Abusing the ad network

Google provides translated versions of our Help Center as a convenience, though they are not meant to change the content of our policies. The English version is the official language we use to enforce our policies. To view this article in a different language, use the language dropdown at the bottom of the page.

Display & Video 360 users must comply with this Google Ads policy. Visit the Display & Video 360 help center for additional restrictions.

We want ads across the Google Network to be useful, varied, relevant, and safe for users. We don’t allow advertisers to run ads, content, or destinations that attempt to trick or circumvent our ad review processes.

Below are some examples of what to avoid in your ads. Learn about what happens if you violate our policies.

Malicious or unwanted software

These requirements apply to your ads and any software that your site or app either hosts or links to, regardless of whether the software is promoted through the Google advertising network. The following is not allowed:

When an advertiser's ads are disapproved for malware, it is usually for one of the following reasons:

  • The domain is currently listed on Google’s Safe Browsing service (for example, browser warnings appear in Chrome when trying to visit the page).
  • The advertiser’s landing pages (and / or redirects) are compromised.
  • The advertiser’s landing pages are marked as flipping.
  • Their creatives are marked as malicious.

Sites that are disabled for "flipping" or "malicious creative" need to be escalated to the Malvertising team to be cleared manually.

This label has 2 distinctly different escalation paths (malware vs. UwS) and it’s important to understand the cause of the disapproval before escalating to either escalation path. Malware is typically flagged by automation and UwS is flagged during manual review.

red x mark Malicious software or "malware" that may harm or gain unauthorized access to a computer, device, or network

Examples (non-exhaustive): Computer viruses, ransomware, worms, trojan horses, rootkits, keyloggers, dialers, spyware, rogue security software, and other malicious programs or apps

Troubleshooter: Ads disapproved for Compromised Site

We will flag compromised domains in your Google Ads account once we have identified them. Please remove any code referencing these domains. Refer to resources and instructions to help you fix the underlying cause of the compromise in the Help for Hacked Websites article. If you can’t fix the ad’s destination, update the ad with a new destination that complies with this policy.

Troubleshooter: Ads disapproved for Malicious software
Note: alternative T&S troubleshooter available here.

1. Verify disapproved ads for Malicious or unwanted software (Google Ads ICS->Ads & Extensions->filter for “Policy Details: Malicious or unwanted software”.)

  • If no ads are disapproved for Malicious or unwanted software, clarify the issue with the client.

  • If there are ads disapproved for Malicious or unwanted software, proceed.

2. Check the status of the website (final URL of ads Disapproved for Malicious or unwanted software) in Google's External Safe Browsing Site Status Checker

  • When a site is disabled in Safe Browsing, it means that it was not disabled by a specialist on our Malware Team, but instead has been disabled as a result of the malicious content it may be exposing to users via organic listings.  

    • If the landing page current statuses are Dangerous or Unsafe, instruct the advertiser to fix the malware issue on their site and file an appeal through their Google Search Console to get the domain off Safebrowsing. Their site/landing pages will automatically be re-enabled to serve ads once they’ve successfully completed this process.

  • Note: agents can not assist advertisers further until this process has been completed and the site/URLs are no longer marked Dangerous or Unsafe. There is no current escalation path.
    [Externally friendly comms]: The last time that Google reviewed your site, a malware issue was detected. Please resolve the malware issue on your site and then file an appeal through your Google Search Console. You can follow instructions to fix your site through Help for Hacked Websites.
    Once your site has been reviewed and is found to no longer have malware your website will be eligible to show on Google Search and to run Google Ads.

    • If the landing pages’ statuses are Safe, proceed.​

3. Identify compromised landing pages using Valkyrie 

  • ​​Insert the top level domain of affected landing pages. Ensure Ads Integrity is selected and select Site. Insert the top level domain (without www) into the search field.         

  • If the domain is marked as "Disabled" (ss), click into the disabled URL links in the "Node Summary" on the right of the page to see the disabling links for each URL.
  • Note: recent clean scans on the site level do NOT indicate the domain should be enabled, just that some URLs are likely scanning clean.
  • In the event that the site has been recently (<24h) scanned and marked as both Enabled in Valkyrie and Safe in Google’s Safe Browsing Status Checker, check how long the ads have been Disapproved for Malicious or unwanted software:
    • In the event it has been less than 48 hours, inform the advertiser that it can take up to 48 hours for ads to be automatically re-reviewed (example CR).
    • In the event it has been more than 48 hours, suggest the advertiser re-upload their ads.
    • If the ads are still disapproved even after waiting the 48 hours and re-uploading the ads consult the Ad Review team to check and see if the ads are disapproved separately for “Unwanted Software”
  • If the site is Disabled check the Disabling reason(s) 
    • If the disabling reason is compromised_landing_page with a Hidden Proxy Scan, Consult Malvertising.
    • If the disabling reason is the URL of the advertiser’s domain itself, Consult Malvertising.
    • If the Disabling reason is flipping (which occurs when a site frequently flips between enabled and disbaled in Valkyrie), confirm the advertiser has removed the malicious content and then Consult Malvertising.
    • If the Disabling reason is malicious creative, Consult Malvertising.
    • If the following three occur, proceed to the next step:
      • Disabling reason is compromised_landing_page 
      • The disabling reason is not the URL of the advertiser’s domain itself 
      • There is not a Hidden Proxy Scan

