Google Tag Manager Malware Detection

Posted 46 days ago by Dmitry Klymenko

3 Minute(s) to read

Malware Detected 

Have you ever been frustrated by attempting to visit a particular website, only to discover a red page with the text stating “malware detected” instead? Believe it or not, but this is Google's way of keeping you safe.

Websites are not the only things at risk of malware infection. Theoretically, tags may also contain JavaScript malware.

According to builtwith.com (Trends, Intelligence and Internet Research company), up to 20% out of the top 10,000 websites that are most frequently visited, are using Google Tag Manager (GTM). GTM is a very effective way to hack your own website. In fact, this is the exact reason why we are using it.

Google_Tag_Manager,_Malware_detection_and_tags_not_firing_image_1

Firing Tags

We ‘fire tags’ ( add or remove JavaScript) to a website page based on events, current time, or any other possible marketing triggers. Google Tag Manager (GTM) helps to deliver tags without involving a website development team (which we all know could take days, if not weeks).

A Powerful Tool

GTM is a very powerful tool in the hands of a Digital Analyst. However, in rare situations, it can technically be misused to deliver harmful malware content to the website's visitors. Thanks to Google and its new security feature, it is now less risky.

On more than one occasion I have come across false malware warnings. The website was legitimate and there was no malware whatsoever. Yet, it was still detected and flagged and users struggled to visit it. Can this also happen to your completely legit Google Tag Manager container? Well, I can think of at least one situation where this is possible.

Let's say your custom, HTML Tag requires a third-party jQuery (a very popular JavaScript library) plug
in to do exactly what you need it to. You include that plugin using
<script src='external-domain' > HTML tag and publish your container. Weeks later, the original website of the jQuery plugin was marked as malware and subsequently, so was your container.

Google Tag Manager Malware Update

In a recent security update Google has advised that if your tag references a malware flagged domain, it may stop firing as well as flag the entire container. Consequently, you will end-up losing analytics data and this is not good. Not good at all.

I'd personally like Google to provide a more detailed explanation of how this new security enhancement will work. Don't get me wrong - I am all for safe browsing and reducing potential risks! It is a very important thing to do.

Full Container

So if you have a GTM container full of tags - what can you do to stay on the safe side?

  • Stick to the built-in tags, think twice before using Custom HTML Tags and think 10 times before allowing it to use document.write

  • Be very careful with including external JavaScripts in your tags

  • Black-list Custom HTML tags on website pages where you are not using Custom HTML Tags

  • Enable two-step verification on the Google Account you use to access GTM

  • Periodically review your tags

  • Never use external scripts (or scripts you don't know what they are doing) on a secure payment page with sensitive data

To Wrap Things Up

Internetrix is an award-winning Australian data and technology company that has been a Google Partner for over a decade!

We hope you have found this blog helpful, and as always, if you have any questions about GTM360 or any other products within the Google Marketing Platform, please get in touch to book a call with our Google experts.