McAfee SiteAdvisor

SiteAdvisor Site Ratings Policies

Thanks for your interest in SiteAdvisor technology. Here you will find details about what SiteAdvisor software does, how we rate sites and how, as a site owner, you can dispute a rating. Click on the headlines below to learn more.

 

• What Is McAfee SiteAdvisor software?
• What Is a SiteAdvisor Site Rating?
• Why Is a Site Rated Red?
• Why Is a Site Rated Yellow?
• Why Is a Site Rated Gray?
• What Is Rated? How Is It Rated?
• Downloads
• E-mail practices
• Browser Exploits
• Annoyances
• E-Commerce
• Links (online affiliations)
• How site owners can dispute a site rating?
• How do you submit a site rating dispute?
• How will McAfee evaluate the dispute?
• How long will the evaluation process take?
• What happens after the evaluation is done? When will my site's rating change?
• How long does this re-assessment period last?
• How can I contact McAfee?

 

What Is McAfee SiteAdvisor software?

SiteAdvisor software is an award-winning, free browser plug-in that gives advice about Websites before you click on a risky site.

With SiteAdvisor software installed, browsers will look a little different than before. We add small site rating icons to search results as well as a browser button and optional search box. Together, these alert users to potentially risky sites and help them find safer alternatives.

These site ratings are based on tests conducted by McAfee using an army of computers that look for all kinds of threats. The result is a guide to Web safety.

The SiteAdvisor technology is free, easy to install and even easier to use. And it doesn't collect any personally identifiable information.

What Is a SiteAdvisor Site Rating?

A site rating is our opinion of a website's reputation. The site rating is based on our interpretation of a variety of test results that provide the best indication of a site's reputation over time.

We test sites for downloads, browser exploits, e-mail, phishing, e-commerce, pop-ups and cookies and affiliations with other sites.

We use proprietary techniques to visit and test sites. We then analyze the resulting data and present it to users in the form of colored icons.

Very low or no risk issues found.

Minor risk issues found.

Serious risk issues found.

Not yet rated. Use caution.

Detailed information about our test results can be found on each site's profile page which can be accessed at http://www.siteadvisor.com/sites/.

Why Is a Site Rated Red?

Sites are rated red when, in our judgment, the site poses especially hazardous risks to a user's computer security, there are an exceptional number of annoying behaviors, or there is exceptional information that we believe our users would want to be aware of before or during a visit to that site. Behaviors that typically lead to red site ratings are hosting drive-by exploit code, impersonating a legitimate business (phishing), making unrequested or unexpected system changes, or hosting malware for download at the time of our visit. Sites can also be rated red when we receive unexpected e-mail to the unique e-mail address we submitted to that site, and the e-mails we receive exhibit characteristics consistent with spam e-mail, such as unusual volume or a high "spamminess" score as determined by an automated scanning program. Additionally, we may rate a site red for certain types of linking behavior with other red sites, or when we find a site that engages in activities we believe could be misleading.

Site ratings are calculated automatically based on McAfee's opinion of the risks associated with the results of the tests performed on a site. The rating is not intended to measure the site owner's intent or knowledge. For example, a site that posts the e-mail addresses of its users in plain text, even though unintentionally and without any spam e-mail being received, can earn a red rating because of the increased risk this behavior poses to users to receive spam. Similarly, a site with numerous links to sites with red site ratings, even though the site owner may be unaware of the risk profile of those linked sites, can earn a red rating because of the increased risk to users to visit potentially dangerous sites or to download dangerous programs.

Why Is a Site Rated Yellow?

Sites are rated yellow when, in our judgment, the site exhibits behaviors or has a history that we believe SiteAdvisor users would want to be aware of before or during a visit to that site. However, for yellow sites these factors are not as acutely severe as they are for a red site, or there are other mitigating factors that weigh in favor of a yellow rather than a red rating.

Why Is a Site Rated Gray?

Sites are rated gray when we either have no evidence or are currently collecting evidence about a site. If you would like your site to be tested, please submit your request on our feedback form by clicking here.

What Is Rated? How Is It Rated?

We test seven attributes of a site. Red, yellow, and green scores are computed from the outcome of these tests.

Downloads

We test downloadable software that is hosted by and directly linked to from a site. We use our award-winning McAfee anti-virus engine to determine if the file includes malware, such as viruses, Trojans or adware. We also test for program behaviors that we deem to be risky or merit a cautionary note. Behaviors can include resetting the browser's home page, adding toolbars or desktop shortcuts or contacting 3^rd party Web servers. Based on these results, we score the site's downloads accordingly.

E-mail practices

We test sites for a variety of e-mail practices including the amount and type of e-mail resulting from a sign up, the ease of unsubscribing and the posting of e-mail addresses.

