Google quarantines around 10,000 suspicious websites every day and puts them on a “Google blacklist”. When a website is added to a blacklist it means that Google and different search engines and anti-virus companies are marking the website not secure to visit.
You can recognize the sites added to Google blacklist by seeing the display message “This site may harm your computer” in search results.
This will serve as a warning that prompts most users to stay away. For this warning consumers are grateful but at the same time, the businesses or website owners panic.
There are different warnings to inform people about sites that are harmful, some of those are: “The site ahead contains malware/harmful programs”, “Reported Attack Page!”, “Danger Malware Ahead”, “This website has been reported as unsafe” and many more.
It’s a real pain because one thing is to get your site hacked, spreading malware, but when the website is in a blacklist, it means, that malware has been on the site for some time.
Not only your website needs a cleanup but also your own and your visitor’s computers.
What happens when a website is on a blacklist?
When a website is in a blacklist, the search engine is expelling a site from their list. When a website is blacklisted, it loses almost 95% of its organic traffic, which can rapidly affect revenue.
Usually, a website gets blacklisted when it contains something harmful to the user, for example, malware.
If your website is on a Google blacklist, there are two primary approaches to recovering a hacked site:
Do it yourself, if you have the needed knowledge.
Find a trusted service provider if the technical tasks are outside your skill set.
Take a look at the video below, which will explain why and how websites end up in Google blacklist.
How do I know if my site has been put into a Google blacklist?
For many website owners, malware and other harmful scripts can stay on the website for a while. Most of the malicious programmes are built to stay undetected and without the technical knowledge and with the “eye” to see the changes, it’s hard to spot the differences.
We have contacted even schools, whose websites have been redirecting visitors for years to different malicious sites and webmasters in schools can’t spot the problem so it stays unresolved.
If you see one of these, the site is on a blacklist.
There are many scanners where you can scan your website to detect the vulnerabilities or possible malware on the site. Google is also giving a good advice if you are suspecting that your website could be hacked.
Follow these steps if:
You’ve been alerted by Google that your site is hacked
You see a warning in Google search that your site is hacked or compromised
You’re not sure if your site is actually hacked, but things look fishy
If you’re unsure if your site is actually hacked, or when you think the site was incorrectly flagged, start by registering your site in Search Console.
Go to the Manual Actions or the Security Issues sections of the Search Console and look for example URLs where Google detected that your site has been hacked.
If you’re unable to see hacked content on the URLs provided in Search Console, the hacked content might be using a technique known as cloaking.
Cloaking is a search engine optimization (SEO) technique in which the content presented to the search engine spider is different from that presented to the user’s browser. This is done by delivering content based on the IP addresses or the User-Agent HTTP header of the user requesting the page.
So basically, the malware is hiding itself from being detected.
To check for cloaking, use the Hacked Sites Troubleshooter. The troubleshooter will walk you through a few tools like the site: search operator and Fetch as Google that can help you uncover any cloaked content.
After you’ve double-checked your pages and you’re still convinced that your site was incorrectly flagged, post in the Webmaster Help Forums.