My role as a Google Webmaster Forum Top contributor, gave me the opportunity to support webmasters with an array of problems, out of which one seems quite frequent: the "your site has been compromised" label that appear into Google search engine.
It must be said that this problem can assume two different forms: one at a browser level, and one to search engine level.
As the one at a browser level depends by the searcher settings and antivirus, I'm going to disclose about the one at search engine level, in particular I will concentrate on both Google and Bing.
Having a site red flagged it could be a problematic hard to discover, but ultimately is due to malicious content hosted within the site, which don’t necessarily means the main web site.
Google stated that if the web site has a significant number of subdomains affected by the problem, they may assume that there is a general issue with the domain name and flag it accordingly. And it is reasonably tru to think Bing adopts a similar assessment methodology.
How search engine do the red flag?
The two search engines, despite many recent episoded of content copying, adopt two different methodologies for warning users about the potential issue.
Google shows the site as usual, but will add a small label underneath the result in the SERPs, which say something like "your web site may be compromised".
Bing, on the contrary, can operate in two different ways, and I would assume the behaviour depends on the severity of the malware identified.
In the less worse case scenario, the web pages continue to be ranked and showed to the users with the standard URL link disabled (When a user clicks on the disabled link a malware warning box will pop up).
In the most harmful - and perhaps less identifyable scenario - the results will be removed completely from the SERPs.
How can a red flag compromise my site?**
Once you receive the red flag it is quite inevitable for the searchers to not see the label, and this ultimately may arise a warning on top of their head.
A study conducted by Microsoft in 2009 showed 98% of the audience not opening the link.
So what is happening? Simple! Searchers don't trust the result anymore, and will inevitably skip to the next. As a consequence of this, your CTR will be damaged and so it would be the lead generation process or conversion acquisition process.
How can I prevent this?
Well, I can start talking for hours, but I don't have such a long time, so what I can suggest you is to sign-up and verify your site for both the Google Webmaster Tools and the Bing Webmaster Tools. They will give you access to plenty of information, including an insigh to reveal whether or not your site has been compromised.