advice My Fresh New Web Site Was Flagged !!! What Could Be The Cause Of It ?

[blue crystal]

I just launched a new web site xxxxx.biz ( .BIZ TLD ) two days ago intended to list my domain names for sale. In the first day, it was working fine but the next day when I tried to access it I got this message:

“Deceptive site ahead
Firefox blocked this page because it may trick you into doing something dangerous like installing software or revealing personal information like passwords or credit cards.
Advisory provided by Google Safe Browsing.
xxxxx.biz has been reported as a deceptive site. You can report a detection problem or ignore the risk and go to this unsafe site.
Learn more about deceptive sites and phishing at www.antiphishing.org. Learn more about Firefox’s Phishing and Malware Protection at support.mozilla.org.” !!!

1) Later on, I found out that there is already a web site called xxxxx but with a .COM TLD instead. But when accessing this web site, it does not show the same warning. Obs: “xxxxx” name here is just a fictitious name in order to protect the real name.

2) My intention was to use this new web site to TEST what, between two different domain names and different logos but with EXACTLY THE SAME CONTENT would attract more traffic. So, it is strange that my other website yyyyy.com has exactly the same content and yet is not flagged with this nasty warning.

What could it possibly be ?
How to fix it ?

 

[blue crystal]

Google blacklists thousands of domains a day.
I am sure there are some that happen in error.

Could it be sued for moral and financial damages due to its false and denigrating flagging ?

 

[MadAboutDomains]

Ok, so I've looked on Archive.org, nothing immediately obvious on there in terms of dodgy history, but that's not to say that it hasn't been used for bad things in the past. It has shown the Godaddy parking page a few months ago and another parking page a few years back. Nothing to much to note there.

Google has flagged the site as a "SOCIAL_ENGINEERING" threat more info here and this is what I get back from their API regarding your domain:

The site in general doesn't appear to have any scripts on it, so it's unlikely to a dodgy script that has caused the issue.

One thing that is of note is that you have a lot of external links to a lot of .XYZ domains, .XYZ domains are known to be 99% spam and malware (hehe, I know you won't like me saying that ). But as a general rule, it's not advisable to have a website that is one page and links off to so many different domains, whether they are .XYZ or not or whether you own them all. A single page website that links to so many different domains is a warning sign, because this isn't the form that websites normally take, they normally link off to lots of pages within their own domain.

Whilst it's nice to take prospective buyers to the domain itself, perhaps a different approach would help, like a dynamic page that displays the URL and allows them to inquire without having to immediately leave your website to do so. Just an idea.

I wouldn't suggest to pay for any third party such as that suggested by @bmugford, but I would recommend following the steps on this page: https://developers.google.com/web/fundamentals/security/hacked/request_review I think the most important step would be to verify your site on the Google Webmasters portal. This in itself establishes a connection between you and Google as the owner of your domain, but one of the steps on that page is a link to have the domain/website reviewed. I doubt that it will be reviewed manually by a real person, but probably by their bot.

Good luck.

 

[bmugford]

I wouldn't suggest to pay for any third party such as that suggested by @bmugford, but I would recommend following the steps on this page: https://developers.google.com/web/fundamentals/security/hacked/request_review I

I am not suggesting using any paid service. That link just detailed the process on how to request a security review.

Brad

 

[bmugford]

Could it be sued for moral and financial damages due to its false and denigrating flagging ?

Anyone can be sued for anything basically, regardless of merits.
Good luck going against a company with a market cap of $800B+.

Brad

 

[branding]

Yes, but WHY ????!!!!

( NameDeck, could you please edit and put the dot of this domain name between "()" in your comment. I do not want it being furtherly tarnished by search engines. Thank you ).

Can't edit it out anymore but have requested mods to do so.

On a side note, you could just get the .org and be done with it. .biz + loads of links to .xyz screams trouble like mentioned some posts up.

 

[carob]

The site in general doesn't appear to have any scripts on it, so it's unlikely to a dodgy script that has caused the issue.

Unless of course they load dynamically in response to IP addresses or browser or language detected. Not likely here, would probably mean hosting account compromised, but clever infections hide themselves even from admins.

People have mentioned duplicate content - if you launch identical content on two domains, Google has to decide which to prefer and may treat one much worse, so this isn't a straightforward way to compare two domains and might hurt one if it seems to Google to be a copycat.

 

[Bob Hawkes]

Was the yyyy site up before the xxxx site? If so I think that it is simply Google spotted the similarity in content and assumed the second site was fraudulently trying to trick people into thinking it was the first one. I believe it is never wise to put identical content on different sites Google wise.

I doubt that the .xyz links have anything to do with it. Not only does the parent of Google use an .xyz for investor relations, but the Spamhaus score for the .xyz TLD at 0.98 is slightly worse than .com but much better than .info and way better than .biz.

Bob

 

[DNWon]

I think that it is simply Google spotted the similarity in content and assumed the second site was fraudulently trying to trick people into thinking it was the first one.

I believe this is the reason for the Google blacklist! Duplicate content! You should be able to fix this by going through the steps Brad @bmugford outlined above! Good Luck!

 

[MadAboutDomains]

I really don't think that a site would get flagged as malicious for duplicate content...? It's not particularly malicious and certainly not "social engineering" as categorised by Google.

The .xyz point is very valid. I wonder if any of the domains linked to have been flagged before and has caused this.

 

[Bob Hawkes]

I really don't think that a site would get flagged as malicious for duplicate content...? It's not particularly malicious and certainly not "social engineering" as categorised by Google.

From definitions of social engineering the second one is exactly what they perceive happening. There is a legitimate site. Another site on different domain is exact copy. They deem that it is tricking people into interacting with the second site, thinking it is the first, as in phishing but without the email At any time there are multiple such sites up for famous companies, most of which just survive for hours.

