Moz Q&A is closed.
After more than 13 years, and tens of thousands of questions, Moz Q&A closed on 12th December 2024. Whilst we’re not completely removing the content - many posts will still be possible to view - we have locked both new posts and new replies. More details here.
Website is flagged as Compromised Site by Google
-
Hi everyone,
We have been running Google Ads for a while now and last week all of our Google Ads were paused with reason Compromised Site. We reached out to Google and they identify this page as one of the affected page: https://manpower.com.vn/vi/dich-vu-san-dau-nguoi-and-tu-van-nhan-su-cap-cao?
The malicious links they found are:
• googie-anaiytics[.]com
• vty68[.]netWe have asked our Website vendor to scan and they found nothing. We would be greatly appreciated if you could help.
I tried Google Search Console and even the tool Google Safe Browsing that Google itself suggested but both the tools showed that our website does not have any malicious links at all. And yet Google Ads support team keeps telling us our page contains these links.
I am wondering if anyone in the community has experienced this before and how did you address this issue.
Or could you guys please help to share any tools that you know can do a deep scan on this page and if possible our entire website to help us identify where the links are located?
Please let me know if you need any additional information from us and I would be happy to provide it.
-
Hey there! Welcome to the community! For improving your PA and DA, I'd suggest focusing on building high-quality backlinks from reputable sites, diversifying anchor text, and ensuring your content is valuable and engaging for readers. Also, don't forget about internal linking and keeping your website's technical aspects in check, like site speed and mobile optimization. As a side note, if you ever need to dive into something a bit different, you can check out some info on flower names and their meanings here: https://flowersname.co
It’s all about providing value to your audience!This keeps the tone friendly and offers your link as a casual, value-added suggestion.
-
Your website is being flagged as compromised, even though multiple scans have shown no issues. You may want to consider using advanced security tools like Sucuri or Wordfence, which offer more thorough scans for hidden malware or vulnerabilities. Also, make sure that all external scripts and plugins are secure and up-to-date. It could be helpful to consult a cybersecurity expert to conduct a comprehensive audit and address any potential security gaps.
-
We would most definitely recommend contacting a freelancer or an SEO agency for help. We say this because if the website has incurred a Google manual action penalty, then this can severely damage your business's organic SEO for a long time unless fixed, Therefore, you need to contact an expert SEO consultant for advice straightaway.
-
@Alex-Montarev We actually have a Drupal site and we're having the same issue...
-
Hello
Thanks for the heads-up. We'll look into it immediately and take the necessary steps to resolve the issue.
-
Update: I have also raised this on Google community: https://support.google.com/google-ads/thread/280600750?hl=vi&sjid=17667827560611966802-AP
and one of the member, who claims to be an IT engineer and security researcher, replied that the issue is caused by the library polyfill. The person said that a popular library got compromised and resulted in many site affected by this attack.
We are checking on this and if it is possible, you all can also take a look at this on your sides as well.
Hope this helps.
-
@Pedropeit thank you for the information and the offer to help. I really appreciate it!
Our website provider have tried to scan our website using these tools: Sucuri SiteCheck, VirusTotal, Quttera but we haven't found any unsual things.
We are trying to do a deeper scan at the moment but we are leaning on the possibility that this is a false alarm from Google. If so, do you know how we can reach out to more relevant personnel from Google to ask about this issue other than the general support team?
Thank you!
-
@Alex-Montarev we do not use Shopify, unfortunately. We are still in process of solving this.
We reached out to Google Ads support but only get some generic answers. Have you able to solve it already?
-
Hello there.
I see that in your website, you are using https://polyfill.io/v3/polyfill.min.js?features=IntersectionObserver%2CIntersectionObserverEntry . You will need to remove it as it is a compromised CDN, and it can make your website run arbitrary code. -
@ManpowerVietnam said in Website is flagged as Compromised Site by Google:
Hi everyone,
We have been running Google Ads for a while now and last week all of our Google Ads were paused with reason Compromised Site. We reached out to Google and they identify this page as one of the affected page: https://manpower.com.vn/vi/dich-vu-san-dau-nguoi-and-tu-van-nhan-su-cap-cao?
The malicious links they found are:
• googie-anaiytics[.]com
• vty68[.]net
We have asked our Website vendor to scan and they found nothing. We would be greatly appreciated if you could help.
I tried Google Search Console and even the tool Google Safe Browsing that Google itself suggested but both the tools showed that our website does not have any malicious links at all. And yet Google Ads support team keeps telling us our page contains these links.
I am wondering if anyone in the community has experienced this before and how did you address this issue.
