Adwords – Ad Disapproved – Malicious or unwanted software

[Techy Online]

Hi,

I hope I can get help.

My AdWords ads for two domains are beeing disapproved due to ‘Malicious or unwanted software’. I’ve called Adwords support multiple times but they have been unable to provide me with any further details which is not very helpful..

[Techy Online]

Possible causes of Google Ads Disapproved Due To Malicious or unwanted software

• Outgoing URLs on the landing page use http when the landing page is secured via https.
• Images hosted on software not approved by Google Ads.
• There are redirects to the domain or landing page URL.
• WordPress plugins are considered malicious by Google.
• Custom scripts added to the landing page refer to external content considered malicious by Google.
• You’ve included automatic downloads on the landing page: In Google, “The download of the software should only begin when
  the user has consented to the download by clicking on a clearly labelled download button.”
• You have included form fields that invite the visitor to submit sensitive information: In Google, “The software must not collect sensitive information such as bank details without proper encryption.”
• False representation of expected content, for example:
  “An ad that contains only the words “Download” or “Play” without identifying the software for which it is advertising.
  A “Play” button that leads to a download.
• An ad that mimics the appearance of the publisher’s website and claims to offer content (for example, a movie) but instead leads to independent software.
• Website images can also contain malware or embedded code which can trigger RED FLAG in Google and get your ads disapproved.

[Techy Online]

I’ve had this once, and the solution was to repeatedly tell them that a jpg cannot be malicious and to escalate the case. The Google Ads support persons do not have the same tools, and their opinion is irrelevant. They need to pass your query on to the malicious links team.

[Techy Online]

Possible Ways to Find Malicious Code in WordPress:

• Check all WordPress files and database with help of scanner tool and identify the changes that have been made close to the date when your ads were disapproved.
• Check for changes such as Install, Update, Addition of any code/plugin/file/js/css etc being made by the developer or hosting company close to the date of disapproval of ads.
• Check Google console to see if your website is blacklisted in google. Read more on Google blacklisting warning message
• Use different plugins to find the code.
• Try to remove any suspicious base64_decode, eval, referrer, decoded payload etc.
• Get help from your hosting provider or avail services of a security provider having expertise in WordPress, to scan the website for you.
• Analyze your website with our malware scanner. Because the presence of malware is the most common cause of ad suspension, this scan reveals any hidden malware.
• Repair the infected files. Once you have analyzed your website, you will be able to identify the malware or viruses in your ads or on your website. We may also help you  remove malware from wordpress site and repairing files in delivering the ads online. Once all infections are removed, you must resubmit your ads. If the infections are completely removed, the approval must be automatic.

[Author]

Posts