As we kick off 2016, it seems hackers have made a resolution to be more aggressive this year.
Recently, there have been reports of more and more hacked and spam content appearing in Google search engine results pages (SERPs). We are even seeing a revival of old-school tactics such as bait-and-switch content hacks. Google has said this increase in spam content is not related to its recent algorithm updates.
As an account manager at Elite SEM, I’ve also noticed more attacks on my clients’ sites. Most recently, one of my clients received a malware warning in Google Search Console.
The strange thing about this warning is that Google did not provide any sample links or information that would help to identify where the malware was on the site. The warning would also disappear and reappear in Google Search Console every two days or so, and Bing Webmaster Tools did not report a malware issue. Very strange.
Using the Google Transparency Safe Browsing Diagnostic Tool, I was able to get a bit more insight into the malware issue. As you can see, Google’s tool highlighted that there is an issue with “Uncommon downloads.”
I had the client contact their hosting provider for help and asked their developer to do a security audit, as well as run a security scan of the site. They checked server logs and recent content and files added to the site but were unable to identify the issue. Eventually, the warning in Google Search Console just disappeared.
Just last week, I came across a hacked site in the SERPs for a Canadian water service, Quench Water.
It has to be one of the worst hacked sites that I have ever seen. As you can see below, Google has placed a “This site may be hacked” warning on the site listing in the SERPs.
I decided to take a peek and see what was happening here. When I clicked on the result, I was redirected to spam content, then redirected to porn and gambling content. Eventually, my last click test took me to an affiliate link, which returned a 503 error. Here is a screenshot of the redirect path and destination page.
Right away, I knew this had to be some sort of malware. I decided to dig a bit deeper and run a Sucuri site check. The results showed the site was indeed infected with malware.
As you can see from the screenshot above, the malware detected is MW:JS:GEN2, and here is the definition Sucuri provided:
So at this point, things are looking pretty bad; however, they are about to get a lot worse. I decided to do a “site:” search to see what else might be happening. This revealed that hackers had completely taken over the site with porn content. There are pages upon pages of porn content in the site. Here is an example:
I decided to click on one of the results to see if I would be redirected, but it actually loaded the content on the same URL. The adult content lives off the root domain.
As mentioned earlier, this is one of the worst site hacks I have ever seen — definitely something you do not want to happen on your site!
Due to the period of time this site has been sitting with the hacked warning, it seems no one at Quench Water is monitoring the site security, search visibility, SEO and overall site health.
I also noticed they are running an outdated version of WordPress, so I assume any plugins they are using are not updated, either.
So what can you as a site owner do to prevent something like this happening to your site? Here is a list of preventative measures:
The post Hacked Content On The Rise: Take SEO Precautions To Protect Your Site appeared first on Search Engine Land.