Online florist Arena Flowers recently fell foul of Norton, with its SafeWeb product flagging its website as unsafe for users due to an issue with the site's WordPress blog. 

The problem was fixed promptly by Arena Flowers, but the process of contacting Norton and getting the warnings removed was far from perfect, and could have had a serious effect its sales and reputation. 

This is what customers saw when searching for the site in Google, which would surely deter most potential visitors:

Arena Flowers SERPS warning

Visitors to the site saw a similar security warning:


The problem was with Arena's Flowers' WordPress blog; the security threat was legitimate, and was resolved by upgrading to a newer version of WordPress. However, though the security issue was confined to the blog, the whole 60,000 pages of the website as well as Arena Flowers' PPC ads were all flagged as unsafe for Norton users.

Though this was alarming enough, the biggest problem was in getting Norton to remove the warnings once the security problem had been fixed.

The support staff that Arena Flowers' CTO Sam Barton contacted were unaware of the online tool designed to allow webmasters to flag ownership of the site and resolve the problems, and once this issue had been solved, it emerged that the company would have to wait two weeks for the site to be re-scanned and the warning removed. 

According to Sam Barton: 

The bone of contention is that once flagged, the resolution system doesn't work, it is not supported (the product is not even a prompt on their phone system like Norton 360 is) and that it will take two weeks to get returned to a 'Green' status once they scan you again which is appalling for sales. 

I don't have any stats how many online shoppers use the Norton SafeWeb toolbar, but since it is one of the most popular security products and often comes pre-installed when you buy a PC or laptop, it's a reasonable to assume that a significant number of people may have seen the security warning for the site. 

To resolve the issue, Sam had to resort to raising the problem on Twitter, and fortunately someone from Norton noticed, escalated the issue, and removed the 'site is unsafe' messages. 

However, there were still at least four days where visitors to the site may have been deterred by this security warning, something which had a negative impact on sales, but also customer trust, as Sam explains: 

We had customers saying that our site was giving them viruses. Whilst this wasn't the case the customer was obviously left with a negative feeling about our site, something that is going to last longer than the week long duration of the 'Red' status assigned to us by Norton.

Sales we can recoup over time but trust is very difficult to re-establish. We are e-commerce only, no bricks and mortar stores. As we are never going to meet our customers we are reliant on establishing trust with them to convert sales. Its ironic that Norton, who pride themselves on security, were the ones to ruin that trust.

While security products like Norton have their place, and can be useful to steer users away from sites which may harm their computers, the system for site owners to resolve these complaints needs to be improved. 

As Sam has pointed out, warnings like this could have a serious impact on online retailers' sales. If Norton is going to flag e-commerce sites as unsafe, then it should have a fast-track process in place for retailers to resolve such issues without doing too much damage to their business. 

If you have experienced similar issues with Norton or other security products, let us know in the comments below... 

Graham Charlton

Published 16 July, 2010 by Graham Charlton

Graham Charlton is the former Editor-in-Chief at Econsultancy. Follow him on Twitter or connect via Linkedin or Google+

2565 more posts from this author

You might be interested in

Comments (8)

Save or Cancel
Matthew Curry

Matthew Curry, Head of Ecommerce at Lovehoney

These sorts of browser add ons are awful (McAfee's SiteAdvisor is the other one)  - considering that they're clearly intended to sell further services, rather than provide useful information (I remember having a long call from McAfee when we used to work with them, about how I could buy an "Enhanced" Siteadvisor ranking) which is an indicator of why the dispute and resolution system is somewhat of an afterthought.

Even worse, in the case of McAfee, if you claim it was McAfee who made a mistake, rather than your site being at fault, it take up to 11 business days in total for them to change the ranking.

about 8 years ago


Paul Lewis

It's the same with many compaines now that they simply don't support multi channels (and response mechanisms of these) in-house well. 

Although compaines have more outlets for people to contact and talk to e.g.  Twitter, Facebook, these are cheap and easy additions to the core customer services area that are all set-up where costs are lower, meaning the old days of Department meetings and all being on the same page just doesnt exist (unless you then invest in expensive video technolgy.)

Catch 22...

about 8 years ago

Stuart Wilson

Stuart Wilson, Sales Director at Advanced Labelling Ltd

I had a site fall foul of this too after my FTP account was compromised, which lead to some malware distribution. I'd first noticed the problem in Google's Webmaster Tools so after requesting a review, Google was very quick to fix the 'this site may harm your computer' problem I had in the SERPs.

