When browsing some websites, you might come across a Google warning that says: “This site may harm your computer”.
This is an optional feature called “Google SafeBrowsing“.
It detects infected websites, adds them to a blacklist, and alerts you in search results. When you try to access an infected website, you will see the message: “The site you are about to access contains malicious programs“.
The issue likely arises from your website being hacked, as it was built with an outdated Joomla, WordPress, or PrestaShop content management system.
Infected files or security vulnerabilities in the installed programs allow attackers to access your website for various purposes, such as sending spam, spreading viruses, phishing, or engaging in other illegal activities.
Hacking actions may be hidden from users, but they harm both those viewing the page and the website owner.
These unsafe sites fall into two categories:
- Malware sites have code that installs harmful software on users’ computers. Hackers can use this software to capture and transmit private or sensitive information.
- Phishing sites disguise themselves as legitimate, attempting to trick users into entering their username and password or sharing other private information. Common examples include websites that impersonate real online stores or banking websites.
These attacks cause significant disruptions and compromise the security and reputation of the entire network, impacting other clients too. Communications providers advocate for strict monitoring and immediate cleanup of these activities.
Measures to take
Google SafeBrowsing alerts webmasters if their websites have been compromised and provides guidance to resolve the issue. It details the steps required to recover the website from an infection, including examples of the specific code that has been inserted.
Even after cleaning, a website can become infected again if the existing vulnerability hasn’t been eliminated.
Steps to follow as indicated by Google → https://developers.google.com/webmasters/hacked/
- Quarantine your website – temporarily disable your page to prevent attackers from conducting further illegal activities through it.
- Use Search Console to identify the types of illegal activities attackers are executing.
- Assess the damage
- SPAM – This step applies to websites sending spam. The warning message in search results reads: “This site may have been compromised”
- Malware – This is one of the longest recovery steps and pertains to hacked websites that spread malware, displaying the warning message “This site may harm your computer” in search results.
- Identify the vulnerability – It’s possible that multiple hackers have breached your website. Therefore, even if you find and fix a vulnerability, continue searching.
- Clean up your website and perform appropriate maintenance tasks – Scan all files uploaded to your server and the databases in use, and update all published software to the latest version.
- Request a review – To prevent your page or website from being flagged as dangerous or potentially misleading to users, request a review from Google.
If you lack the technical expertise for this task, Space WWW recommends consulting a qualified technician. Please reach out for a quote, and one of our technicians can take care of the cleaning and security work on your website