Yahoo Partners With McAfee To Make Search More Secure

Following Google's lead, Yahoo is moving to make its search engine safer.

Yahoo and McAfee on Tuesday announced a partnership to integrate McAfee's SiteAdvisor technology with Yahoo Search. SiteAdvisor tracks Web site security issues, identifying sites associated with adware, malware, spyware, phishing, and spam.

The new SearchScan feature in Yahoo Search is a manifestation of the partnership. It provides red warning messages about the risks posed by Web sites that appear in Yahoo Search results lists.

Google began flagging risky search results in February 2007.

"Searching on the Web can present a minefield of spyware, malware, and other malicious sites that can cause serious harm to your PC and cost you valuable time and money," said Vish Makhijani, senior VP and general manager of Yahoo Search, in a blog post. "We are taking steps to make you feel safe when searching the Web -- warning you about dangerous sites before you click on them."

According to Makhijani, "No other search engine today offers you this level of warning before visiting sites. Period."

Citing a March 2008 survey conducted by marketing research services provider Decipher, Yahoo and McAfee claim that 65% of Americans online are more worried about clicking unsecured search listings than the threat of neighborhood crime, getting one's wallet stolen, or e-mail scams. Unfortunately, Decipher hasn't posted this survey online, making it harder to divine why so many people supposedly prefer being pistol-whipped and robbed to a malware infection.

Tim Dowling, VP of McAfee's Web security group, said that SearchScan tests for browser exploits, so it will detect sites where malware is delivered through online ads.

According to a Google security report published in February, 2% of malicious Web sites were delivering malware via advertising. Because ads tend to be placed on popular sites, searchers encounter them more often than their general prevalence suggests. "On average, 12% of the overall search results that returned landing pages were associated with malicious content due to unsafe ads," the report said.

Flagging such sites, however, is not without problems. Web sites penalized by McAfee's scarlet letter may see a drop in visitors despite the possibility that the fault may lie with the security of the site's ad syndication network rather than with the hosting site itself. Still, fear of such stigma may make site owners demand better security at ad networks, which would improve Internet safety for everyone.

It's something of a surprise to find Yahoo striking a deal with McAfee given that McAfee in May 2007 fingered Yahoo as the search engine with the greatest percentage of risky search results (5.4%). But perhaps having partnered with McAfee, Yahoo will fare better in McAfee's forthcoming 2008 State of Search Engine Safety survey.

Asked whether Yahoo's new relationship with McAfee represents a conflict of interest that might affect the search engine's ranking in McAfee's upcoming survey, Dowling replied, "It's hard to say whether there's a real conflict of interest. It's a pretty quantitative study." He added that due to Yahoo's commitment to cleaner search results, "I would expect Yahoo to be the safest search engine, or one of them."

Dowling said McAfee was running a bit behind in compiling the data for its 2008 search safety survey but did provide a preview: Sponsored search results are twice as likely to link to malicious sites as organic search results, he said. "The bad guys try to look good and Internet advertising is a way they can buy their way into a higher search result position," he said.

Dowling also said that search engines collectively serve 8 billion risky sites per month worldwide.