Malware detection

The term malware, short for "malicious software," refers to any software specifically designed to harm a computer or any software it has installed. Malware can steal sensitive information (like credit card numbers or passwords) or send fake emails from a user's email account, often without the user's knowledge. Malware may include, but is not limited to, viruses, worms, spyware, adware, and Trojan horses.

Containers are automatically scanned for malware. If malware is detected, the affected container will be flagged. Google Tag Manager will not fire tags that point to sites where malware is found.

How do sites and networks get infected?

In most cases, affected users are unaware that there are tags that serve malware from their containers. Usually through no fault of your own, a network provider becomes infected when they install tainted 3rd party libraries or templates onto their websites, and subsequently transmit that malware to your site via the custom HTML tag that you published onto your website via Tag Manager.

Common symptoms of malware on your site can include unwanted URL redirects, pop-up ads, altered search results, the addition of unwanted browser toolbars or side-search bars, and slow computer speeds.

What can I do if my container gets flagged for malware?

If your container has been flagged for malware, a notification email will be sent to the container owners. Tag Manager will show an alert that a tag is "malware flagged" if it is live in the published version, and the version history will show the same.

To resolve this issue, go into the problematic container and remove all triggers from any malware-affected tags, and remove those tags from any tag sequencing so that they are completely disabled.

When your repaired container configuration has been republished, it will be re-scanned for malware automatically.

The best way to avoid malware issues is to use the tag templates built into Google Tag Manager. Tag manager supports a wide number of 3rd party tag templates. If a tag you'd like to deploy isn't yet built into Google Tag Manager, consider reaching out to the tag vendor to ask them to apply to the Google Tag Manager Tag Vendor Program.

What should I do if I run an Ad Network and I’ve been flagged for malware?

Follow the steps below to check your computer for malware, remove all malicious code from your site, and submit your site and ads for review.

  1. Check the status of your site in Google's Search Console site:
    1. Visit google.com/webmasters and sign in.
    2. If you're new to Search Console, enter your website into the field and click Add a site. Note that you might be asked to verify that you own that site.
    3. Look at the status displayed for that site to see what issues were found.
  2. Select the appropriate scenario below to see detailed next steps.
Search Console finds malware on your site...

Here's an overview of the steps you'll need to take:

  1. Quarantine your site.
  2. Assess the damage.
  3. Clean up your site.
  4. Ask Google to review your site.

Follow these instructions and we'll walk you through each step. Please make sure that your primary domain, all subdomains, and all verified site redirects are cleared of malware.

If you're not able to complete some of the technical steps yourself, please contact your web hosting provider or visit stopbadware.org for more information.

Search Console does not find malware on your site...

Even if Search Console does not identify any issues, it's still possible that your site has security issues detected by our systems. Check with your webmaster or web hosting provider to see if they can identify the problem. You may also want to visit stopbadware.org for more information.

What happens with containers that continue to point to sites that contain malware?

Tags that contain malware will be disabled and will not run. If a problematic tag is re-enabled, then there is a risk of being locked out of your Google Tag Manager account. Account owners will be notified via email if a lockout occurs.

Does Google have any programs to detect and remove malware?

Although Google doesn't provide programs to remove malware, Google does offer Safe Browsing. Safe Browsing is a service provided by Google that enables applications to check URLs against Google's constantly updated lists of suspected phishing and malware pages. Additional 3rd party solutions that may be helpful are listed below:

If these programs don't resolve the problem, try an advanced troubleshooting program such as HijackThis.

How can I file a complaint with a government agency about malware?

In the United States, the Federal Trade Commission (FTC) handles complaints about deceptive or unfair business practices, including malware distributed by sites hosted in the United States. To file a complaint, visit www.ftccomplaintassistant.gov.

To file a complaint outside the United States, visit www.econsumer.gov, a site representing the consumer protection agencies of 21 countries.

Was this article helpful?
How can we improve it?