Hacked Content On The Rise: Take SEO Precautions To Protect Your Site

Don't get penalized due to malware! Columnist Tony Edward discusses the recent uptick in hacked content in search results and provides tips to protect your site.

Chat with SearchBot

hacker-privacy-security-ss-1920

As we kick off 2016, it seems hackers have made a resolution to be more aggressive this year.

Recently, there have been reports of more and more hacked and spam content appearing in Google search engine results pages (SERPs). We are even seeing a revival of old-school tactics such as bait-and-switch content hacks. Google has said this increase in spam content is not related to its recent algorithm updates.

As an account manager at Elite SEM, I’ve also noticed more attacks on my clients’ sites. Most recently, one of my clients received a malware warning in Google Search Console.

Malware Unwanted Software Google Search Console Warning

The strange thing about this warning is that Google did not provide any sample links or information that would help to identify where the malware was on the site. The warning would also disappear and reappear in Google Search Console every two days or so, and Bing Webmaster Tools did not report a malware issue. Very strange.

Using the Google Transparency Safe Browsing Diagnostic Tool, I was able to get a bit more insight into the malware issue. As you can see, Google’s tool highlighted that there is an issue with “Uncommon downloads.”

Google Transparency Diagnostic Tool

I had the client contact their hosting provider for help and asked their developer to do a security audit, as well as run a security scan of the site. They checked server logs and recent content and files added to the site but were unable to identify the issue. Eventually, the warning in Google Search Console just disappeared.

Extreme Hacking Example: Quench Water

Just last week, I came across a hacked site in the SERPs for a Canadian water service, Quench Water.

It has to be one of the worst hacked sites that I have ever seen. As you can see below, Google has placed a “This site may be hacked” warning on the site listing in the SERPs.

Hacked Site Warning in Google SERPs

I decided to take a peek and see what was happening here. When I clicked on the result, I was redirected to spam content, then redirected to porn and gambling content. Eventually, my last click test took me to an affiliate link, which returned a 503 error. Here is a screenshot of the redirect path and destination page.

Hacked JavaScript Redirect Malware

Hacked Content Landing Page

Right away, I knew this had to be some sort of malware. I decided to dig a bit deeper and run a Sucuri site check. The results showed the site was indeed infected with malware.

Sucuri Site Check Malware Detetcted

As you can see from the screenshot above, the malware detected is MW:JS:GEN2, and here is the definition Sucuri provided:

MWJSGEN2 Malware Definition

So at this point, things are looking pretty bad; however, they are about to get a lot worse. I decided to do a “site:” search to see what else might be happening. This revealed that hackers had completely taken over the site with porn content. There are pages upon pages of porn content in the site. Here is an example:

Porn Content Website Hijack

I decided to click on one of the results to see if I would be redirected, but it actually loaded the content on the same URL. The adult content lives off the root domain.

Porn Content Hijack Landing Page

Porn Content Hijack Landing Page on Root Domain

As mentioned earlier, this is one of the worst site hacks I have ever seen — definitely something you do not want to happen on your site!

Due to the period of time this site has been sitting with the hacked warning, it seems no one at Quench Water is monitoring the site security, search visibility, SEO and overall site health.

I also noticed they are running an outdated version of WordPress, so I assume any plugins they are using are not updated, either.

Outdated WordPress Version Hack

Taking Steps To Keep Your Site Safe

So what can you as a site owner do to prevent something like this happening to your site? Here is a list of preventative measures:

  • Be Vigilant. You must keep an eye on your website every day from a health, SEO and usability standpoint. This may require having a dedicated person in-house or hiring an agency. You may also want to run a daily security scan on your site.
  • Google Search Console And Bing Webmaster Tools. Ensure your site has been added to both Google Search Console and Bing Webmaster Tools. Both platforms provide site health diagnostics that will help you to easily monitor what’s happening to your site. It will also help you to resolve and expedite site recovery issues.
  • Software Updates. One of the common issues that leads to sites getting hacked is outdated software. Ensure your platform, plugins, add-ons and so on are all updated on a frequent basis.
  • Passwords. Passwords like “website1234” or “password1234” are not gonna cut it.  Strong, unique, long passwords help prevent hackers from being able to guess your login. A strong password contains a combination of letters, numbers and symbols.
  • Hosting Provider. Select a well-known hosting provider who offers quality security benefits and support.
  • Site Backup. In the event there is a site breach, you need to ensure all your data is backed up and stored elsewhere so you can revert back to previous site versions. Also leverage secure firewalls that are regularly updated.

Opinions expressed in this article are those of the guest author and not necessarily Search Engine Land. Staff authors are listed here.


About the author

Tony Edward
Contributor
Tony Edward is a director of SEO at Tinuiti and an adjunct instructor of search marketing at NYU. Tony has been in the online marketing industry for over 10 years. His background stems from affiliate marketing and he has experience in paid search, social media and video marketing. Tony is also the founder of the Thinking Crypto YouTube channel.

Get the must-read newsletter for search marketers.