4. Confirm compromised landing pages still contain Malicious or unwanted software, by forcing a re-scan of affected landing pages.

  • Click on the Disabled URL under Node Summary
  • Select the correct Geo, if there is no Geo mentioned, use No Geo (default) 
  • Click on Force Rescan
  • Repeat the process for each disabled landing page/URL (Note: the fresh scans can take up to 10 min to appear in Valkyrie. You must refresh the page to see the rescan results)
  • If the most recent scans come back clean, inform the advertiser that the site will be enabled and their ads will be automatically re-reviewed within 48 hours (example CR).
  • If the recent scans come back as disabled, check the Disabling reason(s):
    • If the Disabling reason is compromised_landing_page and the disabling reason is not the URL of the advertiser’s domain itself and there is not a Hidden Proxy Scan, proceed.
    • If the Disabling reason is malicious creative, Consult Malvertising.
    • If the Disabling reason is flipping, confirm the advertiser has removed the malicious content and then Consult Malvertising.
    • If the disabling reason is the URL of the advertiser’s domain itself, Consult Malvertising.
    • If the disabling reason is compromised_landing_page with a Hidden Proxy Scan, Consult Malvertising.

5. Advise advertiser to remove disabling links from compromised landing pages

  • Send most recent disabling links to advertiser (example CR)
  • The most recent disabling links appear under Disabling reason(s) of the most recent site level scan.
    • To protect our detection mechanisms, do not provide the advertiser with any URL that contains environmental parameters (URLs that expose the environment we are scanning the ad URL in, for example, browser, user agent, geo location, ect), scan time, geo of the scan, anything else not related to the issue including any and all screenshots.
  • Once the advertiser has confirmed they have removed all disabling links from their site, return to 4. Identify compromised landing pages in Valkyrie and confirm a recent (less than 24 hours) scan has come back clean. 
  • If the event the site has been recently (<24h) marked as both Enabled in Valkyrie and Safe in Google’s Safe Browsing Status Checker, check how long the ads have been Disapproved for Malicious or unwanted software:
    • In the event it has been less than 48 hours, inform the advertiser that it can take up to 48 hours for ads to be automatically re-reviewed (example CR).
    • In the event it has been more than 48 hours, suggest the advertiser re-upload their ads.
    • If the ads are still disapproved even after waiting the 48 hours and re-uploading the ads consult the Ad Review team to check and see if the ads are disapproved separately for “Unwanted Software”

External Communication

  • If the site is site is still disabled in Valkyrie: Example CR
  • If the site is scanning clean and enabled in Valkyrie: Example CR

Consulting Malvertising

  • Malvertising should be consulted whenever a sticky decision appears in Valkyrie including:
  • A rescan should be forced before consulting Malvertising for the following:
    • If the disabling reason is third_party_redirect_in_landing_page, except when there is Hidden Proxy Scan, Consult Malvertising
    • If the disabling reason is third_party_redirect_in_creative, except when there is Hidden Proxy Scan, Consult Malvertising.
    • If the disabling reason is download_prompt_detected_in_landing_page, except when there is Hidden Proxy Scan, Consult Malvertising.
    • If the disabling reason is executable_downloaded_by_landing_page, except when there is Hidden Proxy Scan, Consult Malvertising

Ad Review for Ads Disapproved for Malicious Software

  1. In the event it has been less than 48 hours, inform the advertiser that it can take up to 48 hours for ads to be automatically re-reviewed (example CR).
  2. In the event it has been more than 48 hours, suggest the advertiser re-upload their ads (example CR)
  3. If the ads are still disapproved even after waiting the 48 hours and re-uploading the ads consult Malvertising team

Consult Process to Malvertising

Quality issues and consult over SLA (OLY 2 business days, non OLY 4 business days) can be escalated using go/malwareappeal-esc. For support teams, please add the Bug ID received by email as a note on your case for quality purposes.

red x mark Ads or destinations that violate Google's Unwanted Software policy

Examples (non-exhaustive): Failure to be transparent about the functionality that the software provides or the full implications of installing the software; failing to include Terms of Service or an End User License Agreement; bundling software or applications without the user's knowledge; making system changes without the user's consent; making it difficult for users to disable or uninstall the software; failing to properly use publicly available Google APIs when interacting with Google services or products

Troubleshooter: Unwanted software
  1. Check your ad and destination to make sure it complies with the Google Unwanted Software Policy.

