If you’ve tried and failed to get onto some of your favorite coupon blogs today, you may have wondered if your hunt for coupons ended with your computer picking up a virus.
Escalate Network, a third-party ad network that provides printable coupon links to thousands of websites (including Coupons in the News), was identified by Google earlier today as being “a known malware distributor”. That resulted in a warning screen being shown to users trying to access any webpage that included Escalate content. Google Chrome users appeared to be most affected, though Firefox and Safari also use Google’s Safe Browsing service to check whether various websites, or those that they service, are infected sites.
Unless you bypassed the warning screen (“at your own risk”, the warning read), readers trying to access some of the internet’s largest coupon sites, including those run by The Krazy Coupon Lady, JillCataldo.com and yours truly, were unable to visit for much of the day – and were no doubt wondering what was going on. Many sites have since disabled Escalate links, though it’s not been easy for some. “I have Escalate images for Coupons.com in literally hundreds of posts,” writes Mashup Mom, “so it’s not an easy matter to remove them all while waiting for them to resolve their issue with Google.”
In an email to affiliates, Escalate says they have checked and verified that there is no malware on their sites, and they are working with Google to remove the warnings. “We will continue to work through the night,” their email says, “and find out why this happened and put measures in place to ensure it never happens again.”
If the warnings are, in fact, false positives, that’s nothing unique to Escalate. It happened to one of the world’s biggest websites just the other day. Google Chrome users who tried to access any one of millions of Twitter pages that used the TwitPic service, saw the malware warning page. It was TwitPic that Google identified as being the source of the malware, though TwitPic insisted it found none, and service was eventually restored.
So is Google’s Safe Browsing service just a little oversensitive in turning up so many false positives? Perhaps not. A malware expert known as “RedLeg” says the service may be smarter than we think. “While I certainly believe it is technically possible that Google’s malware detection process could result in a false positive,” RedLeg writes, he found that “in a little over 1500 posts (to an internet help forum) where the site owner felt it was a false positive, each and every site did in fact contain malware.”
While Escalate and Google continue to investigate whether this case is a false positive, or a well-hidden hack of Escalate’s website, Escalate is currently moving all of its third-party services to a different domain. That should at least resolve any immediate issues you’re having with getting onto your regular coupon sites. How long it will take for the larger issue to be resolved, no one knows. “Like many of you,” Escalate’s email to affiliates concludes, “we’re at Google’s mercy.”
Escalate reported early Friday that the malware warnings are now gone. “At no point today were any of your visitors at risk of being infected by any malicious software,” they assure. They’re still trying to determine why Google issued the malware warning in the first place, but they say “we are very confident no malware exists on any of our sites.” Links to Escalate-hosted content are safe to click, but for the time being, you may continue to see broken link images of printable coupons on this site and others, until Escalate completes its work moving them to a different domain.