Just to update, We are back online after 3 days. We made no changes since Saturday when we took down the demo site.<p>For 3 days everyone that visited ANY page in our whole domain was given a notice that we were being deceptive and attempting to steal their personal information and were practicing social engineering. This kind of thing that would cause a person's own mother to question their integrity.<p>We were never able to communicate with a person at Google. Never received an explanation of the cause. A Bot or AI tried and convicted us, and enacted our punishment. And that is the world we live in today. We still do not know what we did wrong. So now, what step do we take?
"Deceptive content examples" at <a href="https://developers.google.com/search/docs/monitor-debug/security/social-engineering?sjid=16289469549457950930-NA&visit_id=638191517479981826-782703602&rd=1#example" rel="nofollow">https://developers.google.com/search/docs/monitor-debug/secu...</a> lists three examples: 1) Deceptive popup intended to trick the user into installing malware, 2) Deceptive popup claiming to help the user update their browser, 3) Fake Google login page, and 4) Deceptive ads.<p>It sure doesn't seem like any of these would apply (there are no installs, popups, or ads). Can you drop a screenshot of the "sign in with google" page (which has been taken down) to see if it looks flaggable to folks?
Had the same page up for 4 months, without issue.
We were testing a google open id connection on friday for a sub-domain (demo.spiffworkflow.org). Woke up to the red-screen on Saturday morning. We pulled the demo site down in the hopes it would clear up, but nothing. I've requested a review but no response or even an email saying they were reviewing it.