Website is flagged as Compromised Site by Google
-
Hi everyone,
We have been running Google Ads for a while now and last week all of our Google Ads were paused with reason Compromised Site. We reached out to Google and they identify this page as one of the affected page: https://manpower.com.vn/vi/dich-vu-san-dau-nguoi-and-tu-van-nhan-su-cap-cao?
The malicious links they found are:
• googie-anaiytics[.]com
• vty68[.]netWe have asked our Website vendor to scan and they found nothing. We would be greatly appreciated if you could help.
I tried Google Search Console and even the tool Google Safe Browsing that Google itself suggested but both the tools showed that our website does not have any malicious links at all. And yet Google Ads support team keeps telling us our page contains these links.
I am wondering if anyone in the community has experienced this before and how did you address this issue.
Or could you guys please help to share any tools that you know can do a deep scan on this page and if possible our entire website to help us identify where the links are located?
Please let me know if you need any additional information from us and I would be happy to provide it.
-
Hey there! Welcome to the community! For improving your PA and DA, I'd suggest focusing on building high-quality backlinks from reputable sites, diversifying anchor text, and ensuring your content is valuable and engaging for readers. Also, don't forget about internal linking and keeping your website's technical aspects in check, like site speed and mobile optimization. As a side note, if you ever need to dive into something a bit different, you can check out some info on flower names and their meanings here: https://flowersname.co It’s all about providing value to your audience!
This keeps the tone friendly and offers your link as a casual, value-added suggestion.
-
Your website is being flagged as compromised, even though multiple scans have shown no issues. You may want to consider using advanced security tools like Sucuri or Wordfence, which offer more thorough scans for hidden malware or vulnerabilities. Also, make sure that all external scripts and plugins are secure and up-to-date. It could be helpful to consult a cybersecurity expert to conduct a comprehensive audit and address any potential security gaps.
-
We would most definitely recommend contacting a freelancer or an SEO agency for help. We say this because if the website has incurred a Google manual action penalty, then this can severely damage your business's organic SEO for a long time unless fixed, Therefore, you need to contact an expert SEO consultant for advice straightaway.
-
@Alex-Montarev We actually have a Drupal site and we're having the same issue...
-
Hello
Thanks for the heads-up. We'll look into it immediately and take the necessary steps to resolve the issue.
-
Update: I have also raised this on Google community: https://support.google.com/google-ads/thread/280600750?hl=vi&sjid=17667827560611966802-AP
and one of the member, who claims to be an IT engineer and security researcher, replied that the issue is caused by the library polyfill. The person said that a popular library got compromised and resulted in many site affected by this attack.
We are checking on this and if it is possible, you all can also take a look at this on your sides as well.
Hope this helps.
-
@Pedropeit thank you for the information and the offer to help. I really appreciate it!
Our website provider have tried to scan our website using these tools: Sucuri SiteCheck, VirusTotal, Quttera but we haven't found any unsual things.
We are trying to do a deeper scan at the moment but we are leaning on the possibility that this is a false alarm from Google. If so, do you know how we can reach out to more relevant personnel from Google to ask about this issue other than the general support team?
Thank you!
-
@Alex-Montarev we do not use Shopify, unfortunately. We are still in process of solving this.
We reached out to Google Ads support but only get some generic answers. Have you able to solve it already?
-
Hello there.
I see that in your website, you are using https://polyfill.io/v3/polyfill.min.js?features=IntersectionObserver%2CIntersectionObserverEntry . You will need to remove it as it is a compromised CDN, and it can make your website run arbitrary code. -
@ManpowerVietnam said in Website is flagged as Compromised Site by Google:
Hi everyone,
We have been running Google Ads for a while now and last week all of our Google Ads were paused with reason Compromised Site. We reached out to Google and they identify this page as one of the affected page: https://manpower.com.vn/vi/dich-vu-san-dau-nguoi-and-tu-van-nhan-su-cap-cao?
The malicious links they found are:
• googie-anaiytics[.]com
• vty68[.]net
We have asked our Website vendor to scan and they found nothing. We would be greatly appreciated if you could help.
I tried Google Search Console and even the tool Google Safe Browsing that Google itself suggested but both the tools showed that our website does not have any malicious links at all. And yet Google Ads support team keeps telling us our page contains these links.
I am wondering if anyone in the community has experienced this before and how did you address this issue.
Or could you guys please help to share any tools that you know can do a deep scan on this page and if possible our entire website to help us identify where the links are located?
Please let me know if you need any additional information from us and I would be happy to provide it.I understand the frustration you're experiencing with the Google Ads suspension due to a "Compromised Site" issue. Here are some steps and tools you can use to deeply scan your website and address this problem:
Manual Inspection:
Check Source Code: Manually inspect the source code of the affected page for any references to the malicious links (googie-anaiytics[.]com, vty68[.]net). These might be hidden in scripts or embedded in iframes.
Browser Developer Tools: Use browser developer tools (F12) to inspect the network activity on the affected page. Look for any unexpected network requests to the malicious domains.
Online Security Scanners:Sucuri SiteCheck: This free tool scans your website for malware, blacklisting status, injected spam, and defacements. You can access it here.
VirusTotal: Submit the URL of the affected page to VirusTotal to get a report from multiple antivirus engines. You can use it here.
Quttera: This tool provides a detailed report on any suspicious content or malware on your website. Try it here.
Web Security Plugins:Wordfence (for WordPress): If your website is running on WordPress, install Wordfence Security. It provides comprehensive scanning and firewall protection.
