Blacklisted by Google
Blacklisted by Google
Google finds thousands of new malicious websites every day (learn more). Some of these badware websites are created for malicious purposes, but most are legitimate business, personal, academic, and other sites that have been infected without the knowledge of their owners. Google partners with StopBadware to help website owners learn how to clean up their sites and prevent future badware infection.
If Google has detected badware on your site, you or your visitors might see a warning saying "This site may harm your computer." If you've been blacklisted by Google, one of your best sources for help is Google Webmaster Tools. If you do not have a Webmaster Tools account, you can create one for free.
Google also has a comprehensive help section for owners of hacked sites at www.google.com/webmasters/hacked/. This informational series can help you understand why and how sites are hacked, how to build a support team, and how to assess and fix damage done to your site by malware or spam.
Not sure where to start? Check out Google's overview video on hacked sites.
About Google's blacklisting process
So how does Google determine which sites to blacklist? As you may know, Google is proactive when it comes to protecting users from malicious content—especially content that might harm users who use Google's search engine to find information online. For this reason, Google's automated systems are constantly scanning the Web for suspicious activity. When Google's systems detect suspicious activity, Google issues a warning about that site in order to protect customers. This warning might say "This site may harm your computer" or "Something's not right here." Mozilla's Firefox browser also uses Google's list of badware sites to issue "Reported attack site" warnings to Firefox users.
Google also has a different set of warnings used for sites that have not been detected as infected with malware, but that may have been hacked nonetheless—for instance, to serve hidden spam or fake goods. These sites are labeled "This site may be hacked." StopBadware doesn't review or receive data about sites Google lists as "hacked." To learn about these warnings and how to remove them, see Google's information here or read security expert RedLeg's overview here.
If Google has detected malware on your site, they will notify you via your Webmaster Tools dashboard. In some cases, Google will also give you details about bad code their systems detected on your site. If you do not have a Webmaster Tools account, Google will still attempt to notify you if malware is detected on your site. Typically, Google will send notification emails to the following addresses on your site:
Cleaning up your site
To remove Google's warnings, you'll need to find and remove the badware Google detected on your site and request a malware review. The articles and videos in Google's help for hacked sites section can help you learn how to assess site damage, how to clean it up, and how to request a malware review.
In addition to the information and tools Google provides to site owners who register for Webmaster Tools, you can read StopBadware's information on common hacks and how to fix them. If you need help finding the badware on your site, you can ask for help from Google's hacked site forum. One of the volunteers who answer questions here may be able to provide specific advice about your site.
Requesting a malware review from Google
When you are sure your site is free of badware, you can request a malware review. Requesting a malware review from Webmaster Tools is the fastest way to remove Google's warnings.
Google provides step-by-step instructions for Webmaster Tools users on how to request a malware review of a blacklisted site. *Note: Do not request a "reconsideration." A reconsideration is not a malware review and will not suffice to clear the warnings. If you are signing up for Webmaster Tools for the first time, you will need to add and verify your site before requesting a review.
Typically, a malware review from Google Webmaster Tools takes less than a day. If Google re-scans your site and does not find any badware, the warnings can be removed quickly. Webmaster Tools users will be able to see the results of their malware review request on their Webmaster Tools dashboard.
Other ways to request a review
If you do not want to create a Webmaster Tools account, or if you are unable to verify your site using Webmaster Tools, you can request an independent review from StopBadware. *Please note: An independent review from StopBadware takes longer than a malware review from Google Webmaster Tools.
The first step of our independent review process is to request a malware review of your site from Google. If, as a result of this request, Google does not find anything suspicious on your site, then Google will remove your site from their Safe Browsing blacklist. If Google does find something suspicious, StopBadware's testing team will manually review your site. If we find bad code, we will send you a sample of that code. If we do not find any badware, we will contact Google and request more information about why they believe your site is still infected.