Google Cracks Down on Hacks
30 Days in the Sin Bin
Google has just implemented harsh penalties for hacked websites deemed 'repeat offenders' - effective 9th November 2016.
A hacked website is a huge business interruption, but appearing in Google search as a hacked website can cause real damage to your sales, your reputation and your wallet.
When Google discovers that a site is guilty of distributing malware, phishing, or social engineering malware, it slaps up a notification like the one below instead of your website and adds a message to the search results - "This site may be hacked".
It's not good for business. Or blood your pressure.
Usually, you can clean up your site, appeal to Google for reinstatement and have it up and running within a day or two.
Repeat offenders will now suffer this penalty for an irrevocable 30 days with no possibility for appeal.
Google Lockout Safe Browsing System
Google has had its 'Safe Browsing System' in place since 2005. The appeals process is relatively simple and the penalties are automatically lifted once the site is verified.
Some hackers were playing the system and re-hacking sites after being given the all clear.
"As a result of this gap in user protection, we have adjusted our policies to reduce risks borne by end users," Google said in a post on its Security Blog. "With regards to Safe Browsing-related policies, repeat offenders are Web sites that repeatedly switch between compliant and policy-violating behavior for the purpose of having a successful review and having warnings removed."
Third party hacks exempt ... maybe
Google insists that sites hacked by third parties will not be subject to the new policy. Only those purposefully distributing malicious code will be targeted.
We believe Google means well, but are not convinced that the algorithms will be able to distinguish between an innocent victim and an actual malicious site. How long will it take to convince Google that you are not an evil lord of the underworld, hell-bent on wrecking peoples' day? A week? Two?