Thursday, May 10, 2007 at 11:43 AM
(This post was translated from our German webmaster blog, originally written by Stefanie.)We are aware that a number of German webmasters have received fake penalty notification emails that allegedly came from Google Search Quality. These spam emails have created some confusion about their authenticity, since we send very similar email notifications, which you can read more about here. Therefore, we clearly want to state that these emails are not related to any of Google's efforts concerning webmaster notification.
Updated: Because these emails are easy to mistake for authentic ones from Google, we've temporarily discontinued sending them as we work on ways to provide more secure communication mechanisms. We hope this will reduce confusion.
In the original post, we had listed the ways to tell if the email you received was not from Google. However, as we've temporarily stopped sending emails about guidelines violations, you can safely assume that any email you receive isn't from us. Note that the emails we sent did not include attachments. In addition, some of the emails mentioned 301 redirects as being the violation in question. Rest assured that 301 redirects are not a violation of our Webmaster Guidelines. Note that we do provide information about some violations in webmaster tools. If your site previously violated the guidelines and you've made changes to fix it, you can let us know by filing a reinclusion request.
This post has been updated to indicate that we've temporarily stopped sending emails to webmasters about guidelines violations to reduce confusion.
10 comments:
These seem all good ways to detect fake e-mails, but seems to put quite the burden on the reader.
If there are legitimate e-mails that look similar, couldn't you start signing them digitally which would make verification of authenticity much easier, and then the whole instruction is 'if the e-mail does not have a valid Google digital signature put it in the trash bin'.
I agree - these emails need to be verifiable. A digital signature is good, but many webmasters will not know what to do with it - how about a URL on Google's side that let's you verify the penalty, eg in your webmaster tools console?
Yeah, we want to come up with a more secure system (see updated post). We'll keep you all posted.
Vanessa, please post them in a comments section in Google Webmaster Central! This way you can have pending comments for URL's that people can see even if they were penalized prior to setting up Webmaster Central.
Let me know your thoughts -
Joe Griffin
joeg (at) submitawebsite.com
Dear Google,
why not simply sign your e-mails with PGP. This allows anybody with a modern E-Mail client to verify its authenticity. I guess webmasters would be able to handle this.
K<o>
Busy, supporting non technical users of OpenOffice Writer
There seems to be a new wave of
these emails being sent.
Was there any change in google
policy meanwhile ? Can we still
be sure that google is not currently
sending these messages ?
hm, do you know if this wave still includes a "click here and install this program" link? That's a great way to tell a fake email from a real one.
It is a plain text mail, does not have any attachments, and the links
inside correctly point to google.de or google.com.
Anyone been able to determine what exactly the scam e-mail is attempting to do? If the URLs really point to Google sites, presumably it's not a data harvesting excercise, so what is it trying to achieve? Could it simply be a phisher "testing the waters" on whether there's future scope to harvest Google log in credentials perhaps?
Hi everyone,
Since nearly a year has passed since we published this post, we're closing the comments to help us focus on the work ahead. If you still have a question or comment you'd like to discuss, free to visit and/or post your topic in our Webmaster Help Group.
Thanks and take care,
The Webmaster Central Team
Post a Comment