Here is a sobering statistic: On a daily basis, Google identifies about 9500 dangerous websites (nearly 300,000 per month!) — triple the number found only two years ago. Threats detected include sites which distribute malware and those involved with phishing for personal information. Niels Provos, a member of the Google security team, recently announced this through their blog.
Some of these websites have been taken over by criminals, while others were specifically created to distribute malware such as viruses and trojan horses to unsuspecting visitors. A growing concern is creation of websites appearing as commercial interests but are designed for “phishing”. That is, their intention is to lure Web visitors into submitting personal data about themselves, including credit card details. A sufficient amount of information about an individual could lead to financial loss and even identity theft.
Google admits that its search engine users receive, on a daily basis, a total of 12 to 14 million warnings alongside search results. Google recommends avoiding search results displayed with such warnings of potential risk and to return to the page only after the message no longer appears. Pages used in phishing attempts are often removed – sometimes within an hour of their detection. For the future, Google’s Safe Browsing team is now working on instantaneous phishing detection and download protection within Chrome; Chrome extension malware scanning.
This further supports our recommendation that Joomla website owners maintain their version and be diligent about applying security releases and patches to reduce the possibility of sites being compromised and used for malicious purposes. The result could be loss of business, but also a damaged reputation – which may be more difficult to rebuild.
The last stable update to Joomla was release 2.5.6, so please update your CMS.