Google announced recently that they are going to start alerts for site owners whose sites have been compromised by spam. Essentially this means sites that have been hacked and are being used by third parties to either, hijack your traffic or use your site to promote their other sites through backlinks. I first reported on this a few years ago and I worked out back then their were at least a million pages in Australia that were compromised. These days a lot of the hacks are happening via compromised plugins or sites sitting on insecure servers. Back in 2014 it was just ASP (Microsoft) pages compromised now it’s PHP as well.
Detecting A Breach
Google says that last year they sent messages to 24,000 Google Analytics account holders messages about their sites that contained malware of phishing attempts. That seems like an extraordinary low amount to me. A lot of the sites I reported on two years ago are still hacked, which indicates they are neglected sites like the Trauma Institute.
Then there are brands like Uniden whose site looks like it was built some time ago given it style & tech, also compromised and sending people off to other sites.
These types of pages are doing a client side redirect. By simply doing a site:uniden.com.au kors I found 50 compromised pages.
The list of these compromised sites goes on and on.
In the notification from Google Analytics it says that you will be able to check which pages are affected by logging into the Search Console and checking the security menu. Here’s the thing though, it may take Google a long time to realise your site is actually compromised. We have one client at the moment whose is affected by backlinking spam and whilst their rankings have dropped there have been no notifications from Google.
Jim’s been here for a while, you know who he is.