I found SiteAdvisor’s analysis of aa419.org to be amusing:

When we visited this site, we found that most of its links are to sites which are safe or have only minor safety/annoyance issues.

Actually, we have thousands and thousands of links to sites that are dangerous and fraudulent I can only assume they count links, and evaluate the ones which are most frequent (and/or are in SiteAdvisor’s records already).

That’s what I was getting at with my earlier comment. For example, I buy a malware scanning service from ScanSafe. They market it as “Web malware scanning” not “protection from scams”, which is how it should be.

Shane said “Or e-mail a criticism to complaints shift 2 siteadvisor.com”

That’s a nice way of munging an email address, but it assumes a US keyboard layout. The UK keyboard I’m typing on right now would require a shifted apostrophe instead

We do some human review of misleading business practices (like offering free ring tones but bury in the fine print that the ring tone automatically subscribes the user to an expensive monthly subscription.) We are working to do more in this area.

You’re also correct that we don’t test e-commerce sites by making purchases. One of the reasons for offering McAfee SiteAdvisor reviewers the chance to rate sites for their e-com experience is because we don’t have an automated (or affordable!) way to test this.

We’ve got a bunch of failsafe’s built into the reviewer system so that one bad shopping experience can’t cause Amazon to go red, or even a small business to go red for that matter.

Also, to be clear we do not keep any personally identifiable information. Period. We don’t purge it either because we don’t keep it to begin with. We know what site you visit because we have to tell you our test results for it, but that’s totally anonymous. Here’s an analogy. You’re a tourist in London. You walk up to a guide called McAfee SiteAdvisor and say “Is Hyde Park safe?” McAfee tells you its findings and then immediately forgets who asked it.

Feel free to send us feedback at http://www.siteadvisor.com/feedback.html

Or e-mail a criticism to complaints shift 2 siteadvisor.com

Thanks.

There is indeed a problem in being sure about assessments, and there may well be sites that are far less clear than this one — where the prices, the payment method, the community opinion, the history of related sites all point to a single conclusion.

However, it is a problem of their own making! McAfee advertise that they provide a particular service, and if it’s an impossible service to provide then the solution is for them to stop misrepresenting their abilities, not for others to find excuses for their failure.

However, another thing occurs to me: it will be hard for McAfee to make decisions on who is a scammer and who isn’t. For example, if they react to a single negative comment to change their rating, I could potentially extort money from, e.g. Amazon, by posting a negative comment about with SiteAdvisor. Where do you draw the line between protecting customers and protecting honest retailers. Surely the only way McAfee could be sure this site was a scam was if they actually attempted to buy something from it themselves? Indeed, this might be what the average user takes from the message “we tested this site”, since how can you test a shopping service without actually shopping? McAfee could of course use behaviour indicators to judge, e.g. uses Western Union, likely to be a scam, but I think they need to change the public perception of what this service does (by changing messages displayed) or change the service to match up to the public perception (likely to be difficult to achieve).