Last week an IT security company discovered what appears to be a new spin on an old blackhat SEO trick used by spammers to fool Google and Google’s users.
The old variation of this technique involved spammers hacking innocent websites and either modifying existing pages &/or creating new pages with seemingly innocuous links. When clicked on these links send visitors to spam websites promoting things such as porn, drugs, get rich quick scams or, even worse, pages with malware that infects users’ computers. To hide this from Google the spammers use “cloaking” which means Google gets shown a different page to that shown to human visitors.
The good news is that the considerable resources Google’s put into combating this problem means this evil technique is now far less effective. Google is much better at detecting cloaking and, whilst they can’t prevent webmasters leaving their sites vulnerable to being hacked, Google will notify webmasters when they identify a site has been hacked by spammers (see example at bottom of this page).
The bad news is that spammers have changed tack and modified this blackhat technique to now inject their spammy links into PDF documents instead of html pages. Clearly this is working and not being detected by Google because the IT security company that discovered this issue (Sophos) reports hundreds of thousands of infected PDF documents appearing in Google search results.
The ongoing arms race between Google & spammers continues. Undoubtedly Google will working hard to detect and beat this latest nasty spam technique.
Why should you care?
We’ve recommended on many occasions that if you don’t have a Google Search Console account (previously called Google Webmaster Tools), then you really should because of the insightful information this can provide you about your website.
This includes being notified by Google if they detect security issues with your website, such as it being hacked and injected with spammy content. If this happens then you’ll be notified and see an alarming message like the one below. (We hope you never do).
Note that Google states they may label your website pages in Google search results as being hacked. And if that happens you can be assured traffic will dry up instantly, so you really need to take immediate action! Fortunately, Google will usually provide more detailed information to help you resolve the issue. We expect Google will soon be able to identify if your website has been hacked and injected with spammy PDFs.
Obviously prevention is better than cure, and ensuring that your website is not vulnerable to being hacked should be a priority.
The latest news about web marketing, SEO, PPC Advertising & Web Analytics. But only the stuff that matters from a New Zealand perspective. Click here to get this delivered to your inbox each Monday.
If you found this useful, please tell your friends.
Jeremy and Mark are two of the partners behind SureFire Search. Despite their deceptively youthful appearances, both have worked in search marketing for many years. To put that in context, Google didn't even exist when Jeremy started.
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Strictly Necessary Cookies
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.
3rd Party Cookies
This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.
Keeping this cookie enabled helps us to improve our website.
Please enable Strictly Necessary Cookies first so that we can save your preferences!
Additional Cookies
This website uses the following additional cookies:
(List the cookies that you are using on the website here.)
Please enable Strictly Necessary Cookies first so that we can save your preferences!