Social Engineering Content Detected (Phishing) – How to fix it?
Social Engineering Content Detected.
Have you received an E-mail from Google saying that it has detected Social Engineering Content on your website? It might be because some pages on your website are hacked or include malicious third-party resources. These can be Ads, pop-ups that might trick users into installing malicious software or giving up confidential information. So to protect your visitors, web browsers like Chrome will give a warning to visitors.
Scan Your Website For Blacklist
Our tool scans 65+ search engines & platforms to check if your website is blacklisted
Here are some warning messages that Google shows when your website is hacked. You might have received a similar email from Google.
Google’s Safe Browsing systems have detected that some pages on your site might be hacked or might include third party resources such as ads that are designed to trick users into installing malicious software or giving up sensitive information. To protect your site’s visitors, your site has been demoted in Google’s search results and browsers such as Google Chrome now display a warning when users visit your site.
Act now to fix this problem and remove the warning:
1) Identify compromised pages
Check the example URLs in the “Security Issues” page in Search Console. Note that this page displays a list of samples and not an exhaustive list of problematic URLs.
2) Remove the deceptive content
If you’re having trouble identifying and removing all the problematic content on your site, consider restoring an older version of your site. If you have ads on your site, ensure that they are not designed to trick or deceive visitors.
3) Secure your site from any future attacks
Identify and fix any vulnerabilities that caused your site to be compromised. Change passwords for administrative accounts. Consider contacting your hosting service to assist with the issue.
4) Request a security review
Only do this once you’re sure your site is free of problematic content. Include any details or documentation that can help understand the changes made to your site.
Here is a sample of URLs from your site where we detected social engineering content:
– An Email from Google Search Console team
What is Social Engineering Content?
Social Engineering is when a user is tricked to click on certain links that takes him to malicious or hacked web pages. They play with human psychology rather than technical hacking techniques. For example, you receive a call and the caller pretends to be a bank employee, asking your personal details for a transaction.
Another example of social engineering content is -A phishing site i.e it pretends to be the legitimate website but is designed to collect an individual’s personal information put user data at risk.
Sometimes the social engineering is present in the embedded content of your website. In some cases, host webpage gives pop-ups, pop-unders or any other redirection to deceptive web pages.
We have also seen cases in which hackers inject suspicious scripts in website files that lead to social engineering content and the owner has no idea.
Consequences of Social Engineering
- Your Ads will be disapproved by Google- Here is a detailed blog on how you can fix suspended ads by Google.
- Your SEO will be affected. Domain rank will fall drastically in Google organic search results.
- Web browsers will show a warning message to visitors as “deceptive site ahead”.
- And all this will lead to loss of revenue and trust.
How to Fix the Social Engineering Content problem
The reason behind social engineering will be different in each case, so is the solution. But if your website is working fine in the past, then new changes in the website are the offender so restoring them could be the solution.
Before you start making any changes in the website make sure that you are noting everything in a Google Docs. Because you have to submit a detailed report to google about the changes you have made to resolve social engineeing issue. Our security experts have designed a Request a review template that you can submit to Google Search console team.
- Check Google Webmaster account of your website and look if a new suspicious user is added.
- Check security issues report in the webmaster and look if your website is engaged in social engineering. Check sample flagged URLs in the documentation. It is recommended to use a device outside the network as hackers disable attacks if they realize the visitor is a website admin.
- View your website in both mobile and desktop view using the Fetch as Google tool. This will help you to see how Googlebot crawls your webpage.
In-depth Analysis of Website
- Check for embedded social engineering content on your web pages. Also, make sure that no ads, popups or links redirects to suspicious third-party URLs.
- Note: Refresh your web pages several times to see if any ad leads to social engineering because ad network rotates the ads displayed on your website.
- Review each file of your website in detail. Make a note if you find anything suspicious.
- Analyse what are the recent changes in your website. Compare the current file with the backup.
There are detailed documentation links in the email you received from Google.
Submit for a Review
Remove any recently modified code or changes in the Google Ads and delete the suspicious pages. Submit your website for a review. Our security experts have designed a Request a review template that you can submit to Google Search console team.
It is recommended to consult a security expert if you are not handy with the technicalities.
At Astra, we have a team of dedicated security experts who daily resolves dozen of such issues. Our Engineers will remove the malware, suspicious files, scripts and will submit a detailed report to Google on your behalf. We also install Astra Firewall for 24×7 protection because malware has the tendency of coming back. Our firewall ensures that only good traffic is allowed to your website.
Check our Detailed Guide on Website Malware Attacks: Causes, Consequences & Steps to Fix.
Take the Astra DEMO now.