In the last few days, there has apparently been a surge of badware-distributing web sites that trick search engines into thinking they’re legitimate. Researchers at Sunbelt Software first reported the gaming of Google results a few days ago, with articles following from the BBC, ComputerWorld, and others. Google* has reportedly removed the offending sites from its results, saying violations of its quality guidelines can lead to removal from its index. The gaming attacks have also affected other major search engines, though reports indicate the exploits on the malicious websites were coded to target only Google searchers.

The attacks were carried out on massive numbers of newly registered domains, apparently primarily hosted in the US but registered in China. Be suspicious of highly ranked search results that appear to be from a US-based site, but that link to a .cn (Chinese) or other national domain in the website’s address, and of websites whose addresses are entirely strings of random characters without any words or names. As always, an important part of protecting yourself online is keeping your software – including browsers, anti-virus and anti-spyware applications – up to date. If you suspect your computer may have been infected, check out our tips for badware removal.

* Note: Google is a StopBadware sponsor and partner.

Wired has an article about the U.S. government’s lack of a transparent, responsive process for individuals who are on the terrorist watch list to request removal if they are innocent. According to the article, even the process they do have, which only addresses a subset of the people affected, has resolved only half of its cases since February. Others are left confused, with little information about the process or the individual’s current status.

BBC columnist Bill Thompson recently raised questions about the responsiveness of StopBadware’s own review process that helps site owners flagged by Google get their sites removed from Google’s list. He even suggested that perhaps the authorities should be the ones keeping a URL blacklist and managing the appeals process.

Apart from the jurisdictional issues, which Mr. Thompson acknowledges as being a show-stopper, the example set by the U.S. government isn’t exactly an encouraging sign for the future of a government-run blacklist.

At StopBadware, we believe that transparency and responsiveness are key to the success of our efforts. This is why we explain our review process in our FAQ. It’s why anyone who submits a request for review of their site can return to our site at any time while the review is in progress to see its status. And it’s why the average time for a review to be completed is under three days (typically shorter for sites that are, in fact, clean when they are submitted for review and a bit longer for those that are not).

There’s still more to be done, of course. We encourage all security vendors and blacklist providers to offer a transparent and responsive process. We continue to improve our own process and communications to provide the most information as clearly and quickly as possible. And, over the next several months, we’ll be doing even more to involve the community in our efforts.

Meanwhile, millions of users are being protected from badware every day, all without the bureaucracy that often comes with government security efforts.

Traffic to StopBadware.org recently reached the one million unique visitors per month mark, a major milestone in our two-year history. The majority of our visitors come to us through Google’s warning pages, while many others find us through blog posts, articles, reports, and other references from around the web.

We are thrilled that the message is getting out that the internet community can work together to stop the spread of badware while protecting providers who are doing their part to keep their sites and applications safe.

We are especially grateful to those who, after their initial visit, have continued their involvement by joining our mailing list, reading our blog, telling their stories, and participating in our online discussion group. You are part of StopBadware and its success, and we will be offering new ways for you to contribute over the next several months.

Thank you all, and here’s to continued growth and, more importantly, continued success in stopping badware!

As our readers in the United States will know, this Thursday is the Thanksgiving holiday. StopBadware, along with the rest of Harvard University, will be closed Thursday and Friday this week in observance of the holiday. We will reopen on Monday, November 26.

For website owners concerned about their review requests, we recommend also logging in to Google’s Webmaster Tools console and filing an additional review request there. Also, don’t forget that the StopBadware discussion group can be a great resource if you’re having trouble discovering problems on your website.

For all of our readers who celebrate it, have a Happy Thanksgiving, and we’ll see you on Monday!

On a related note, PC World is reporting that website hacks, phishing, and other online scams are expected to rise with the kickoff of the holiday shopping season, so stay alert.