workie writes: Using data derived from website infections, RescueTheWeb.org has found several interesting link spam architectures. One architecture is where concentric layers of hijacked websites are used to increase the page rank and breadth of reach (within search engine search results) of scam sites. The outer layers link to the inner layers, eventually linking to a site that redirects the user to the scam site. Another architecture involves hijacked sites that redirect the user to fake copies of Google, having the appearance that the visitor is still within Google, but in reality they are on a Google look alike that contains only nefarious links.
workie writes: The health of the Web ecosystem depends on all it's participating websites. Yet, with the high number of website application insecurities (http://www.scmagazineus.com/web-apps-account-for-80-percent-of-internet-vulnerabilities/article/129027/) and the increase in website hacking (http://www.darkreading.com/document.asp?doc_id=148143&WT.svl=news1_2, http://www.guardian.co.uk/world/2008/nov/20/america-china-hacking-security-obama, and http://www.breach.com/resources/whitepapers/downloads/WP_TheWebHackingIncidents-2009.pdf), how could an average website owner know if their website is helping or hurting their customers and the Internet as a whole? Now a new non-profit entity (http://www.rescuetheweb.org/) has formed to find websites that have already been hacked, are leaking information, or are using highly vulnerable software. The entity then notifies the website owner and asks them to upgrade their website to more secure software or remove the leaked information.