doing to stop the exploit happening again.

Woah, hold on. I had explicitly emailed Jonathan 2 weeks previously to say what had happened. Ie: this was a known cpanel exploit. Our monitoring software had spotted it as well as my forum moderators and we deleted it immediately. Additionally my host put in additionally security and cpanel had issued a patch to stop this happening in the future.

Because nothing was happening I thought, maybe I should email some of the McAfee management team to see if they could help. So I also emailed ‘George_Samenuk@McAfee.com’; ‘Kevin_Weiss@McAfee.com’; ‘Christopher_Bolin@McAfee.com’; ‘Parveen_Jain@McAfee.com’; ‘Larry_Mcintosh@McAfee.com’

This got a response but Warren also said “On another matter, you have already been notified that you are to send all correspondence to McAfee to me. Therefore you must immediately cease and desist sending harassing emails to all other McAfee employees, agents, or contractors. If you continue to send emails or make any other contact with McAfee that is not directed or sanctioned by myself, then McAfee will investigate its options to prevent further unwarranted and unauthorized contact with McAfee. “

This is quite threatening when all I was doing was to get my site back to the green status it deserved. I replied to Warren asking for the 5th time the CEO, host and legal department’s names and addresses so I could send them correspondence. I have again received no reply.

So where are we today ?

- site is still red

- no response on names and addresses

- no ability for recourse.

So check your site on McAfee siteadvisor to see if it’s red. See www.siteadvisor.com and check your site. If it is red and you are a legitimate business good luck in getting a response. I guess you should try and contact some of the people above and let me know if you get a response from McAfee Siteadvisor to change your red site into a green site on the internet.