Google just rolled out its latest search console which will officially replace the old one in March. Among one of the new features incorporated are security issue errors thus making them easily accessible. Thank you Google. Online security threats are ever increasing, in the past not having the security concerns at your fingertips could jeopardize both your business and personal content.
Below is a listing of the security errors featured
- Social Engineering (Phishing and Deceptive Sites)
- Malware infection type: Server configuration
- Malware infection type: SQL injection
- Malware infection type: Code injection
- Malware infection type: Error template
- Cross-site malware warnings
- Hacked type: Code injection
- Hacked type: Content injection
- Hacked type: URL injection
Let’s take a quick look and see just how easy it is accessing these features. After logging into Google Search Console and choosing a domain you have privileges to access. You can easily determine if you have any security concerns. Figure 1 below shows where you can find the Security & Manual Actions menu.
Once you click on the drop down menu select the Security issues tab.
Ideally you won’t have any and will see something analogous to Figure 3 below which indicates you are security issue free.
However, if concerns are present, they could appear like this below.
Now that you understand just how easy it is to access these features, let’s take a look at what the errors indicate. Google has provided an excellent companion to each topic, however here is a concise overview of each security issue and its subcategories.
1. Social Engineering
Over the last decade social engineering has moved away from physical eavesdropping to electronic and has become so prevalent, we’ve probably all been affected. It can happen when you are tricked into clicking on or opening something that appears to be one thing, but is indeed malicious.
The different types of social engineering attacks are:
Happens when the site misleads the user into entering personal information. Sometimes the goal is simply to get your name and email address for analytics tracking and other times they could be attempting to steal your identity.
b) Deceptive content:
This occurs mostly in pop up ads, often prompting a user to click on a button. From this single click your entire system could become compromised and capable of being spied on or even held hostage for ransom.
2. Malware Infections
a) Server Configuration Malware Infection
A hacker has gotten into your config settings and visitors are actually being redirected to this black mirror site instead of your website.
b) SQL Injection Malware Infection
A hacker has compromised the integrity of the site’s database. Preventing correct information from loading, typically with the intent of harming the user
c) Code Injection Malware Infection
Website pages source code has been modified to perform attacks.
d) Error Template Malware Infection
Can occur when common URL errors are made to distribute malware
3. Cross-site malware warnings
If a site attempts to load content from another website that could potentially be malicious this type of warning will appear.
4. Hacked Injection types
a) Code Injection Hacked type
A hacker most likely is directing your site’s visitors to a black mirror site, by altering the source code, this also could be done at the server level.
b) Content Injection Hacked type
A hacker has altered only some of the links on your site to go to an alternate location.
c) URL injection Hacked type
This warning would indicate that new pages have been added to your site. Often these pages would blend in with your current content but drive the user to another site or gain access to their personal information.
Hackers generally alter your website in one of the following ways:
a) Accessing an insecure directory located on your server.
b) Exploiting vulnerabilities found in software you are using on your site
c) Gaining access and taking control or replacing third-party plugins
As online threats evolve, so must our efforts to combat them. Thankfully with help from tools like Google Search Console, we can try to stay one step ahead. If you’d like more information on the topic you can see what Google prepared or see another article such as this one.