Or could you guys please help to share any tools that you know can do a deep scan on this page and if possible our entire website to help us identify where the links are located?
Please let me know if you need any additional information from us and I would be happy to provide it.I understand the frustration you're experiencing with the Google Ads suspension due to a "Compromised Site" issue. Here are some steps and tools you can use to deeply scan your website and address this problem:
Manual Inspection:
Check Source Code: Manually inspect the source code of the affected page for any references to the malicious links (googie-anaiytics[.]com, vty68[.]net). These might be hidden in scripts or embedded in iframes.
Browser Developer Tools: Use browser developer tools (F12) to inspect the network activity on the affected page. Look for any unexpected network requests to the malicious domains.
Online Security Scanners:Sucuri SiteCheck: This free tool scans your website for malware, blacklisting status, injected spam, and defacements. You can access it here.
VirusTotal: Submit the URL of the affected page to VirusTotal to get a report from multiple antivirus engines. You can use it here.
Quttera: This tool provides a detailed report on any suspicious content or malware on your website. Try it here.
Web Security Plugins:Wordfence (for WordPress): If your website is running on WordPress, install Wordfence Security. It provides comprehensive scanning and firewall protection.
MalCare (for WordPress): Another WordPress security plugin that offers malware scanning and removal.
Server-Side Scanning:ClamAV: If you have access to your server, you can run ClamAV, an open-source antivirus engine, to scan your web directories for malware.
Maldet (Linux Malware Detect): This tool can be used on Linux servers to find and quarantine malware.
Professional Help:If the issue persists, consider hiring a professional web security service or a cybersecurity expert to perform an in-depth analysis and cleanup.
Once you've performed a thorough scan and cleanup, you should:Submit a Review Request: Inform Google Ads support that you've taken steps to clean your site and request a review.
Monitor Regularly: Set up regular scans and monitoring to prevent future compromises.
If anyone in the community has faced a similar issue or has additional tools and tips to share, your input would be greatly appreciated.Please let me know if you need any further assistance or specific information. I'm here to help.
Best regards,
-
We're having the same issue with our Shopify store, starting a few days ago. Google says the same thing, this "googie anaiytics" link that does not exist on our site.
Are you using Shopify? I'm wondering if it's a common Shopify app that's hacked or something that's causing this issue.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
"Duplicate without user-selected canonical” - impact to Google Ads costs
Hello, we are facing some issues on our project and we would like to get some advice. Scenario
Paid Search Marketing | | Alex_Pisa
We run several websites (www.brandName.com, www.brandName.be, www.brandName.ch, etc..) all in French language . All sites have nearly the same content & structure, only minor text (some headings and phone numbers due to different countries are different). There are many good quality pages, but again they are the same over all domains. Current solution
Currently we don’t use canonicals, instead we use rel="alternate" hreflang="x-default": <link rel="alternate" hreflang="fr-BE" href="https://www.brandName.be/" /> <link rel="alternate" hreflang="fr-CA" href="https://www.brandName.ca/" /> <link rel="alternate" hreflang="fr-CH" href="https://www.brandName.ch/" /> <link rel="alternate" hreflang="fr-FR" href="https://www.brandName.fr/" /> <link rel="alternate" hreflang="fr-LU" href="https://www.brandName.lu/" /> <link rel="alternate" hreflang="x-default" href="https://www.brandName.com/" /> Naturally this si reflected in ""Duplicate without user-selected canonical” . Issue
We create the same ad in Google Ads for 2 domains. So the content is mostly identical, ads are identical, target URLs differ only in domain. Yet Google Ads “Quality score” is different (10/10 vs. 6/10) and “Landing page experience” is very different (Above average vs. Average). Some members of our team think lower “Landing page experience” increases the Google Ads costs, which I personally don't believe, but I want to double check. Question: Can “Duplicate without user-selected canonical” issue decrease the “Landing page experience” rating and as result can it cause higher Google ads costs? Any suggestions/ideas appreciated, thanks. Regards.0 -
Top of funnel google ads campaign not hardly converting, why?
