Select Website 

Recruitment Directory's Blog - Australia's #1 Recruitment Technology Blog!

Back to Menu Back to Menu

How secure is your Recruitment website? Part 3 - Hidden iframe injection

Posted By: Thomas Shaw, 6:06pm Thursday 18 June 2009    Print Article

A new malware attack has been making the rounds recently. It has infected a number of recruitment web sites, job boards and hosting servers. If you suddenly find that your website is triggering your anti-virus software and flagging it as a “dangerous site”, the culprit may be the hidden iframe injection hack.

These types of attacks can cause great harm to your website’s reputation as people are unlikely to ignore the stern warning. Often site owners are bemused as to why this is happening. What is causing their sites to behave in this way and as the webmaster what can you do to remove the warnings from the search results?

In the majority of cases the warning results because hackers have injected code into your website code. This is usually in the form of an iframe, or a web-page within a web-page. To avoid detection, the iframe is made to have a size of 1px, and is then set to be invisible using CSS.

Most malicious domains used in this attack, are blacklisted by Google. And if your site is infected it may also be blacklisted. The Safe Browsing diagnostic page in this case will say something like:

"Malicious software is hosted on 1 domain(s), including..."

If your site becomes infected, contact both your webmaster and your hosting company immediately.

If your website is ever flaged as malicious here are some steps to fix it and resubmit for validation.
  1. Start with your own computer. Scan it with anti-virus and anti-spyware tools.
  2. Once you are sure your computer is clean, change all site passwords - computer, server, website, network.
  3. Keep the new passwords secure. Don’t use auto-upload features of your web site editors. Enter passwords every time you upload new content instead. Use SFTP instead of FTP if possible.
  4. Remove the malicious code (the iframes code) from the infected files on the server. The easiest way to do it is upload a clean backed up version.
  5. Check the server, directory and file permissions. Make sure your settings are correct!
  6. Scan your server directories for any new/suspicious files (don’t forget to check hidden files). Remove anything that should not be there.
  7. If your site was flagged by Google, request a malware review via Webmaster Tools. (read this blog post)
  8. Regularly check your site with diagnostics tools to be sure your site is clean.

Did you know that Twitter checks all URLs before allowing you to post?

Article URL:

Article Tags: virus ahri iframe injection malicious code recruitment websites job board security hacking insecure twitter malware

Comments Hide Comments (0)

Feel free to join in on the conversation. All comments are moderated before publishing. Comments posted by subscribers don't necessarily reflect the views of Recruitment Directory.

Your Name: * Required
Your Email Address: * Required
Website URL:
Comments: * Required
Enter the code you see in the image above (case sensitive). Click on the image to refresh it.

Back to Menu Back to Menu

Random Blog Articles

Has MyCareer closed it's Melbourne office?
Published: 8:54am Thursday 11 December 2008

No one wants to follow your Recruitment Agency on Twitter
Published: 10:00pm Thursday 08 October 2009

Google Keyboard Shortcuts
Published: 10:54am Tuesday 31 March 2009

Graduate Program Wizard
Published: 12:06pm Thursday 05 March 2009

Secure your website!!!
Published: 8:00pm Monday 15 December 2008