Discuss

last person joined: 2 days ago 

Ask a question. Give advice. Share resources. Looking for software or hardware recommendations? Want to know how others are using text messaging in their work? Trying to find examples of IT policies? The NTEN Discuss forum is a great resource for all of the above and more! It's the general discussion list for the NTEN community, and folks all over the US (and the world) are sharing their questions, answers, and news about nonprofit technology.

1.  Google Grant and potential malware issues?

Posted 9 days ago
Hey all,

New to this community and just getting back to NYC after a terrific few days of learning, conversation and po boys in NOLA. Man that was fun!

In NYC, I run a small digital studio, Digital Culture NYC, where we develop websites for mostly arts and cultural institutions. From time to time we provide support and maintenance on sites we didn't design, which is where my question comes in.

Working w/ a theater company now who has a Google Grant administered by another agency. Google has stopped running their ads claiming there is malware on the site, which my company now supports. The problem is, we have not been able to find any evidence this is the case. The site comes up clean on all your basic tools such as sucuri site checker or Google's webmaster tools. One of my developers went over it with a fine-tooth comb and cannot identify an issue. It's a very old and cantankerous PHP site that is very quirky and hard to manage, so if this is not a false positive, I don't want to rule out that there's something going on with the site that we are not correctly identifying. If malware it is really well concealed tho.

My main question is has anyone else out there successfully dealt with a thorny malware problem and have any advice for me? Might be worth referring this issue out to a team who are clean up specialists, so if you have reccos on this area, I would be much obliged. Thank you!

Amanda

------------------------------
Amanda McCormick
Co-founder
Digital Culture NYC
Brooklyn, NY
------------------------------


2.  RE: Google Grant and potential malware issues?

Posted 8 days ago
An "old and cantankerous" site that is "hard to manage" is not good for anyone and is bound to be vulnerable to exploit. Small organizations should use a platform that has an easy upgrade path and requires as little developer support as possible once it is built-IMHO.

------------------------------
Ted Spencer
Executive Director
Voters Pledge
------------------------------



3.  RE: Google Grant and potential malware issues?

Posted 7 days ago
@Amanda McCormick

Just got back from NOLA myself. Flew back to France, they cancelled three flights in a row then lost my luggage. Bit jetlagged but will try to respond coherently.

Google could be wrong. It's possible that some code on the site just looks like malware. If it's an old, quicky and cantankerous website that's entirely possible. Or they're right and there's some tricky-to-spot malware. Or, as they often do, they listed malware as one of several possible reasons for suspending the Ad Grant, and the issue is actually something else.

Has anyone phoned Adwords to ask them for more specific information?

And can you share the url here (or privately) and we can run it through a few checking tools?

------------------------------
Jason King
Freelance WordPress development and Google Ad Grant management
Mirepoix, France

www.kingjason.co.uk

Twitter: @jasoncsking
------------------------------



4.  RE: Google Grant and potential malware issues?

Posted 7 days ago
This also happened to us, on ads for a brand new site with solid https. In our case, it seemed to be a few display ads we were running on the website. When we stopped those ads and asked for a reevaluation, Google cleared us and now the ad accounts are running again. The specific ads were new "house ads" that we have total control over so would seem to be the least likely to cause an issue.

------------------------------
Alison Hinchman
Director of Digital Engagement and Acquisition
National Trust for Historic Preservation
Washington, DC
------------------------------



5.  RE: Google Grant and potential malware issues?

Posted 6 days ago
Good clue, thank you @Alison Hinchman! ​

------------------------------
Amanda McCormick
Co-founder
Digital Culture NYC
Brooklyn, NY
------------------------------



6.  RE: Google Grant and potential malware issues?

Posted 6 days ago
There is also a separate Digital Advertising community whose members might have additional insight. ​Jason King is a power contributor to that community. ​:)

------------------------------
Alison Hinchman
Director of Digital Engagement and Acquisition
National Trust for Historic Preservation
Washington, DC
------------------------------



7.  RE: Google Grant and potential malware issues?

Posted 6 days ago
Edited by Zachary Wilson 6 days ago
All,

We have dealt with this before and I start with these two things:

1. Have your developer do a search in the public web directory for files that have timestamps that have change. Start with a few days, then increment to 7, 14, etc.

If using linux, do something like this:

# find files that are changed in the last 7 days
$ find / -type f -mtime -7​

Once you see files that have timestamps that have changed, start inspecting each file. I bet you'll find some malicious code nested somewhere.

2. Do a quick scan / comb of your DB tables and look for any evidence of Cross-site scripting (XSS). Then malicious entries will be clear as day. They might have code in them or scripts or something. They will absolutely not be what one would expect to see.

Hope that helps!

------------------------------
Best,


Zach Wilson
Gulo - A Digital Agency
gulo.co

@gulorocks
p. 773.276.8066
c. 917.605.5665
------------------------------



8.  RE: Google Grant and potential malware issues?

Posted 6 days ago
I responded to Amanda offline, but would like to share a couple of the suggestions here too.

During one of the talks at NTC, Michelle the head of Ad Grants said something about warnings triggering for odd reasons, and the more APIs and integrations you have, the more likely they are. Given that this is a custom-built and "cantankerous" site, wouldn't surprise me.

I saw that Amanda's website uses an embedded box office by Spektrix. That might be the problem.

While I was at that NTC session, I watched Michelle fix a situation where a nonprofit used an embedded third party tool, but that tool used a different url than their domain.

In this case, those embedded frames are from Spektrix - that domain might need to be authorised for your use. But then you run into a problem: you don't own spektrix.com. If that's the actual problem, the Ad Grants team might be able to get around this by authorising the use of spektrix.com by anyone, not just you. But I reckon the Adwords reps on the phone would give you the runaround, so post this on the Advertisers forum to get a proper resolution - https://www.en.advertisercommunity.com/t5/Google-Ad-Grants/bd-p/adgrants#.

------------------------------
Jason King
Freelance WordPress development and Google Ad Grant management
Mirepoix, France

www.kingjason.co.uk

Twitter: @jasoncsking
------------------------------



9.  RE: Google Grant and potential malware issues?

Posted 5 days ago

Thanks for your help on this forum @Jason King. I'm your biggest fan!


big fan



------------------------------
Ariel Jensen-Vargas
Digital Strategist at Fountain House College Re-Entry

MPA Nonprofit Management candidate
Marxe School of Public and International Affairs, Baruch College
Long Island City NY United States
------------------------------



10.  RE: Google Grant and potential malware issues?

Posted 5 days ago
Too kind. Presumably you're not referring to my waltzing ability.

------------------------------
Jason King
Freelance WordPress development and Google Ad Grant management
Mirepoix, France

www.kingjason.co.uk

Twitter: @jasoncsking
------------------------------