Did your Google Adwords account get suspended? In this article, you’ll learn about why Google AdWords suspension occurs and also how to get your Google AdWords account unsuspended.

In the rest of the article, we’ll cover the following:

google search

Google handles 2 trillion + searches per year. That’s over 5 billion searches per day. A business owner can take advantage of a platform like this by advertising their business with Google Adwords.

Advertising with Google AdWords lets you quickly position yourself on the search engine. Although there are several other ways to rank on Google, advertisement offers faster results.

That said, advertising with Google Ad comes with its own set of problems. Google, being the world’s largest search engine provider would want to protect its users and its brand. Google comes with a set of Adword policies or ads policies that ensures the safety of its users while also maintaining its brand name.

Deviating from these Google’s advertising policies could get your Adwords account suspended.

Before learning how to unsuspend Adword account, let’s take a look at the reasons why Google may suspend your Adwords account.

Why Google Suspended An Account?

The user account can be suspended when Google detects suspicious behaviour or violations of Google policies or even repeated violation.

Cause for suspension ranges from an unpaid balance or advertising costs to making suspicious payments to poor quality or misleading ads, from clocking activities to malware infected websites.

Among all the reasons to suspend Google Adwords account, one reason that we come across time and again is hacked WordPress websites.

In the past few years, there has been a dramatic increase in the amount of malware infected website found on the internet. Around 1% websites on the internet are infected with malware which translates to 1 billion infected sites.

In many cases, the websites owners are unaware of their infected websites.

website malware

Having malware on your website is not just harmful to your site but also for visitors to your website or the landing pages. Website malware can potentially infect the visitor’s computer or even duped them into buying products or sharing sensitive information.

For this reason, Google suspends accounts for Adwords account attached to dubious websites.

What Happens When Google Finds Your Website is Hacked?

When it comes to infected websites, Google takes a strong proactive stance.

Website Blacklisting

Google shoulders the responsibility of providing its users with a safe environment. This is why Google scans through the internet in search for websites infected with malware and blacklists them. As per the Google Safe Browsing initiative, the website is quarantined and Google users attempting to visit the website is blocked (see below) from entering the site.

The search engine giant applies the Safe Browsing Initiatives across all its products including Google Adwords.

the site ahead contains harmful programs message

(The dreaded red flag)

Adwords Account Suspended by Google

Google is concerned that the advertisement displayed on the search engine sends users of the platform to a hacked site which may harm the user.

At the end of the day, Google will want to protect its users from harmful content and protect its business by suspending the Google ads account connected to the infected website.

Quick Check:

If you are offering software that users can download through your website, consider reading through Google’s Unwanted Software Policy and being transparent about your Download Policies, Terms and Conditions, as well as the fee of the software. Additionally, website owners who fail to be transparent will be considered suspicious and which will lead Google to suspend Adwords advertisement for that software. And it can also lead to suspension of your entire Adwords User Account.

Google Adwords Account Suspended: How to Unsuspend It?

After suspending your account, Google sends an email informing you that the reason why your account has been suspended.

Suspension notices from Google run along the lines of:

google adwords phone - contact adwords

These messages imply that the reason Google suspended your account is that it was hacked. To be completely sure about the reason of suspension, you can log into your Google Adword account check for notifications. And it’ll tell you if malware is the cause behind the suspension.

Now that you know the cause, how to get suspended Adwords account back? Let’s find out:

Clean Your Infected Website

After identifying the reasons behind Adwords suspension, you can process to the next step, which is to identify and remove the malware and then request for a Google review.

There are two ways to clean a hacked website:

  1. Manual Cleanup and,
  2. Using a Cleaning Tool

How to Manually Clean a Website:

1. Look for Malicious Keywords –

One way of finding malware is to look for keywords. A keyword might be something like ‘eval’ or ‘base64_decode’. While a lot of malware may contain keywords like this, a lot of malware has these keywords, a whole set of malware exists that do not use these keywords at all. Moreover, there are many valid codes that come with the mentioned keywords. Hence searching for these keywords is not an easy or fool-proof way of finding malware. It leads to a lot of false positives.

2. Check Recently Modified Files –

New or recently modified files might be part of a hack. Look for new or recently modified and treat unfamiliar modifications suspiciously. It’s important to determine who made the modifications. If not you, nor your teammate had made any modifications to your files, then someone else has. It could be a hacker. In most cases, it’s hard to identify who modified the file because hackers these days reset the time of modifications.

