Rejected by Google Ads: Malicious or Unwanted Software

Follow

If you're here, unfortunately, your ad has been rejected by Google Ads / AdWords. This setback is far from ideal when launching a campaign, especially when Google's disapproval message is vague. This article is intended to help steer you in the right direction to launch your campaign and ad as soon as possible.

Google Ads Support is your best resource for a quick solution. Their Support can share exactly why an ad was rejected and offer the steps to take for a resolution. They offer a helpful step-by-step guide on identifying causes for an ad rejection and how to get it approved. You can review their guide with steps on how to fix a disapproved ad.


What is malicious content or malware?

Google defines malicious content/malware as follows:

"Malware is any software or mobile application specifically designed to harm a computer, a mobile device, the software it's running, or its users. Malware exhibits malicious behavior that can include installing software without user consent and installing harmful software such as viruses..."

You can read more on what Google determines as malicious content and malware in their documentation: Malware and unwanted software & Advertising policies.

In truth, it's pretty unlikely your landing page actually contains malware or software as described above. That said, Google's complex process for detecting malicious content or malware is entirely automated! It collects information from reputable organizations that detect malicious content and malware and then focuses on the scan for such content on specific geographic locations where the most malware/malicious content is detected.

You can read more about their process for malware detection here: Google's Transparency Report.

Why Is Google Flagging My Ads & Unbounce Landing Pages as Malicious?

As we see from Google's safe browsing overview, Google casts an extensive net to ensure only secure, safe, quality content is available. As the process is automated, mistakes do happen and "innocent" content is often caught as by-catch.

When Google Ads mistakenly catches your ad/page as malicious, the only way to have Google reconsider your ad is to connect with their Support and go through their suggestions to prove the ad rejection was an error. Then, resubmit the ad for review.

Determining what exactly is causing Google to tag your pages as malicious is outside the scope of Unbounce & our support.

Unbounce does not have the necessary information to confirm why Google Ads has rejected an ad or landing page, so it's best to reach out to Google directly. 

Instruction for fixing an ad or re-submitting the ad to Google for review is found fixing a disapproved ad.


Possible Causes for a Disapproved Google Ad

Here is a list of possible causes to help you get started in determining why Google Ads may be disapproving your ad or landing pages: 

  • Outgoing URLs on the landing page are using HTTP when the landing page is secure over HTTPS (learn more about enabling a secure domain within our documentation: Securing your Domains with SSL).
  • Images are hosted on software that Google Ads doesn’t approve, such as unsupported image files or formats. Try changing the image formats to more recognized formats, like .ico, .png, .jpg, etc.
  • There are redirects on the landing page domain or page URL.
  • WordPress plugin(s) is deemed malicious by Google.
  • Custom scripts added to the landing page are referencing external content deemed malicious by Google.
  • You have included automatic downloads on the landing page. According to Google's Unwanted Software Policy, “download of [a] software should only begin when the user has consented to the download by clicking on a clearly-labeled download button." 
  • You have included form fields that prompt the visitor to submit sensitive information. According to Google's Unwanted Software Policy, "software must not collect sensitive information such as banking details without proper encryption."
  • Misrepresentation of the expected content. Here are some examples provided by their documentation:
    • “An ad that only contains the words 'Download' or 'Play' without identifying the software it advertises for."
    • "A "Play" button that leads to a download."
    • An ad that mimics or copies the design of another publisher's site to entice visitors, but contains malicious content or unrelated software instead.

Tips for Troubleshooting Malicious or Unwanted Software

  1. Check the status of your site in Google Search Console. If you haven’t used Search Console before, enter the URL of your website and click "Add a property" to see its status. You may need to verify that you own the site.
  2. If Search Console doesn’t report any problems, your site could still have security issues that Google Ads detected. Consult with your webmaster or web hosting provider and use tools such as Stop Badware to investigate further. Or, download a tool to detect any malicious or unwanted software, such as this app provided by the Google Play store. Learn more about how Google identifies malicious or unwanted software.
  3. Remove any malicious or unwanted software. Google provides resources and instructions to help you fix your site through Help for Hacked Websites. If you can’t fix the ad’s destination, update the ad with a new destination that complies with this policy.
  4. Edit the ad. This will resubmit the ad and its destination for review.
    Most ads are reviewed within 1 business day, though some can take longer if they need a more complex review.