Receiving Mail: We test receiving mail by entering a valid, unique personal e-mail address into a site's e-mail form. Then we measure any mail that is received at this unique address. We score the site according to the quantity of mail received as well as the "spamminess" of those e-mails. Spamminess is a measure of the mail's commercial content, as well as the presence of tricks used by spammers to try to escape detection by spam filters.

Browser Exploits

We perform tests to detect the presence of exploits on a site. An exploit is any content that forces a web browser to perform operations that the user does not explicitly intend.

Annoyances

When we visit a site, we record how many pop-ups occur and how many cookies we receive. In addition, we monitor prompts to change a browser's home and search page settings.The presence or cookies is only noted. Cookies do not affect a site's score.

E-Commerce

McAfee tests sites for the following e-commerce issues.

Phishing: We use proprietary, award-winning real-time phishing software to evaluate whether the site in question is attempting to mimic a legitimate business or financial institution.

Scams: We use a variety of criteria to determine whether a site in question is engaged in questionable business practices, such as selling rogue anti-spyware.

Links (online affiliations)

We collect information about the URL links posted on a site to determine whether the site is affiliated or effectively directing traffic to another site. We rate a site based on our estimation of the risk users could experience if they used these links to be led to other risky sites.

How site owners can dispute a site rating?

McAfee welcomes feedback about its site ratings and encourages site owners to contact us if they believe one or more of our facts regarding their site are in error. We pledge to work cooperatively with those site owners and to respond reasonably to dispute inquiries as quickly as possible. What follows is a description of the site rating dispute process.

How do you submit a site rating dispute?

To begin, please submit your rating dispute via email at support@siteadvisor.com or online.

http://www.siteadvisor.com/userfeedback.html

During the evaluation of this dispute, McAfee communicates with site owners via e-mail.

How will McAfee evaluate the dispute?

McAfee will acknowledge your dispute via e-mail and begin to evaluate the concerns you raise.

Our evaluation can go quicker if you include details about your dispute. For example, let us know what parts of our test results you are disputing and why you are disputing them. You should review the profile of your site’s test results by searching for it here: http://www.siteadvisor.com/sites/.

Disagreements with site owners typically fall into two categories. The first kind can be described as "Our site never did what you say it does." The second kind can be described as "Our site no longer does what it used to do."

There are many different cases, but here are two typical examples:

• A site owner says that the file he offers for download is not a virus.
• A site owner says that his site no longer offers the download we found in our previous test, or that the behavior of download itself has been modified.

How long will the evaluation process take?

McAfee will acknowledge your dispute within one business day of receipt. We will initiate an evaluation within five business days.

Once started, evaluations will typically be completed within the following time frames:

• Claims that a site has changed: Five business days once the evaluation is begun.
• Exception: E-mail practices. Evaluating changed e-mail practices takes 60 calendar days once the evaluation is begun because we must give our new test e-mail address significant time to see what kind of e-mail it receives, if any.
• Claims that McAfee made a mistake: 10 business days once the evaluation is begun.

What happens after the evaluation is done? When will my site's rating change?

McAfee will e-mail the site owner to share the results of its evaluation.

If our evaluation confirms that our test data was in error, the site's rating will be changed within one business day after we complete our evaluation.

Please note that in some cases, the overall rating for a site might remain red or yellow even if one of the test results used for that rating was wrong. For example, a site with multiple, red rated downloads will remain red even if one of those download ratings is found to be mistaken.

Sites that were accurately rated red or yellow as a result of our previous tests but have now improved will undergo a re-assessment period before the site rating is changed.

How long does this re-assessment period last?

The re-assessment period can vary from as few as 10 calendar days to as many as 365 calendar days. The length of this period depends on the site's historical test information and the severity of the issues we found during those previous tests.

For example, sites that were rated red or yellow and have no history of risky behaviors will "go green" faster than sites that have been rated red or yellow multiple times. Sites that re-engage in a behavior that we believe is risky will "go green" slower the next time. Sites that engage in particularly risky behavior like hosting exploit code will also "go green" more slowly.

There are many different cases, but here is a typical example:

• A site that is rated red for the first time for posting links to a few red rated downloads disputes their site rating and removes the links. The site rating could become green in as few as 10 days after our tests show that the links are gone and no other issues are discovered.
• If a subsequent test of that site finds new links to red rated downloads or finds other risky behaviors, the site rating will remain red for at least 30 days after our tests show that the links and other risky behaviors have been removed.

How can I contact McAfee?

Site owners are welcome to e-mail support@siteadvisor.com. E-mail inquiries will result in a "ticket" being created and assigned to a technical support representative. This representative will direct the site owner to begin the dispute resolution process by submitting his complaint at http://www.siteadvisor.com/userfeedback.html.

The fastest and best way to check on the status of a dispute, submit additional information or express additional concerns is by e-mailing your technical support representative.