3. Restore an Old Backup –

For websites who take regular backups, an easy way of cleaning up a hacked site is by restoring an old backup. But this is not always a good idea. Let us see why:

restore old backup

The Backup Can Be Infected

Unless you know exactly when the site was hacked, the backup that you choose to restore can be hacked. Besides, it’s hard to know when exactly your site was hacked because the purpose of such attacks is to use your server resources without drawing your attention.

Finding out whether a backup is clean or infected is not an easy task. With backup services like BlogVault, you can perform a Test Restore to verify the backup. But without a Test Restore, you risk restoring a malware-infected backup.

Even After Restoration, Some Infected Files Remain

When a hacker gains access to a website, s/he stores files like pirated movies, music, nulled software. Sometimes they create backdoors to access the website even after the infected website are clean. When you restore a backup, old files are overwritten but the new ones (the ones created by the hackers) remain. In this way, your attempt to clean your site fails and a hacker still has access to your website.

Restoration of Backups Can Lead to Data Loss

Earlier, we pointed out how it could be weeks or even months before you find out that your website is hacked. During this time, site owners may have posted new content, or changed the design of the website. Even if you manage to find out when exactly was your site hacked, restoring a backup from before the hack means you’ll end up losing new content.

Look For Unknown Files & Folders in WordPress Root Folder:

After hacking your site, hackers commonly use your website to store new files or create backdoors to your site. The WordPress root directory (/public_html) is a popular target since users normally don’t access the root directory. Plugins (/wp-content/plugins/) and themes (/wp-content/themes/) are often the most vulnerable folders. To ensure that these folders are malware-free, look for unknown PHP files that may have been stored by hackers.

That said while looking for an unknown folder is a general rule of thumb, there are files that may look unfamiliar but are not malicious. Plugins and themes have known as well as an unknown set of files and folder. Deleting unknown folders can cause the theme or plugin to misbehave. Unwittingly deleting useful files can lead to dangerous consequences.

Cleanup Hacked Website Using a Tool

There are many security plugins out there. With the overwhelming number of choices involved, it’s hard to pick one especially in times of crisis. Most WordPress security plugin offers clean up services for a fixed price.

clean hacked website

Security plugins like Sucuri and Wordfence take a similar approach to clean hacked websites. Sucuri offers different levels of cleanups depending upon how fast you want your site clean (between 30 mins to 12 hours). After identifying a hack, the security personnel from Sucuri sets about cleaning a site. But s/he will need your website SPTF details.

Unlike Sucuri, Wordfence does not guarantee a turn around time. Cleaning a back site can take up to days or even weeks. Every time you clean your website using Wordfence, you have to pay a clean-up fee.

MalCare Security Service takes a very different approach to malware cleaning. It’s unique in the sense that it offers automatic one-click cleanups. Users can remove malware at the click of a button. There’s no need to wait for a security professional. This also means you don’t need to give an outsider, access to your website.  Moreover, whatever package you buy, you get unlimited cleanups.

Once you are certain that your website is free of malware, it’s time to request a review, submit an appeal.

Contact the Google Adwords Team

google adwords phone - contact adwords

However, if you are outside of the US, you can use AdWords Support Phone number outside of the US.

If the infections are removed entirely, the approval should be automatic. In case, you don’t get an automatic approval from Google team, you’ll need to request a review for a previously disapproved. Let’s take a look as to how you can fix the suspended site or fix the violations:

Fix the Disapproved Ads

Step 1: Login to your Google Adwords account. And to find the disapproved ad, go to the Ads or Ad extensions tab.
Step 2: Now go over to the “Status” column. Next to “Disapproved,” there is a white speech bubble. Click on one of the reasons to and learn more about the policy.
Step 3: Next what you need to do is hover over the ad or extension. A pencil icon should appear and you need to click on it to Edit.
Step 4: Make necessary changes to the ad or extension so that it complies with the policy.
Step 5: Finally, hit Save.

That said, we’d like to reiterate that you should not submit your Adwords ads for review until you’re sure that the violations are fixed. After removing malware, Google Webmaster Tools users can check their website security by requesting a review of their website in Google Webmaster Tool.


Adwords account suspensions or Adwords suspensions are a nerve-wracking experience and one wants to unsuspend the account as soon as possible. But patience is the key here. The entire process could take from 2 days to up to 2 weeks.

As we come to the end of this blog post, there is one thing that we’d like website owners to notice. Once a website is hacked, it’s very likely that the website will be a target again. Hackers will want to get unauthorized access to your website. There’s no reason to make the same mistakes again. As they say, “hacked once, shame on the hackers, hacked twice, shame on you.” Secure your website against hack attempts using a security service like MalCare.

try malcare wordpress security plugin