It was Friday and the last working day of the year of 2022, the home page of Calem website (1st screenshot below) didn't show. Instead, a red warning blocker (2nd screenshot below) showed up when visiting Calem website (calemeam.com). The red blocker page also showed when visiting Calem cloud service such as demo.calemeam.com. It caused a panic at our office because we have not seen this before.
1. Website Development Factor
The first area we checked is the Calem website. There was some exploratory development performed in Calem website in the past few days. A couple linodes of servers (Linode is one of the cloud service providers for Calem) were cloned with Calem website contents. We also granted access of cloned sites to 3rd party technical staff. It might be possible that the cloned sites played a role in getting the red blocker.
Our of abundance of precaution, actions were taken to clean up the website clones.
2. Visual Inspection
Next, we visually inspected the website and cloud service by navigating to the pages of Calem website and cloud service.
3. Request Review from Google Search Console
Google Search Console is a place to get clues that may cause Google to flag a site as being deceptive. It is also the place to request a review of the red blocker pages.
4. Report Incorrect Warning
This thread from the Google community help is a life saver. We used it to check Calem website and report false red blocker warning.
5. Website and Cloud Serivce Unblocked
Google did a good job in handling our review request and safe browsing error reports. The red blockers of warning are removed from Calem website and cloud service within an hour or so.
6. Security Monitoring and Improvement
Monitoring and improvement of Calem security is an ongoing effort. We will continue to use the best security tools available to monitor and improve Calem website and cloud service. For instance, we like the Mozilla Observatory for ideas of improvement.