"2. (in the context of information security) the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.
"people with an online account should watch for phishing attacks and other forms of social engineering""
​

From highlighted reply (i.e. prior to ads and search links) to a Google search on "social engineering".

From the helpful link you posted earlier social engineering includes

" content pretends to act, or looks and feels, like a trusted entity"​

The fact that the second site was new probably did not help but I think any replica site on different domain is likely to be flagged.

Bob

 

[MapleDots]

Works fine for me on google desktop and mobile from Canada

No warnings, I see the site perfectly.

 

[Bob Hawkes]

Works fine for me on google desktop and mobile from Canada

No warnings, I see the site perfectly.

It's very strange. I am in Canada also, using Chrome on a desktop as well and it definitely gives me the big red severe warning message. Is it possible it has to do with our settings in Chrome (I imagine mine are whatever it came with).

 

[MapleDots]

It's very strange. I am in Canada also, using Chrome on a desktop as well and it definitely gives me the big red severe warning message. Is it possible it has to do with our settings in Chrome (I imagine mine are whatever it came with).

Like I said no issues whatsoever from my location Ontario Canada

 

[Bob Hawkes]

no issues whatsoever from my location Ontario Canada

I am based in BC... maybe Google think that stands for Be Careful?

Seriously it is really interesting that Google flag some but not others re this. Hopefully some Google gurus can tell us why. I had always assumed it would be flagged for everyone or no one.

Bob

 

[MadAboutDomains]

From definitions of social engineering the second one is exactly what they perceive happening. There is a legitimate site. Another site on different domain is exact copy. They deem that it is tricking people into interacting with the second site, thinking it is the first, as in phishing but without the email At any time there are multiple such sites up for famous companies, most of which just survive for hours.

"2. (in the context of information security) the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.
"people with an online account should watch for phishing attacks and other forms of social engineering""
​

From highlighted reply (i.e. prior to ads and search links) to a Google search on "social engineering".

From the helpful link you posted earlier social engineering includes

" content pretends to act, or looks and feels, like a trusted entity"​

The fact that the second site was new probably did not help but I think any replica site on different domain is likely to be flagged.

Bob

It's not impossible, but I'm really not convinced that the definitions provided describe duplicate content on two domains.

It's a website with very little actual content, let alone trying to pass itself off as a trusted entity. It's a single page site with a few images and hundreds of external links to almost identical pages.

Nor can I see why it would fall foul of causing deception to trick people into providing personal information, because it doesn't collect personal information on the domain as far as I can see..

Maybe I'm just oversimplifying it.

 

[MapleDots]

Could it depend on what DNS you use?

I use the google 8.8.8.8 and like I said I get no warnings

 

[MadAboutDomains]

Could it depend on what DNS you use?

I use the google 8.8.8.8 and like I said I get no warnings

DNS just converts a domain to an IP address.

 

[bluetooth]

I am a newbie here, but is it possible the site is not secure" https vs http?

 

[blue crystal]

Nor can I see why it would fall foul of causing deception to trick people into providing personal information, because it doesn't collect personal information on the domain as far as I can see..

Exactly !
Nowhere in my site, I ask for any information.
I think that Google's warning measures are overkilling. Instead of killing a possible disease, it is killing the supposed patient himself.

 

[blue crystal]

I am a newbie here, but is it possible the site is not secure" https vs http?

It is the other way around. HTTPS is the secure one, not the HTTP.
Mine is https.

 

[Bob Hawkes]

Whether we think Google is over-reacting, they control search and the dominant browser so there is no choice but work through them. A site with identical content is a potential phishing weakness whether you ask for sensitive information now or not. They don't want duplicate sites to build trust.

Have you made the site non-identical, established ownership as per Google requirement, and then requested a review (details in link). For this type of problem they indicate about a day response.

Bob

 

[blue crystal]

Have you made the site non-identical, established ownership as per Google requirement, and then requested a review (details in link). For this type of problem they indicate about a day response.

This is precisely what I was thinking to do.

 

[MadAboutDomains]

It's worth pointing out that the link Bob mentioned explicitly says to look in the Google Search console and it will detail the vulnerability:

C. Phishing or Social Engineering
You received a phishing notification in theSecurity Issues report of the Search Console:

1. Open the Security Issues report again in Search Console. The report may still show the warnings and sample infected URLs you saw before.

Have you registered and verified your site and looked in the Search console? It may well tell you what it is flagged for, the URL and why...

 

[BrandEntrance.com]

I just launched a new web site xxxxx.biz ( .BIZ TLD ) two days ago intended to list my domain names for sale. In the first day, it was working fine but the next day when I tried to access it I got this message:

“Deceptive site ahead
Firefox blocked this page because it may trick you into doing something dangerous like installing software or revealing personal information like passwords or credit cards.
Advisory provided by Google Safe Browsing.
xxxxx.biz has been reported as a deceptive site. You can report a detection problem or ignore the risk and go to this unsafe site.
Learn more about deceptive sites and phishing at www.antiphishing.org. Learn more about Firefox’s Phishing and Malware Protection at support.mozilla.org.” !!!

1) Later on, I found out that there is already a web site called xxxxx but with a .COM TLD instead. But when accessing this web site, it does not show the same warning. Obs: “xxxxx” name here is just a fictitious name in order to protect the real name.

2) My intention was to use this new web site to TEST what, between two different domain names and different logos but with EXACTLY THE SAME CONTENT would attract more traffic. So, it is strange that my other website yyyyy.com has exactly the same content and yet is not flagged with this nasty warning.

What could it possibly be ?
How to fix it ?

Previous site under another owner was flagged?

 

[blue crystal]

Previous site under another owner was flagged?

Both sites are mine. The first site was not flagged.