[This article is originally published in searchengineland.com written by Barry Schwartz - Uploaded by AIRS Member: Dana W. Jimenez]
One of the biggest reasons a site gets hacked is for SEO purposes.
A report released by Sucuri states that over half of sites hacked in 2018 were done so for SEO reasons. These hacks target web sites in order to try to manipulate the success of a site’s SEO campaign and boost its rankings in Google, Bing or other search engines.
The report shows that 51.3 percent of all infection cases in 2018 were related to SEO spam campaigns, which is up 7.3 percent from the previous year, making it one of the fastest growing families of hacks in the past year. The “SEO Spam family” as Sucuri defines it “is comprised of attacks that specifically target the manipulation of search engine optimization.”
Growth. Year-over-year, SEO related hacks grew 7.3 percent, this is up from 44 percent in 2017. The blue line in the chart below shows the growth of spam attacks over the past year by quarter, which includes SEO spam, backdoor and malware injections:
Hard to detect. The security company said this form of hacking extremely hard to detect. “They are difficult to detect and have a strong economic engine driven by impression-based affiliate marketing,” per the report.
Search Engine Poisoning. The most useful method is what is called “Search Engine Poisoning (SEP)” attacks. This is where attackers attempt to abuse site rankings in the search results in order to monetize the site. It typically occurs via PHP, database injections, or .htaccess redirects.
“Websites impacted by SEO attacks often become infected with spam content or redirect visitors to spam-specific pages. Unwanted content is regularly found in the form of pharmaceutical ad placements but may also include injected content for other popular industries like fashion or entertainment (i.e. pornographic material, essay writing, fashion brands, loans, and online gambling),” the report explained.
Why you should care. It may be that your web site is hacked and you don’t even know it. Google is pretty good at notifying site owners of potential hacks via Google Search Console, so verifying your property with Search Console is the first step. Bing Web Master Tools has similar notifications. In addition, it is recommended you keep your web site up-to-date and on the latest security patches to reduce the chance of your site getting hacked.