Hi, I really hope someone can help me with this. I'm running two search ad campaigns and a google shopping campaign in google ads. The search campaigns are targeting top-of-funnel keywords as the business doesn't have universally known collections which everyone would search for so they are just unique to my business. So the campaigns are driving traffic but really converting whereas google shopping is converting because searchers are looking for particular products so they're lower down the funnel closer to aking a purchase decision. I feel I've optimised the campaign well and for the most part, most keywords have 7/10 quality score. The landing page seems fine. However, our offering wasn't as strong as competitors so we've offered a discount the same as them to compete. Since I started google ads we have nearly doubled our monthly revenue and the product types targeted in campaigns have increased in quantity sold so it seems it's having an effect but the campaigns aren't showing a good performance. Does anyone have any suggestions or input that could help me? I looked at first interaction attribution model and even there it's not performing well which makes this even more difficult to resolve. I'm thinking I should enable USER id feature in Google analytics so i can track signed in users across devices which may then help attribute sales to paid search channel as I saw in search console that the keyword that generates the most traffic to the site is our brand name and we're not a well-known brand so makes me think they may be starting their buyer's journey on a work computer on their mobile and finishing on their computer at home as an example. However, I don't believe this will be the main cause or solution as I would only have data for signed in users which still won't give me the full picture. Also if the campaign is optimised effectively but conversions are minimal could not having many conversions affect quality score? If someone can help or provide me with a different perspective it would be much appreciated. Please let me know if I need to clarify or explain further. I hope I've made myself clear. Thanks, T
Paid Search Marketing | | TZ19820 -
Can Google Shopping Ads Lower Ranking due to Bounce?
I am noticing Google Shopping Ads are showing up for really irrelevant keywords on some of my products. This quite predictably causes a high bounce rate when a user comes from these ads. There is very little control over what Google Ads seems to decide are relevant keywords from what I can see. Only control is by viewing search terms and setting as negative keywords, but his doesn't help much. Negative keywords are often ignored or they come up with some other really irrelevant new keyword. Seems this high bounce rate could hurt ranking? Any experiences shared with Google Shopping ads appreciated!
Paid Search Marketing | | Chris6611 -
Talking about competitors on your own website to improve quality score
Hi Mozzers, I'm seeing more and more companies improving their quality score by including information about their competitors on their website, when driving traffic from competitor brand terms. For example, for 'Yahoo Mail' related terms, Zoho drive traffic via an ad to this page: https://www.zoho.com/mail/yahoo-mail-alternative.html I'm planning a new campaign targeting competitor keywords and wondered what people think about this approach, and the legalities around talking about and comparing yourself to competitors on your own website?
Paid Search Marketing | | Zoope0 -
Looking at google shopping results from other country
Hi, I run shops in several languages out of London. One of our key revenue drivers is google shopping. It is important for me to look the the shopping search results for example in germany. Recently Google changed something so when I want to look at the german shopping results from here, eg. http://www.google.de/shopping it always shows me the english ones with prices in pounds. Is there a trick to still get the foreign results? Thanks in advance Dieter
Paid Search Marketing | | Storesco1 -
Is there a way to track visitors that watched my video on YouTube and became a direct visitor to my website after the fact?
I am trying to understand the impact my commercials are having on website beyond just the clicks I get from YouTube as a referring site. Google is telling me there is not a way to track users that have viewed a video. I am trying to think outside of the box to figure out a way to use the remarketing cookie to my advantage. Google says there is not a way to track a user that watched a video and then eventually came to my site. But at the same time the "Earned Views" metric is similar to what I am trying to accomplish. As per Google, "An earned view occurs when someone who views your video ad and then watches another video or videos in a linked YouTube channel within 7 days of the ad view." So I want to be able to apply this same method to people that view my video ad and then surface on my website eventually. Please let me know your thoughts on this and if there is a way to accomplish this goal. Thank you
Paid Search Marketing | | JoeyPasq0 -
PPC for Luxury Goods Website
Hi Mozzers, I am starting a PPC campaign for a website that sells high-end products. The search volume for the generics is very high but I think the conversion rate on those will be quite low given the price of the products. Does anyone have any experience in doing PPC for high-end retailers and what type of keyword I should be bidding on? Thanks!
Paid Search Marketing | | KarlBantleman0 -
Best practice to separate paid from organic conversions in Google Analytics
I have a PPC campaign for a client with standalone landing pages with a form, not reachable from the website (although in the same domain). I've added the AdWords conversion code to the "thank you" page and I also added a Goal in
Paid Search Marketing | | DoMiSoL
Google Analytics whose counter is increased every time the thank you page is reached. This way I can track conversions with both AdWords and Analytics. Is that correct? Should I import back in AdWords the goals from Analytics, as suggested in the AdWords account? I have another landing page with a form in the website, where I send users coming from
organic search, so I set up a second goal in Analytics for the thank you page of this form. Is this the reason why I am supposed to import in AdWords the analytics' goals, so that I could see both kind of conversions in both accounts? But the most important question is: If I send both PPC/organic visitors to the same landing page is there still a way to separate PPC from Organic conversions? Thank you very much for your advice. DoMiSoL Rossini0