With Norton, however I had to jump through hoops. Despite removing the malware and requesting a rescan, it continued to list the site as unsafe. After the laborious site dispute process, it took 72 hours before the site was listed as 'safe' again.

My advice would be to sign up with McAfee, Norton and any of the other big guns and manually request scans of your sites when you know they're safe. In the case of Norton Safe Web, you're given the option of being notified when the site rating changes, giving you extra time to rectify the problem before too much trust is lost.

Otherwise you only find out if you're unfortunate enough to use this bloated, scaremongering software in the first place; or worse still, a customer has to let you know!

about 8 years ago



Greg's advice to sign up to these systems and other types of reputational monitoring system is correct.  Although Norton clearly will have a significant number of users, I wonder what proportion of Arena's Flowers' customers actually saw this - what was the actual impact on turnover?

There would be nothing to stop someone else creating malware/phishing reputational guidance and stating they would never unmark a site as dangerous ever, once it had crossed the threshold.  After all, why should customers be at increased risk of being hacked, because of the actions of the website owner?  Etailers have the ability to do their own monitoring, build and operate their sites more securely.

And how about contacting people customers who visited the site during the period of the issuer and warn them?  Customer care anyone?

Really, plain FTP available from any IP address really isn't a good sign!  Perhaps Norton is right to be worried... one problem might suggest there are many more.

about 8 years ago


Sam Barton

In response to Colin's comment above he is of course right, Norton have a duty to protect their customers and any site found to be a threat should be flagged I totally agree. We (Arena Flowers) are in fact signed up to a number of services and have a routine scan across all our servers from McAfee however we were not aware that Norton offered such a service. Removing the threat on our blog took a couple of minutes, but unlike other similar services removing the message from Norton that we were a threat took several days.

The concern I have with Norton is that the method used to change the status of the site was flawed. Our protracted issue caused me to become quite familiar with the process and was put in touch with their False Positive team based in Dublin (the fact that they have a team dedicated to false positives is in its self not a good sign). They confirmed that the solution was not 100% and are often presented with this issue. To that end we discussed several ways the solution could be improved and they wrote to us on Friday  to say that they would address the points of failure in writing.

This type of service has its place on today's internet, but I think it should work autonomously and should be supported by the company responsible when it doesn't work.

PS - How is any etailer supposed to contact customers who sees this type of warning any chooses not to visit the site...??

almost 8 years ago



Thanks for the additional detail Sam.  It's encouraging you are doing your own monitoring.

It sounds like the security issue was a "false positive" for the main site, and a real issue for the blog, temporarily.  But false positives, and false negatives, are the result of less than perfect systems.  It is difficult to develop systems for zeros for both of these.  So yes, companies like Norton need to respond efficiently.

It's of course virtually impossible to reach users of the website who were not authenticated in some way as known customers.  But perhaps some who visited the blog during the incident were, and they might appreciate being contacted to check their own computers for malware, or whatever the threat was.

almost 8 years ago


Rob Rudderham

I am having a simliar problem to Arena Flowers. My retail website is based on a top level domain maintained by my ISP. Another website within that domain has had a threat, and Norton is flagging all websites within that domain as unsafe (same message as Arena Flowers). My ISP assure me that the malacious code has been removed and have applied ror the domain to be rescanned and re-evaulated.

We're currently several days into the waiting process. I've tried contacting Norton Safe Web, but they don't answer emails and don't appear to have phone support. My ISP are reporting that they're waiting for an answer. I've tried contacting Norton Anti-Virus phone support, but the people there seem ill-informed about Safe Web and thus unhelpful.

In the meantime, Norton users who visit my site are being warned it's unsafe and I'm losing custom and reputation. My website has not been rated by Norton, who state that their unsafe rating is inherited from my ISP's domain, and that my site may be rated individually at a later date.

Waiting 2 weeks is going to be very harmful to my business, particularly as just before this happened, we had started an intensive advertising campaign to attract new customers. Is there anything I can do?

almost 8 years ago



Norton safe web suggests not visiting any site that has not been verified by them! I think they are getting themselves into legal trouble by suggesting one should not visit a business's web site, often with absolutely no evidence that the site isn't safe! And try to contact them about it. What is their contact info, anyway? Class action, anyone?

about 6 years ago

Save or Cancel

Enjoying this article?

Get more just like this, delivered to your inbox.

Keep up to date with the latest analysis, inspiration and learning from the Econsultancy blog with our free Digital Pulse newsletter. You will receive a hand-picked digest of the latest and greatest articles, as well as snippets of new market data, best practice guides and trends research.