  2. Edit the ad and / or destination.

    Editing the ad will resubmit the ad and its destination for review. Most ads are reviewed within one business day, but some can take longer if they need a more complex review.

 
Violations of this policy will not lead to immediate account suspension without prior warning. A warning will be issued, at least 7 days, prior to any suspension of your account. Learn more about suspended accounts.

Unfair advantage

The following is not allowed:

red x mark Using the Google Network to gain an unfair traffic advantage over other participants in the auction

Examples (non-exhaustive): Affiliates that advertise on Google Ads against the applicable affiliate program rules; promoting the same or similar content from multiple accounts on the same or similar queries, trying to show more than one ad at a time for your business, app, or site

Note: Keywords should fit the target audience’s likely intent when searching. Each website or app that you promote should offer distinct value to users. For example: avoid promoting similar products and prices across related destinations.

Violations of this policy will not lead to immediate account suspension without prior warning. A warning will be issued, at least 7 days, prior to any suspension of your account. Learn more about suspended accounts.

Evasive ad content

red x mark Manipulation of ad components (text, image, videos, domain, or subdomains) in an attempt to bypass detection and / or enforcement action

Examples (non-exhaustive): Misspelling prohibited words or phrases to avoid ad disapproval; manipulating trademark terms in the ad text, domain, subdomain, or logo to avoid restrictions on the use of that trademark; using invisible UNICODE characters in ads that add no value to the ad content for users, manipulating images or videos to hide policy violating content.

Violations of this policy will not lead to immediate account suspension without prior warning. A warning will be issued, at least 7 days, prior to any suspension of your account. Learn more about suspended accounts.

Circumventing systems

The following is not allowed:

red x mark Engaging in practices that circumvent or interfere with Google's advertising systems and processes, or attempts to do so.

Examples (non-exhaustive):

  • Cloaking (showing different content to certain users, including Google, than to other users) that aims at or results in interference with Google’s review systems, or hides or attempts to hide non-compliance with Google Ads policies, such as: 
    • Redirection to non-compliant content
    • Using dynamic DNS to switch page or ad content
    • Manipulating site content or restricting access to so many of your landing pages that it makes it difficult to meaningfully review your ad, site, or account

    Note: Cloaking does not include providing content personalization that adds genuine value for certain users, such as different language versions of the same content or different versions of the same content depending on the user’s internet service provider, as long as the offering is still substantially the same, the variation in content is still compliant with Google Ads policies, and Google is able to review a version of the content

  • Repeated policy violations across any of your accounts, including creating new domains or accounts to post ads that are similar to ads that have been disapproved (for this or any other Google Ads policy)
  • Bypassing enforcement mechanisms and detection by creating variations of ads, domains or content that have been disapproved (for this or any Google Ads policy) or using techniques in text, images, or videos to obfuscate sexually explicit content
  • After a previous suspension decision, attempting to use the Google Ads system again by creating new accounts in order to re enter the system
  • Abusing Google Ads product features in order to show policy non-compliant content to users and/or gain additional traffic
  • Submitting false information as part of our verification programs

We take violations of this policy very seriously and consider them egregious. An egregious violation of the Google Ads policies is a violation so serious that it is unlawful or poses significant harm to our users. In determining whether an advertiser or destination is violating this policy, we may review information from multiple sources including your ad, website, accounts, and third-party sources.  If we find violations of this policy, we will suspend your Google Ads accounts upon detection and without prior warning, and you will not be allowed to advertise with us again. If you believe there's been an error, and that you haven’t violated our policy, submit an appeal and explain why. We only reinstate accounts in compelling circumstances, and when there is good reason so it's important that you take the time to be thorough, accurate, and honest. Learn more about suspended accounts.

Note: We may take action on an advertiser’s account based on, for example, adverse regulatory warnings, settlements, or rulings about an advertiser’s advertising practices, or direct complaints from users or businesses.

Webmaster Guidelines

The following is not allowed:

red x mark Engaging in practices that violate the Google Webmaster Guidelines

Examples (non-exhaustive): Keyword stuffing, cloaking, sneaky redirects, doorway pages, spamming social network sites

Violations of this policy will not lead to immediate account suspension without prior warning. A warning will be issued, at least 7 days, prior to any suspension of your account. Learn more about suspended accounts.

Need help?

If you have questions about our policies, let us know: Contact Google Ads Support
Was this helpful?
How can we improve it?
Search
Clear search
Close search
Google apps
Main menu
Search Help Center
true
73067
false
false