It’s estimated that 98.5% of sites who advertise use Google Ads to generate revenue and bring in traffic. That’s a hefty number of websites who leverage the popular platform to publish and serve ads.
And while most webmasters are keenly aware that a hack can significantly impact your site’s revenue and organic rankings, malicious code or software can also affect your ability to run ads on Google and other advertising platforms.
Your Google Ads must be trustworthy and relevant — this policy applies to your website as well. If Google detects that your website is serving malware, your ads will be disapproved and your account could be suspended until the problem is fixed.
In this article, we’ll dive into why Google Ads become disapproved after a hack and outline the steps you can take to identify malicious code, fix your site, and get your ads back up and running.
- What is malicious or unwanted software?
- Why are my Google Ads disapproved?
- How to fix and remove malicious or unwanted software warnings
- When to contact Google
- How to fix disapproved ads
- How to prevent malicious or unwanted software
Google Ads uses strict policies to ensure that all advertisements are trustworthy and relevant. Any deviation from these policies will show as errors — which means your ads will be rejected if they’re not compliant.
If Google notices one of the ads is violating their unwanted software policy, the ad will be suspended until the error is corrected. So, if your ad was recently disapproved due to malicious software, you’ll need to identify and clean up the malware from your site before you appeal and submit the ad for approval again.
What does Google mean by malicious or unwanted software?
Google defines malicious content or malware as follows:
Malware is any software or mobile application specifically designed to harm a computer, a mobile device, the software it’s running, or its users.
Malware exhibits malicious behavior that can include installing software without user consent and installing harmful viruses. Webmasters sometimes don’t realize that their downloadable files are considered malware so that these binaries might be hosted inadvertently.
Google’s process for malware detection is automated. It aggregates data from many sources to pick up any malicious content. Factors include content, geographic areas, and web technologies in use.
Some examples of malicious or unwanted software include:
|Type||How It Works
|Adware||Automatically displays or downloads unwanted advertisements on the victim’s system.|
|Spyware||Spies on the victim by gathering information about native apps, browsing history, and other user behavior.|
|Keyloggers||Records any and all keystrokes or keypad entries on a device, including cell phones, laptops, or tablets.|
|Trojan||Disguises itself as legitimate or desirable software to gain unauthorized access to the victim’s system.|
|Ransomware||Disables or restricts a victim’s access to data until a ransom is paid.|
|Mobile Malware||Software that infects a mobile device.|
|Rootkits||Allows an attacker to gain control and remote access to a device.|
|Worms||Software that spreads through a network or environment by reproducing itself.|
|Fileless Malware||Exploits a legitimate program to infect a computer.|
If you need more information on this topic, you can read more on what Google determines as malicious content and malware in their documentation. You’ll also find their process for malware detection documented in the Transparency report.
Why are my Google Ads disapproved due to malware?
There are a number of reasons why your ad might be disapproved by Google due to malicious or unwanted software, including:
- Malicious code, programs, or custom scripts. Your ads will be suspended immediately if Google detects malware on your website or landing pages. Any custom scripts that are referencing malicious domains or code could lead to Google flagging your ad.
- Bundled software without consent. Some bad actors try to include or “bundle” additional software to download from a landing page. Google takes this malicious practice very seriously and bans ads that are found to download or include software without consent.
- Custom scripts on your landing page redirect to malicious content. That includes redirects that pass users from your landing page to another malicious website.
- Automatic downloads occur on your landing page. Google requires software downloads to start only once the user has consented by clicking the download button. Having any kind of automatic download on your landing page is certain to get your ad disapproved.
- Form fields invite the visitor to submit sensitive information. Requesting sensitive information from visitors like Social Security Numbers or bank account details on your landing page is a surefire way to get your ads disapproved.
- False representation of expected content. Any ad that has the word “Download” or “Play” without identifying which software it is advertising will be rejected.
- Malicious redirects to unexpected content. For example, if your ad mimics the appearance of the publisher’s website and claims to play a video but instead leads to a software download, it will be disapproved.
- Website images contain malware or embedded code. Google may flag images that are known to contain anything malicious.
- Changes are made without consent. This is never tolerated in Google Ads. Consent needs to be acquired before making any changes to the user’s browser, permission levels, or system.
- Software is difficult to uninstall. If Google identifies that software downloaded from your landing page contains complex menus or is not possible to uninstall without a third-party tool, your ad will be disapproved.
This list is not exhaustive, however. Google may not always be able to provide you with explicit explanations for the ban or disclose exactly how they detected the malicious content. But if any of these issues are present on your website’s landing pages, it’s likely that your ads will be disapproved by Google.
So let’s dive into some of the ways you can fix the problem and get your ads back up and running.
