Google Search Console Alert

Recently I told each and every one of you the reasons why SEO is important and why it should be a concern for every website owner.  However, I didn’t tell you how a small blackhat SEO hack can ruin your website’s ranking on Google.  A few months ago, the security specialists at Securi Labs began to notify webmasters about compromised websites.  This compromise is accomplished by one line of malicious code, which is all it takes to gain access to your Google Search Console data.

Google Search Console Site Verification

Google Search Console verification

According to Securi, there are a few reasons why these criminals are wanting access to your website via Google Search Console.

  1. Gather data that can tell them how their black-hat SEO campaign performs: clicks, impressions, CTR, positions in Google search results and other goodness from the “Search Analytics” section.
  2. Submit sitemaps of their spammy pages to have Google quickly discover them all, meaning they don’t have to wait for Google to discover the pages via links on other sites. Hackers might even think that Google will treat their spam pages as legitimate when they are submitted as part of a sitemap directly from a verified site owner.
  3. Get notifications about hack detection. This may help estimate how efficiently Google can detect their doorways and the amount of damage it does to their campaign.
  4. Unverify legitimate site owners’ accounts so that they don’t receive any notifications (e.g. about security issues) from Google Search Console.

Google Search Console

All of the above reasons are of concern to webmasters.  Google Search Console is how the search engine notifies the verified site owner of malware and malicious code on each of your websites.  If you are no longer the verified site owner, you will no longer receive those critical notifications.  Which means you might miss out on that critical email that says your site is no longer listed or being indexed by the search engines.  And during this period of time when you’re not receiving notifications, the verified site owner can set up 301/302 redirects to spam pages and drop your hard-earned traffic rankings.


Here are a few simple ways to prevent the problem.

  • Log into your Google Search Console at least once a month.  I recommend every 2 weeks to view some of your analytics data.
  • Take all new site owner notifications seriously.  Our staff has a policy of un-verify and re-verify sites for new clients as a safety precaution.  And we remove all unauthorized site owners.
  • Verify all of your sites using the upload file option.


If you have any further questions, feel free to contact us to solve your specific problem.