Why is your site showing deceptive sites ahead?
- Your website is hosting phishing pages
- The website has malware/virus infection
- There is code within your website linking to questionable websites according to Google
- Personal information of visitors is transmitted to unsecured servers/links through your website
- There is a credit card stealing malware in your website’s code
Reasons for the Deceptive Site Ahead Warning on your website
As we discussed earlier, phishing and malware are a few reasons why Google deems a website deceptive or fake. But, it must be mentioned here that these are not all. In this section, we will discuss in detail what are the possible reasons for the “Deceptive Site Ahead” warning on your website.
A phishing website is a website that disguises itself as a legitimate source and tricks innocent users into revealing sensitive personal information like credit card details, credentials, passwords, etc. Phishing, pronounced and meant the same as the word ‘fishing’ in the English language, is a crooked way to fetch personal account details by malefactors. Phishing could be executed by the use of several maneuvers like:
- Planing legitimate-looking pages on the website which trick users to add their personal information like credit cards, phone number, and emails
- Planting viruses or keystroke loggers (which record what you type), thus giving away your passwords/usernames to the hacker without your knowledge
- By showing a sense of urgency and wanting prompt action at your end. Remember being told that if you do not give your bank credentials right now, your bank account will be in danger? Yes, that is probably phishing. A legitimate bank or any other institution would not require you to make a decision by some random form of online
Malware, short for malicious software is also one of the reasons why Google flags a website as deceptive. Malware is one of the top reasons for the ‘Deceptive Site Ahead’ warning. Websites are often infected with malware for months until it’s discovered.
Malware is often inserted into a website with these frequent cyber attacks:
- Cross-Site Scripting (XSS) attack: Cross-site scripting attack is also used as a way to plant malicious link which automatically downloads on a user’s computer when visited. A number of plugins, themes, and websites are known to be vulnerable to XSS. It’s often regarded as the ‘low hanging fruit’ of web security due to so many websites being vulnerable to it. This attack can be quite hazardous when combined with other vulnerabilities. Quite obviously, Google blacklists those sites as being deceptive.
- SQL injection attack: SQLi is used to add, modify, and delete records in the database. Such content is often called a malicious payload and is the key part of the attack. After the attacker sends this content, malicious SQL commands are executed in the database. This could also be a reason for Google blacklisting a website. Further, it might also be added to your website via a vulnerability in your CMS (eg WordPress, Magento, OpenCart, etc.) theme, or plugin. It could also happen that your website was trying to load harmful scripts on the visitor’s sites.
- Malicious Advertisements (Malvertising): If Google notices random pop-ups, redirecting ads, or malware loading ads on your website, it shows the deceptive warning to prevent your users from getting tricked into going to malicious websites.These ads can infect visitors without requiring action from them. They do not even require clicking on it to infect them. This makes it particularly worrisome. Hence, Google renders the deceptive site ahead warning in these cases.
- Not Having Proper SSL Certificate: Google is very strict with its policies. Recently they made SSL mandatory for all websites and even included having SSL as a part of their website ranking mechanism.We have seen sites flagged as “deceptive” if they haven’t moved from HTTP to HTTPS. Only installing an SSL certificate is not enough, you also need to redirect your website From HTTP to HTTPS. Besides that, having some of your web pages as HTTP and some as HTTPS gives Google a mixed content signal. This could also be a reason why your website has been flagged by Google.
How to Submit a Review Request To Google For Blacklist Removal
Once you have done the cleaning thoroughly. You can go ahead and submit a request to Google to remove the “Deceptive Site Ahead” message from it. But, before you submit that request make sure the following things are in place:
- Your site is 100% clean of malware & other viruses
- All vulnerabilities in the site are patched
- The website is up and running
- Your website is well protected with a firewall and malware scanning to prevent re-infections
Precautions to take before submitting a Review Request
One guaranteed way to make sure that your website is free from ‘Deceptive content’ is to perform a server-side malware scan of all files, databases, & the server.
Once you have fixed all the issues related to your website phishing, you can submit your appeal here – Report your phishing warning to Google. You’ll now have to wait for 24-72 hours for Google to verify that your site is clean and remove the red warning message.
How to fix the warning in Safari, Edge, and Chrome?
After scanning the site for malware and removing the security issues, here are the methods for different browsers to remove the warning sign.
- Safari – To remove the ‘deceptive site ahead’ warning from the Safari browser, click ‘Preferences’ from the ‘Menu’ > select ‘Extensions’ > find the ‘Deceptive Website warning’ pop-up or other associated extensions that may look suspicious > click ‘Uninstall’ button to remove it.
- Chrome – For Chrome browsers, open up chrome://settings into the URL bar, click on the option ‘Sync and Google Services’, go down and find ‘Other Google services’, under which there is a ‘Safe Browsing’ option which you can turn off.
- Microsoft Edge – Clicking on the Edge ‘Menu’ option in the upper-right corner, from which you can select ‘Extensions’, locate any recently installed suspicious extensions or browser add-ons, and click ‘Remove’ to uninstall them. If you still have issues with ‘deceptive site ahead’ warnings, you can always go to the ‘Settings’ option under ‘Menu’ and click ‘Restore settings to their default values.
How To Prevent your website from “Deceptive Site Ahead” Warning
As you would have realized by now, removing the “Deceptive Site Ahead” warning requires some technical effort, time, and patience from your end. Not to mention the effect it has on the reputation of your website and business. But, if you would take care of these little yet effective security measures, the risk factor is naturally reduced. Some of these measures are:
- Update your website to the latest versions: As a thumb rule, always keep your website CMS, plugins & themes up to date. With updates, you benefit from security patches & other improvements. If you are using older versions of software, your site would be on the radar of hackers who will try and exploit known vulnerabilities.
- Change passwords: Once the site is compromised, there is a good chance that hackers would have stolen the passwords. After a hack situation, always change passwords of all user & admin accounts, database, cPanel, and FTP passwords. The passwords should be unique and hard to guess. This will prevent hackers from re-infecting your site using the compromised credentials.