How to remove malicious or unwanted software warnings
There are a number of steps you’ll need to take to detect and remove malware from your landing pages.
1 – Check for recent website changes.
You’ll want to scan your website to identify any changes that were made around the time when your ads were disapproved. That includes modifications to core CMS, source code, plugins, themes, or files that may have been made close to or before the date of your disapproved ads.
2 – Check Google Search console to see if your website is blocklisted.
You can check the Google Search Console to find reports of blocklisting or any issues. Refer to our guide for more information on how to fix blocklisting by Google.
3 – Scan your website for malware.
Scan your website remotely and at the database and server levels to identify any indicators of compromise. If you use WordPress, some plugins can help you analyze your site for malicious content. This is much faster than manually analyzing code.
4 – Repair the infected files.
After you have located the malware on your website, thoroughly clean up the infection to get your site back to a state that is free of malicious behavior or software. You can always contact a service to assist with you malware cleanup.
5 – Prevent reinfection and harden your site.
Implement website hardening techniques to reduce the risk of a malware re-infection so it doesn’t come back.
6 – Optional: Contact Google Support for more information.
You can contact the Google support team to receive additional feedback about your suspension. This is perhaps the best option if all the other remedies have been exhausted. You can speak with a real person and troubleshoot the problem.
Remember — once the hack has been addressed, you’ll still need to resubmit your ads. If you need a hand, check out this video with step-by-step instructions on how to cleanup malware from a hacked WordPress website.
When you should contact the Google team
If your Google ads are suspended, there could be the possibility of a malware infection. But if you’re unable to find the exact violations in your ads, the next step is to check their help center and contact the Google Ads team directly.
You can contact Google Ads support in two ways:
- Click on the Help button from the top nav and then select the Contact us button at the bottom of the menu.
- Call Google at the toll free number found on their website.
Once you get hold of a support representative, make it clear to them that your business is legitimate and that you are serious about your website and ads. After that, you must inform them of the violations in your ad and what you have done so far to solve the problem.
Ensure that you give them all the details so they can clearly understand your predicament. After you have followed these steps, you’ll need to wait for them to rectify the issue. It will often take a few days to be processed and fixed.
How to fix disapproved ads due to malicious or unwanted software
Once you’ve addressed the malware on your website, you can follow these steps to fix any ads that have been disapproved by Google:
- Open Google Ads – Click on Notifications on the top of the navigation.
- Under the Ads Disapproved notice, click Fix it.
- In the Status column of the ad, you will see the reason for the suspension. Hover over the Disapproved status to view the link to the explanation of the policy.
- Select the disapproved ad using the checkbox.
- Click the Edit button and Appeal policy decision.
- Under Reason for appeal select Made changes to comply with policy.
- Click Submit to complete the appeal and submit your ads for review.
Keep in mind that you’ll need to fix the malware before appealing. If Google identifies that you’ve appealed multiple ads and the issue hasn’t been resolved, you may be limited in the frequency you can appeal policy decisions.
Most ads are reviewed within one business day, but it could take longer if they require a more complex review.
Sucuri can help with malware clean-up. Contact our team if you need help removing malicious code or unwanted software from your website.
How to prevent malicious or unwanted software from impacting your Google ads
The most common reason for a website being flagged for malware by Google is that your website has been hacked. Therefore, the most important thing to do to prevent your ads from being taken down due to malicious or unwanted software is to prevent a hack from occurring in the first place.
To accomplish this, implement website hardening techniques to reduce the risk of a malware infection.
Some steps to harden your website include:
- Keep all your software up to date with the latest security patches.
- Use strong, unique passwords for all of your accounts.
- Steer clear of shared hosting environments to reduce the likelihood of cross-site contamination.
- Limit user access and practice the principle of least privilege.
- Change default CMS settings and restrict access to admin pages.
- Only use secure plugins, themes, and software.
- Prevent directory browsing, image hotlinking, and protect sensitive files on your server.
- Make regular website backups and store them off-site.
- Install SSL certificates to protect data in transit.
- Regularly scan and monitor your site for malware.
- Get a web application firewall.
While Google Ads is used by many webmasters to increase profitability for their site, even the best ad campaigns will be useless if suspended. And you definitely don’t want to pay tons of money for ads only to have your visitors spirited away to some other malicious website. Google has very strict regulations when it comes to advertisements, so it is essential to keep your website free of malware to ensure your ads are not disapproved.
By using a web application firewall, you can help mitigate risk from attackers with virtual patching, which can prevent hackers from targeting known vulnerabilities on your site. It will also help you filter out malicious traffic before it ever lands on your site.
As always, if you’ve identified that your website already has malware and you need a hand cleaning it up, we’re here to help.