With the Google Safe Browsing feature, Google maintains a list of suspicious websites that might be under attack by hackers. When users try to visit an unsafe site, they are met with a red screen displaying a warning message. Google phishing warning appears as “Deceptive site ahead” for sites that are suspected of phishing attacks.
Compromised sites also show warning in SERPs (Search Engine Result Pages) If your site also appears with such warnings, then it has been blacklisted by Google. You should act fast to remedy the situation because potential customers are being turned away by the Google phishing warning.
Related Article: How To Remove “Deceptive Site Ahead” Warning Message
What is Phishing?
Phishing is a type of social engineering attack that tricks online users into sharing personal information. Attackers masquerade as a trusted entity and ask for information. For Example: You might receive a mail that appears to be from your Bank wanting you to confirm your bank account number.
According to a study from Google about social engineering, some of the most effective phishing campaigns have a 45% success rate!
Your site could be used as a mask for phishing attacks. Hackers could use flaws in your website’s script to execute cross-site scripting attacks. These types of attacks are difficult to spot because the users are directed to a page that looks legitimate but the link to the pages are crafted. Such a flaw was used against PayPal in 2006.
Our tool scans 65+ blacklists to check if your website is blacklisted
Some phishing scams alter the address bar of the website. This is done either by masking the address bar with a picture of a legitimate URL over or by closing the bar that the link directs to and opening a new legitimate one.
Check out: Is my website under attack by phishers?
How to remove the Google phishing warning?
As long as your website is flagged, Google restricts visitor traffic to your site. It is important to address the issue as fast as possible to reduce its effect on your SEO rankings.
Finding the Cause with Google search console
The first step of damage control is finding the cause of the infection. So, the first step should be to look at the Google Search Console for anomalies and vulnerabilities. If your site has been blacklisted by Google, you will receive a message in your Google Search Console account.
- Set up your website with Google Search Console, if you haven’t already. Follow these steps to get your website on Search Console.
- Verify your site ownership. Remove any unauthorized users and their verification tags.
- Go to “Security Issues” in left panel. This lists the pages that are indexed by Google.
Removing the Infection
To remove the infection, you might have to remove certain files. Follow these steps to remove infections:
- Review the unfamiliar modifications on your website and remove them manually.
- If you have a good copy of the backup in store. Compare and delete the infected files and rewrite those codes from scratch.
- Disable rarely-used and rarely-updated plugins
- Clean the tables of the infected database manually.
- Check the addition of any unverified user. Remove them.
- Hackers always leave back doors in attacked sites. It is important that you patch all back doors and run a vulnerability assessment of your cleaned site.
- Finally, check if your site is functioning as you want it to.
Requesting a Review
- Go to Google Search Console
- Click the “Security Issues” on the left panel
- Check the “I have fixed these issues” box and
- Request a review.
In order to submit a review, you will be required to give information about the remedial steps you took to remove the policy violation from your site. Our experts have designed a request a review template for your ease.
Google review helps make sure all the security concerns are tackled before the site comes online. The review will not take longer than 72 hours. If no infections are found, your website will soon reclaim its SEO rankings.
If your request wasn’t approved, reassess your site for infections or for any modifications by the hacker. Alternatively, you can chat with an Astra security expert for our experts’ advice.
Google is not the only safe browsing warrior on the internet. However, many authorities find it more convenient and reliable to use Google’s API to add suspicious websites to their own blacklists. If your website is flagged by Google, it is quite possible that other blacklists have also added your site.
Related article: How To Remove “The Site Ahead Contains Harmful Programs” Warning
There are services available that help you look through such lists. Although there are so many such services, you can use Astra Blacklist Checker. It will check your website against multiple lists and gives you an organized output as shown below. You can then proceed to remove your website from the lists that are marked. Different lists have different procedures to remove your website
Is your website blacklisted by security tools? Find out in 15 seconds.
Related article: How to Remove “This site may be hacked” Warning message
Preventing Future Disasters
You should also consider taking more steps to harden and protect your website. Follow the following steps to ensure the maximum safety of your website.
Updated CMS and Plug-ins
Always keep your CMS software and plug-ins up-to-date. Developers regularly release security patches for detected vulnerabilities. Removing unnecessary extensions and plug-ins could be a good security practice. Out of date extensions pose gateways for attackers.
It is advised to remove all rarely-used and rarely-updated extensions. More the number of extensions, more the number of potential gateways for malicious actors.
Schedule Malware Scan
Running a malware scan to ensure that the site is free from any content that the attackers might have left behind. Remove all infected files and patch all vulnerabilities. Astra provides complete 360° web security services. It has features like scheduled scans, access log reports, vulnerability analysis etc. You can also schedule regular scanning. This helps remove vulnerabilities before they come into notice by malicious actors.
Check out: How to scan a website for malware
Enable Web Application Firewall
Web application firewall (WAF) is an application layer security solution that monitors traffic coming to your server and takes necessary action to protect it from malicious actors. In simple words, a WAF filters all traffic coming to your portal. Astra firewall takes the headache of security away from the webmasters, so you can focus more on your business.
Found this article helpful? Share with your friends on ? Facebook, Twitter & LinkedIn. If you have something to say about this article, let us know in the comment box below.