Check Website
Inclusion Status
It is currently Fri Sep 22, 2017 9:40 am

All times are UTC




Post new topic Reply to topic  [ 1 post ] 
Author Message
 Post subject: How does a site get the FSA classification?
PostPosted: Tue Jul 21, 2009 8:19 pm 
Offline
Site Admin

Joined: Thu May 28, 2009 10:25 am
Posts: 6000
I've just received an e-mail asking how I determine whether or not a site gets the FSA classification, so thought I'd post the answer I sent them, incase anyone else was wondering.

Quote:
FSA classification is assigned to sites that fit one or more of the following criteria;

1. Using misleading means to peddle their products (e.g. claiming the product is free, when in actuality, it's just a free scan)

2. Not keeping their affiliates under control (i.e. those affiliates spamming, using BlackHat SEO, or otherwise misleading users)

This particular one is known to be controversial, but as I keep telling companies that complain - if you're going to have affiliates, it is YOUR responsibility to monitor them. We shouldn't have to do it for you, and aren't getting paid to do it for you.

3. Site is residing on a known malicious IP block

Software specific

4. Using deliberate F/P's that require payment to remove
5. Claiming threats were found that need payment to remove, when they aren't threats

For #4, an excellent example would be those rogues that claim threats were found when in actuality, they're just cookies

6. Claiming problems were found that need payment to remove, when in actuality, removal of such would lead to an unstable system and/or contrary to the claim, would not actually improve the systems performance (these tactics are used by a slew of bogus registry cleaners for example).

7. Require payment via the "infected" computer (requiring the user pay for removal from the machine, after you've just told them it is infected, is extremely bad ethics, and dangerous as it then leaves them open to identity theft for a start)

8. Software being installed via drive-by, exploits or other malware (such is the case with a slew of the worst rogues available at present)

9. Has at least one clone, for example;

http://www.malwarebytes.org/forums/inde ... opic=15264

10. Begins scanning immediately after loading, instead of going to options or such, options which would likely have allowed the reduction of false positive detection

11. Does not provide for a log of the results to be saved (this must be combined with one of the above as it obviously couldn't be a determination on it's own)

12. After receiving payment from the victim either does not provide the keys it is supposed to, or does not remove the threats it claimed it detected (this is why I recommend companies offer a fully functional free trial instead), or as was the case with one we came across, does not remove the threats that the companies site/blog guaranteed it could remove.

_________________
Regards
Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

Keeping it FREE!



IP:
top
Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ] 

All times are UTC


Who is online

Users browsing this forum: No registered users and 0 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
hpHosts and hpHosts Online are copyright © Malwarebytes Corp - All Rights Reserved

Powered by phpBB © 2000-2009 phpBB Group