MalCare (for WordPress): Another WordPress security plugin that offers malware scanning and removal.
Server-Side Scanning:ClamAV: If you have access to your server, you can run ClamAV, an open-source antivirus engine, to scan your web directories for malware.
Maldet (Linux Malware Detect): This tool can be used on Linux servers to find and quarantine malware.
Professional Help:If the issue persists, consider hiring a professional web security service or a cybersecurity expert to perform an in-depth analysis and cleanup.
Once you've performed a thorough scan and cleanup, you should:Submit a Review Request: Inform Google Ads support that you've taken steps to clean your site and request a review.
Monitor Regularly: Set up regular scans and monitoring to prevent future compromises.
If anyone in the community has faced a similar issue or has additional tools and tips to share, your input would be greatly appreciated.Please let me know if you need any further assistance or specific information. I'm here to help.
Best regards,
-
We're having the same issue with our Shopify store, starting a few days ago. Google says the same thing, this "googie anaiytics" link that does not exist on our site.
Are you using Shopify? I'm wondering if it's a common Shopify app that's hacked or something that's causing this issue.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Website is flagged by Google as Compromised Site
Hi everyone, We have been running Google Ads for a while now and last week all of our Google Ads were paused with reason Compromised Site. We reached out to Google and they identify this page as one of the affected page: https://manpower.com.vn/vi/dich-vu-san-dau-nguoi-and-tu-van-nhan-su-cap-cao? The malicious links they found are:
Paid Search Marketing | | ManpowerVietnam
• googie-anaiytics[.]com
• vty68[.]net We have asked our Website vendor to scan and they found nothing. We would be greatly appreciated if you could help. I tried Google Search Console and even the tool Google Safe Browsing that Google itself suggested but both the tools showed that our website does not have any malicious links at all. And yet Google Ads support team keeps telling us our page contains these links. I am wondering if anyone in the community has experienced this before and how did you address this issue. Or could you guys please help to share any tools that you know can do a deep scan on this page and if possible our entire website to help us identify where the links are located? Please let me know if you need any additional information from us and I would be happy to provide it.1 -
Unsolved Google Ads Not Getting Clicks or Impressions
I have been running some google ads - in the past 7 days I've had no clicks or impressions is this common? #ads
Paid Search Marketing | | PermaTherm0 -
Google Merchant Center product reviews
My googlefu is not good enough to put the words together to find an answer for this, but I am sure there is one out there. I am making a review feed for a client's site to submit their product reviews to google merchant center. But one problem we are having is that the reviews are generalized, like how amazon does it. A sample product would be Whey Protein, this product is available in 4 different sizes and has 4 different GTIN's (one for each size). But the reviews we collect are just for the base product of Whey Protein. What I am trying to figure out, is if I can assign a parent GTIN, then correlate the reviews to that GTIN and then let them populate for the child GTIN's some how.
Paid Search Marketing | | LesleyPaone0 -
Google AdWords Class Action Settlement?
Has anyone received and responded to a notice of class action settlement from Google Adwords? The sender (and the website it directs to) is adwordsclassaction.com. I see that there was such a thing, I am just not sure whether that domain is the official one to respond to?
Paid Search Marketing | | Linda-Vassily0 -
Should I subscribe my site to bellnet.de?
I am unsure whether I should put a link on bellnet.de. As the web directory is rather a common one and not specialized on web design (as my site is)... On the other hand it has a higher PA and DA then my site. And its spam score is very low. What do you think. Will google reward it and is it worth lazing 50 bucks? Cheers Marc
Paid Search Marketing | | RWW0 -
Do UTM Parameters reflect in Google Analytics
Hi, We have recently enabled auto tagging in our URLs but not sure if tagging is working correctly. Does Google Analytics shows the utm parameters also in URLs in Google Analytics OR Google shows only the base url (after removing utm parameters) in Analytics. For example: Will http://www.abc.com/?utm_source=Indiaweb&utm_medium=Display&utm_campaign=CPC&utm_content=NRI_newprojects&utm_term=US be shown as is in Google Analytics under PAID Tab or only http://www.abc.com/ will be shown and the utm parameters will be removed in Analytics if auto tagging is enabled. Thanks in Advance 🙂 Regards Anirban
Paid Search Marketing | | vivekrathore0 -
Social Media black hat methods - can google see this?
My site was hit by a Penguin or Panda, for some bad linking in 2012. Ever since then I have been 100% completely white hat, being careful who I pick to my marketing. Once burnt.... Recently, with all the hype of social media being the thing to help you boast rankings, it got me wondering about how Google really can monitor this. I saw this the other day on Elance... I need 5000 Facebook fans. They must be real looking and be coming from US IPs, Preferable real looking US accounts. If people are just going to get false Facebook fans, tweets etc.... then it is no better than all the bad linking. Perhaps Google will come out with Puma penalty (well we have pandas and penguins)
Paid Search Marketing | | Llanero0 -
Google Analytics Matched Search Query Not Working
On Google analytics for our clients when you check the Matched Search Query under Traffic Sources > Overview, it says "There is no data for this view.". I have Google searched it and i am not finding my answer to why this is not displaying my information. On my personal analytics account when i clicked on matched search query it displays exactly what the person searched when it trigered my adwords ad. I have no idea why this account doesn't display the same info when it appears to be setup in the same way. Example: If i am broad match targeting the keyword "outdoor sports", and someone searched "Canadian outdoor sports for kids" It would show exactly what they searched under Matched Search Query. Anyone know how to resolve this issue?
Paid Search Marketing | | VITALBGS0