SECURITY TOPICS

Malware Scanning

Malware is short for malicious software and also known as malicious code. Hackers exploit security weaknesses on your server to gain access to your website and install malicious code.

What is Malware & How Do I Prevent Becoming A Target

Malware uses your website to spread viruses, hijack computers, and steal sensitive data such as credit card numbers or other personal information. Malware code is not easily detected and may infect your customers’ computers when they visit your website.

 

A typical website (even the simplest blog) may have thousands of potential vulnerabilities. By using vulnerability assessment to identify the most critical vulnerabilities for correction, you may reduce the risk of hackers finding your site and attacking it. Symantec SSL Certificates include daily scans for website malware and automatic weekly scans that look for vulnerabilities that hackers most commonly exploit. (Compare SSL Certificates for details).

Website Security

Website Vulnerabilities

How Do I Know If My Website is Free of Malware?

Malicious code is hidden in the source code of your website and can be difficult to detect without line-by-line analysis. Some malware is activated by the display of a page and may not be detected without behavioral analysis of your code using a browser simulator. When you protect your website with a Symantec SSL Certificate, we include a free daily malware scanning service for your public web pages. If malware is detected, you will be directed to a list of infected pages and notified of the code causing the problem. Once you have deleted all instances of the code, you can request that your site be rescanned within 24 hours.

What Does the Service Scan?

The daily website malware scanning service scans the website code located at the hostname used in the SSL certificate, including javascript and iframes. The service completes a static analysis of website code as well as behavioral analysis through a browser simulation to find code that may be activated by display of a page. The service does not scan every web page on your website, but reviews an optimal number of pages to identify malicious activity. It does not scan your network or search for malware on internal desktop computers or scan attachments or internal web pages that require sign-in.

What Happens if Malware is Detected on My Website?

If malware is discovered, you receive an email alert warning you of the malware infection with instructions to access the scan results within your Symantec Trust Center account or your Symantec Managed PKI for SSL console. The Website Security Services tab shows a list of infected pages and the code causing the problem. You or your website administrator can find and delete all instances of the malware and request that your site be rescanned within 24 hours.

When Does the Scanning Service Begin?

The website malware scanning service is activated automatically when your business has been authenticated. There is nothing to download or install for you or your customers. If you decide that you do not want your website protected by a daily website malware scan, simply sign in to the Symantec Trust Center or Symantec Managed PKI for SSL console to deactivate scanning.

Scanning Occurs by Domain Name

Scanning occurs by host name. You may have many servers, each one secured by a unique SSL certificate and all of them providing content to a single hostname. The scan is of the html pages located at the hostname, not the servers themselves. As long as you have one active SSL certificate with the hostname, malware scanning is activated. If you decide that you do not want your website protected by a daily malware scan, simply sign-in to the Symantec Trust Center or Symantec Managed PKI for SSL console to deactivate scanning of the hostname.

Can I Customize the Website Malware Scan?

Malware scanning may be turned on or off by signing in to your Symantec Trust Center account and clicking the Malware tab or signing into your Symantec Managed PKI for SSL console. Specific pages or sections of your website cannot be targeted.

Does this Replace My Enterprise Scanning Solution?

No. Symantec's website malware scan is designed to provide additional assurance to business owners and their customers that the site is regularly checked for malicious code. Traditional anti-malware software focuses on the end point: the desktop. Most enterprise scanning solutions are designed to protect employees from downloading or installing malware rather than protecting the company’s website from distributing malware.

What Does Blacklisted Mean?

Because of the potential damage caused by malware, Google, Yahoo, Bing, and other search engines scan and then blacklist or exclude any site found with malware. If your site is blacklisted, it may be blocked entirely or flagged with a security alert to discourage click through. In addition, anti-virus plug-ins to popular browsers can detect malware and block access to infected sites.

How Can I Protect My Site From Malware?

Like most thieves, malware hackers look for easy targets—such as a website where malware will go undetected for as long as possible. Posting the Norton Secured Seal on your website is like posting an alarm security sign in your front window. It shows hackers that your site is scanned daily to detect malware.

Website Threats For Dummies

Making Everything Easier!

Welcome to the Website Threats For Dummies

Symantec Special Edition, your guide to the different ways criminals can attack your website. This book can help you protect your website and, in turn, your business.

DUMMIES GUIDE
Vulnerability Assessment

Vulnerability Assessment

A vulnerability is a potential entry point through which a website’s functionality or data can be damaged, downloaded, or manipulated. A typical website (even the simplest blog) may have thousands of potential vulnerabilities.

Continue Reading

Samsam May Signal New Target

Samsam May Signal New Target

A new crypto-ransomware variant may indicate a shift towards targeting businesses with malware that encrypts their files.

Continue Reading

The Difference Between a Virus, Worm and Trojan Horse

The Difference Between a Virus, Worm and Trojan Horse

While the words Trojan, worm and virus are often used interchangeably, they are not the same.

Continue Reading

USE CASES

Symantec Website Security Solutions In The Real World

Join the Community

Join the Symantec discussion on Symantec Connect

SYMANTEC CONNECT

Follow Threat Intelligence on Twitter @Threatintel

SYMANTEC ON TWITTER

Watch videos on the Symantec Website Security YouTube Channel

SYMANTEC ON YOUTUBE