McAfee® SiteAdvisor™ Site Rating Explanation
What Is a SiteAdvisor Site Rating?
The McAfee SiteAdvisor ("SiteAdvisor") site rating is our opinion of a website's reputation. The site rating is based on a variety of attributes that, in our judgment, provide the best indication of a site's reputation over time, including downloads, browser exploits, e-mail, affiliations with other sites, and pop-ups.
We use proprietary data collection and analysis techniques to visit sites and gather information about a web site's behavior. As explained below, results from the data collection process for each site are posted on the site's SiteAdvisor dossier page.
The SiteAdvisor site rating reflects our interpretation of the data collected. The site rating lets users know if there are potential issues before and during their visit to a website. The site rating is especially useful for users considering visits to unfamiliar sites.
Why Is a Site Rated Red?
Sites are rated red when, in our judgment, the site poses especially hazardous risks to a user's computer security, there are an exceptional number of annoying behaviors, or there is exceptional information that we believe SiteAdvisor users would want to be aware of before or during a visit to that site. Behaviors that typically lead to red site ratings are being a known malicious exploit or phishing site, making unrequested or unexpected system changes, or hosting malware for download at the time of our visit. Sites can also be rated red when we receive unexpected e-mail(s) to the unique e-mail address we submitted to that site, and the e-mails we receive exhibit characteristics consistent with spam e-mail, such as unusual volume or a high “spamminess” score as determined by an automated scanning program. Additionally, we may rate a site red for certain types of linking behavior with other red sites, or when we find a site that engages in activities we believe could be misleading.
Why Is a Site Rated Yellow?
Sites are rated yellow when, in our judgment, the site exhibits behaviors or has a history that we believe SiteAdvisor users would want to be aware of before or during a visit to that site. However, for yellow sites these factors are not as acutely severe as they are for a red site, or there are other mitigating factors that weigh in favor of a yellow rather than a red rating.
Why Is a Site Rated Gray?
Sites are rated gray when we either have no evidence or are currently collecting evidence about a site. If you would like your site to be tested, please submit your request on our feedback form located at http://www.siteadvisor.com/userfeedback.html.
Site Dossiers
Aside from behavioral aspects of a site such as pop-ups and spam, we present certain details on a dossier page for each site that we test, at http://www.siteadvisor.com/. SiteAdvisor dossiers typically list a sampling of specific downloads found on the site, whether those downloads are classified as malware, and how they are rated. SiteAdvisor dossiers include a sampling of headers from e-mails it received at the e-mail address submitted to the site, and how those emails scored for spam-like behavior (their "spamminess"). The dossier also provides a sample of the links it found to other sites and indicates the SiteAdvisor site rating for those sites.
We may provide further comments or information regarding a site rating in a SiteAdvisor Staff Comment section, and there is always a section where SiteAdvisor users can provide their own comments and insight regarding their experiences with the site. Site owners can also provide comments in the web site–owner section.
SiteAdvisor Dispute Resolution Process
The SiteAdvisor Dispute Resolution Process is available at http://www.siteadvisor.com/disputeresolution.html.
What and How SiteAdvisor Rates
SiteAdvisor pays specific attention to the following seven attributes of a site. While reviewing attributes that affect these areas, SiteAdvisor performs specific tests to garner information regarding these attributes. The red, yellow, and gray scores are computed from the outcome of these tests.
Browser Exploits
Exploits: We perform tests using our proprietary behavioral automation tools to detect the presence of exploits on a site. An exploit is any content that forces a web browser to perform operations that the user does not explicitly intend.
Links (online affiliations)
Link Pervasiveness: SiteAdvisor performs a statistical analysis on the URL links that join one site to another. Depending on a set of statistical rules, we can determine that a site is unofficially “affiliated” with another site and is effectively directing the latter’s traffic.
Downloads
Malware: To look for malware, we perform tests on the binaries hosted and directly linked on a site. If malware is present, it is classified according to our award-winning McAfee anti-virus engine. Ratings are also based on program behavior. This classification is scored accordingly, and we perform statistical operations to determine a site's rating.
E-mail practices
Receiving Mail: We first enter a valid, unique personal email address into a site’s form. Then we measure any mail that is received at this unique address. We score the site according to the quantity of mail received as well as the "spamminess" of those e-mails. A statistical analysis of this collected data helps us determine the score.
Unsubscribe: If we receive e-mail at an address submitted to a site, we try to unsubscribe. If unsubscribing is not successful after several tries, the site is rated accordingly.
Posting e-mail addresses: SiteAdvisor enters a unique set of valid personal contact information into a form on a web site. We then see whether that e-mail is posted on the Internet in its unaltered form. We also measure if the posting results in our receiving spam from this data.
Annoyances
Pop-ups: We record how many pop-ups occur when we visit each site that we test. We perform a statistical analysis to appropriately rate this area of our tests.
Browser change requests: We also monitor prompts to change a browser’s home and search page settings when visiting a site.
Commerce
Phishing: We use our proprietary and award-winning McAfee real-time phishing content to provide phishing protection to our users.
Scam: SiteAdvisor establishes objective tests as well as a series of control groups and the scope of the tests to be performed. Evidence is collected from a set of established tests, and sites are rated accordingly.