New Occurances of SEO Spam Discovered: Hacked Subdirectories on WordPress Sites

SMS Text
New Occurances of SEO Spam Discovered: Hacked Subdirectories on WordPress Sites

Sucuri, a company that cleans over 500 hacked sites a day, has released a statement about new occurrences of a of certain type of SEO spam which involves maliciously installing subdirectories on WordPress websites.

The idea behind this black hat scheme is to abuse the server resources and storage by installing spammy sites within a WordPress subdirectory.

The spammy sites are usually promoting products, designer sunglasses for example, with the intent for the attacker to make affiliate income.

What sets this tactic apart from other SEO hacked spam, such as malicious redirects or defacements, is that it doesn’t change the appearance of the original site.

The hackers cover their tracks by hiding their spammy site within the legitimate site’s subdirectory, so the site owner may never even notice it. Having some type of security monitoring in place is one way to be alerted if something like this happens to your website.

Another way to find out if an attacker is spamming your site is to use Google Search Console, Sucuri recommends. If you see a lot of search queries for things that are way off topic, you might be a victim of an SEO hack.

That’s not a perfect way to diagnose if you’re a victim of this new type of SEO subdirectory spam, but it’s somewhere to start.

EDIT 26/08/16 @ 820pm: Title mistakenly read “New SEO Spam Discovered”, was changed to “New Occurrences of SEO Spam Discovered.”

ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT
Matt Southern
Matt Southern has been the lead news writer at Search Engine Journal since 2013. His passion for helping people in all aspects of online marketing... Read Full Bio
Matt Southern
Download: The Beginner's Guide to SEO
A Complete Guide to Getting Started in SEO.