It may seem obvious to state it, but if your site, or a client’s site, is attacked by malware, there is a good chance that any AdWords account directing traffic to that site will be immediately suspended.

Obviously, protecting your site from falling into this situation is the best approach as far as the health of your business is concerned. It’s beyond the scope of this article (and my knowledge!) to recommend the best way to keep a website safe, however I know from my own experience that Sucuri offer a very effective malware prevention service.

What I would like to talk to you about today is how to manage the process of getting your AdWords account back online should a malware attack happen to your site.

Step 1 – Early detection

When a client of Reef’s PPC team recently had issues with malware, the notification emails that this caused to be sent from Google were somewhat cryptic, featuring subject lines about a potential advertising policy breach, with no mention of the specifics. It was only upon going into the account and hovering over the speech bubble in the status column of the ads interface (shown below) that we found that there had been a breach of the policy specific to security.

ad malware diagnostic screenshot

Google recommends using the following URL-based diagnostic tool to check website URLs for potential malware issues http://www.google.com/safebrowsing/diagnostic?site=ADDYOURSITEHERE

However, using this tool to scan our client’s website did not detect any issues, so Google obviously uses different technology ‘in-house’ compared to the system that powers the diagnostic tool they make available to the public.

For certain strains of malware, this tool probably is very effective at picking up the issue, but if not, the first notification you receive may be from the Google team itself.

To safeguard against being caught on the hop by this type of incident again, we have set up an automated rule to run every day and send out an email if there are 0 clicks or impressions in the top performing campaigns by 10am. This means that even if the malware issue is discovered over the weekend, when the team is not usually monitoring account activity, we will receive an email notification and can begin preparing to have the issue rectified.

Step 2 – Contact Google as soon as the problem is identified

The sooner you can get in contact with Google, the sooner they can start to review the issues that have caused the AdWords account to be suspended.

This is especially important if you can’t diagnose the exact nature of the malware using the URL tool above, or the Search Console (formerly known as Webmaster Tools) (shown below). More information on how to use the search console is available here. 

search console screenshot

In this instance, you will need Google to confirm exactly which specific area(s) of your site has been affected before you can address the problem.

The ideal scenario is to contact your Google rep if you have one assigned to your agency or company account, however, live chat functions are available for all advertisers within their AdWords accounts, and the staff manning those chats will be able to assign the issue to a specialist, in the same way a rep would.

Step 3 – Malware removal

This step will probably happen simultaneously with step 2, but you may be in a situation where the malware affecting your site is not picked up by the security programme you have installed on your site, and as mentioned above, the first confirmation that there is indeed a malware issue will be from Google itself.

When the malware issue is diagnosed by a Google specialist, they will offer advice on how to remedy the issue. After all, they want you to get your site back in good health so you can spend money with them again! In our experience, showing IT log data about how and when you have acted to remove the problems Google identified, helps to expedite the process of getting the account unsuspended.

Step 4 – Plan for recovery

While you are waiting for your AdWords account to be unsuspended, take the time to plan a strategy for how to recover lost leads/sales while your account was not active. This could involve a significant raise to bids of converting keywords, time-limited ad copy showcasing a special offer, or potentially a remarketing campaign testing a new message for previous visitors who did not convert.

Depending on the length of time you were down and the amount of leads or sales you need to recover, you may have to take bold action. Don’t be afraid to take measures that will breach your usual CPA. Treat the media spend you would have made while you were down as a separate budget to be allocated independently of the usual rules for your account.

That’s it for my guide to how to recover your AdWords account in the event of a malware attack. Do you have any questions or experience of this issue yourself? Please let me know in the comments section below.

Share your opinion

2 Responses

  1. Thanks Robert and appreciate you reminding us about the important but too often non-urgent topic of having backups and protections in place.

    A friend of mine at Dell recently said “if it’s not backed up to at least three places, it’s not backed up”

    • Matt Dove says:

      Great piece, Robert! The tenacity of these malware hacks is astonishing. I think we’ll start to see a lot more of this in coming months.

Leave a Reply

Your email address will not be published. Required fields are marked *