When you try to browse your website or its URL, the web browser may show you a “Reported Attack Page” due to the following reasons:
Your website has been marked as a malware or phishing site.
The sources of your website may be compromised.
Some files of the website have been modified with malicious script/code.
This article will guide you on how to resolve this problem. Kindly follow below mentioned steps in order to proceed:
The “Reported Attack Page” appears as illustrated in the following image:
When malicious scripts are placed, or some modifications are made to your website that may harm the visitor’s systems, Google cannot alter them in the website; instead, they can only give you an alert they detected potentially malicious scripts on the website. In this case, first, you will need to clean and secure your hosting account before submitting a reported attack page removal request to Google.
Please refer to below mentioned steps in order to clean and secure the hosting account:
Secure all accounts [E.g., FTP], using which the script/code for the website is uploaded with strong passwords. Secure all mailing accounts if mails are sent using the website's contact page(s) with strong passwords.
Check the script/code of the website with the help of its developer; scan it at your local system by some antivirus application.
Suppose the website is hosted in the system [especially from IIS]; scan that system also. It is also recommended to schedule a scan at regular intervals in this case.
Once this has been done, and you are sure about the actions taken, kindly file a delisting request from your Google Search Console account. You can also refer to the below mentioned URL for the same: