Identifying potentially harmful sites

Why label sites in this way? What does “this website may be harmful” mean?

Websites labelled like this contain malicious code that can be dangerous to the user. Allowing such code to run may lead to a computer becoming infected, the computer may be used without the knowledge of the owner, and valuable data can become corrupted or stolen. The malicious code is activated as soon as the user enters the site and goes unnoticed more often than not. Therefore the user may not notice for a long time that something isn't quite right with their computer.

I visited a site but my computer wasn't infected. Does this mean that it's safe?

There are often certain preconditions that must be present for malicious code to run, for example, a certain browser version, or the presence of specific programs on the computer. Not all users of the site will be adversely affected. However, the chances of infection from similar sites remain quite high, furthermore, you probably won't notice any harm being done to your computer.

Can this happen with any site? I know this site well, I'm sure that it's fine.

Malicious code can be present on a site not only because the owner wants it to be there, but it can also be present without his knowledge, because of hackers. To distribute malware as widely as possible hackers often attack other people's sites. If a site that you would normally consider to be safe is marked as dangerous, the site administrator is probably dealing with a problem. If this is your friend's site you should let him know about this because the presence of malware is not always obvious even to site administrators.

What if I really need to see some information on this site?

No one can prevent you from entering a site with suspicious code. However, you should remember that is it not safe for your computer. There is a high possibility that you will not notice the presence of malware on your computer after you enter the site. If you still decide to enter such a site, we strongly recommend that you have an up-to-date antivirus program installed on your computer.

How does Yandex know this site is harmful?

Yandex periodically checks the content of sites that appear on its search results. To determine whether harmful code is present or not, we use our own antivirus suite and our partner's product Sophos®.

What do you check, and how often do you check it?

Yandex checks the pages that appear in the search index. The frequency depends on the site. Therefore, information about the status of a site may not be fully up-to-date.

Where exactly is such malware to be found on the site?

As a rule, most pages on the site can be infected. Often, it is not possible to create a full list of infected pages. A site is labelled as harmful, if Yandex deems just one page to be infected.

What should I do if it's my site?

Please delete the malicious code. If your site is checked again, and no such code is found, the label will be removed.

You can find out more information about where malicious code comes from and how to find it in the help section of Yandex.Webmaster. Unfortunately, this service is only available in Russian at the moment. If you can't use the service because of this, please write to our support service: We will help you find any viruses.

How do I protect my computer?

We recommend you install an antivirus program and update it regularly. For even more security you can turn on all the safety features of the program. Take note of the antivirus warnings, delete or block any programs that the software thinks might be harmful. These may not be classed as harmful but may be undesirable (adware, possible unwanted software, corrupted executables etc.). If you suspect that your computer has been infected, run a full system scan with your antivirus.