What to Do When You Encounter Security Issues
If you see a browser warning, receive an unexpected login verification code, or suspect your website content has been tampered with, don't rush to delete data or send sensitive information to anyone. Preserving evidence, securing your login methods, and reporting through the correct channels will usually help resolve the issue faster.
This page provides first-step actions for common security scenarios. If there is an immediate threat to personal safety or ongoing criminal activity, please contact your local emergency services or law enforcement first.
Receiving a Login Verification Code You Didn't Request
If you haven't attempted to log in but receive a Kanorio email verification code or login link, someone might be trying to access your account using your email. This doesn't necessarily mean they've successfully logged in, but you should take immediate action:
- Do not share the verification code, login link, QR code, or backup codes with anyone.
- Do not click links in suspicious messages directly; open your browser and go to Kanorio manually.
- Check if the email or Google account used for login is still under your control and update its security settings if necessary.
- Log in to Kanorio from a trusted device and go to Account Settings to enable or confirm two-factor authentication (2FA).
- If you notice unfamiliar members, changes to your website content, or are unable to log in, preserve the messages and timestamps and contact support.
Browser or Google Displays a Security Warning
If your browser shows "Not Secure," Google search results display a suspicious warning, or visitors can't access your custom domain properly, first identify the specific situation:
- URL lacks a padlock or HTTPS is not working: This is common when DNS has recently changed, a certificate is still being configured, or domain settings are incorrect. Please read DNS Settings and Common Issues.
- Google indicates the site may be harmful, deceptive, or hacked: This could be related to recently added external links, embedded content, the domain's existing reputation, or Google's assessment, and doesn't necessarily mean the Kanorio platform itself has been compromised.
When encountering a Google warning, we recommend:
- Take a screenshot of the complete warning, URL, and the time you noticed it.
- Review recently added text, button links, embedded content, and third-party services.
- Temporarily remove external content whose source or purpose you cannot verify, and republish your site.
- Check the security-related pages in Google Search Console for available information and request a review according to Google's instructions.
- Report the issue to support, providing the warning screenshot, website URL, and details of recent changes.
Google manages its warnings and review process; Kanorio cannot guarantee the timing or outcome of their removal.
Suspecting Unauthorized Changes to Website Content or Team Permissions
If you see unfamiliar text, links, products, or team members:
- Avoid deleting content immediately, as it might contain clues helpful for investigation.
- Record the abnormal location, URL, time of discovery, and suspicious accounts with screenshots.
- Check your team members in the Dashboard Overview and remove any members who are no longer needed or whom you don't recognize.
- Review main buttons, social links, products, and third-party tracking settings, and temporarily disable any unfamiliar items.
- Enable or reconfigure 2FA and contact support as soon as possible.
Website Restricted or Offline Due to Content Review
If you receive a content review notice from Kanorio or find your website restricted from public access due to potential violations, please read the notice carefully and save relevant screenshots. Do not repeatedly submit the same report, create alternative websites, or remove all data that could aid in the investigation in an attempt to restore your site immediately.
We recommend:
- Examine the flagged pages, products, links, or images to check for any errors, outdated information, or content that doesn't comply with guidelines.
- Prepare supporting documentation, such as proof of authorization, original content, product information, or website purpose.
- Explain the website URL, notice time, and your completed corrections via Contact Us; do not provide passwords or payment verification codes in your report.
If you discover fraudulent, impersonating, infringing, or malicious software activity on another Kanorio website, please use Report Inappropriate Content instead of general support messages.
Receiving Suspicious Support, Payment, or Partnership Messages
Scammers may impersonate the platform, payment providers, or partners, asking for login verification codes, full card numbers, CVCs, backup codes, or bank passwords. Please remember:
- Kanorio support will never ask you for this information via email, chat messages, or phone.
- If in doubt, initiate a support chat directly from the Kanorio dashboard rather than replying to links in messages.
- To confirm payments, re-access through the Billing section in your dashboard or the official payment page.
Discovering a Security Vulnerability in Kanorio
If you are a security researcher and have found a security issue that may affect Kanorio's services, please email us at security@kanorio.com.
Please provide the affected URL or feature, steps to reproduce, potential impact, and necessary screenshots. Do not access other users' data, perform destructive testing, make excessive requests, or disclose unpatched issues. This allows the team to investigate and address the problem without increasing risk.
For general account, payment, domain, or website content issues, please use Contact Us instead.
Frequently Asked Questions
Not necessarily. The warning could be related to the domain's existing reputation, external content, or Google's assessment. Please save a screenshot of the warning, check recent changes, and use Google Search Console and support to help clarify.
If another website is using your content without authorization, keep a record of their URL, your original content, and proof of time. Handle it according to applicable laws or the platform's reporting procedures. If you find impersonating or infringing content on Kanorio, please use Report Inappropriate Content.
Yes, but please do not include login verification codes, full card numbers, CVCs, backup codes, or other unnecessary sensitive data. It's recommended to provide the sender, subject, time of receipt, and screenshots of suspicious links.
Response times vary depending on the nature of the issue, the completeness of the evidence, and whether confirmation is needed from third-party service providers. Please provide clear timestamps, URLs, and screenshots, and avoid submitting duplicate requests.