Warning to All Website Owners

Hello WA friends,

A leading provider of CMS hosting has warned site owners to be vigilant of emails announcing unauthorized verifications of Google Search Console accounts for their site.

A recent research revealed that online criminals are leveraging Google Search Console to increase the efficiency of the malicious use of resources on hacked sites.

Google Search Console — previously known as Google Webmaster Tools — provides a number of useful tools for site owners, including information about which search queries are leading visitors to a site, which sites are linking to a site, and the ability to submit new sitemaps to Google. Attackers can use this information to ascertain the effectiveness of doorway pages, SEO spam, and other malicious activities carried out on compromised sites.

As users of content management systems ( WordPress ), we should be aware of the implications of receiving an unexpected ‘new owner’ email from Google Search Console. Less technical users might be inclined to ignore the email, which may well be the first indication they receive that their site has been compromised.

To use Google Search Console, sites must be verified, often by including a snippet of code within the site's pages. Multiple Google Search Console accounts can be verified for each site, allowing an attacker to create an account in addition to the owner’s. If the site is compromised, it's trivially easy for an attacker to add the necessary code snippet.

What You Should Do if You Receive an Unexpected Email from Google

If site owners receive an unexpected email from Google announcing the unauthorized verification of a new site on Google Search Console, they should immediately remove the account using Google Search Console, and take steps to confirm that their website has not been compromised.

Hope this will serve as an advance precaution for all of us. Thank you for reading.

Ferdie