SEO results hacked?
-
Hi there,
Since last Saturday I noticed a big traffic drop on at least the following two pages:
http://www.smartphonehoesjes.nl/apple/ and http://www.smartphonehoesjes.nl/apple/iphone-6/.I did some research and I noticed something realy strange. Unknown sites seems to hijacked my organic results by using the exact same page title and META description but leading traffic to another their domain. Look at those pictures: http://imgur.com/v6kglLU and http://imgur.com/Whx4l8K.
Edit: a competitor seems to have a same problem: http://imgur.com/Zzhter4. I just fetched both URL's in GWT as Google. In Bing there is a little sign of this problem too, so this is not a Google only thing.
Can anybody please help me here? This has cost me some real money since Saturday.
Tnx in advance.
Marcel
-
Hi Dirk,
After contacting Google by phone and mail, filing a few more spam reports and refreshing textual content, we got our results back and traffic/revenue has grown since. We are very happy, and no other pages got attacked (yet).
Thanks for your help.
Marcel
-
Marcel,
When you contact the site owners - a good guideline on 'how to clean' can be found here: https://codex.wordpress.org/FAQ_My_site_was_hacked (specifically for Wordpress) - more in general: http://www.google.com/webmasters/hacked/ - it could be that the hackers gained access by a security issue with the slider (http://wptavern.com/critical-security-vulnerability-found-in-wordpress-slider-revolution-plugin-immediate-update-advised) so they should certainly check that Wordpress & it's plugins are up-to-date.
Good luck!
Dirk
-
Hi Dirk,
Let's hope the hacker only copied a few pages and not the entire site. What could a site like soft-solutions possibly do to clean their site? I think it's worth a chance to ask planchemag and wearemash to do the same. My new URL shows up if you search for 'iphone 6 / 6s hoesje', that's something positive. I filed a request for deletion of the old and hacked URL of the iPhone 6 page, hopefully Google throws it out and picks up the new and clean one like it does with the other search query.
I can do nothing but wait now I guess. I will keep you updated here.
Marcel
-
Hi Marcel,
I have the impression that soft-solutions.nl already discovered that they have been hacked & have cleaned their site in the mean time.
It's possible that the hacker only copied 1/2 pages - it's however more likely that they copied the full site but that the other pages haven't been indexed yet. Idem for copyscape - if the hack only occurred recently, these tools (and Google) haven't been able to pickup all pages yet.
When I search for 'iphone 6 hoesje' I get the planchemag.com site. As all these pages are duplicates, it's Google who's deciding which page it's going to show. Google decided that in some cases the hacked version is the preferred one, for other queries people will still get to your site. It probably depends on the anchors the hackers used to the hacked site. The volume of iphone 6 is probably higher than iphone 5 queries, so they will probably have used anchors containing 'iphone 6' to point to the site.
Dirk
-
Hi Dirk,
That second result is our homepage, I see that this one got indexed at the exact same time our own homepage got indexed. However, Google shows our (the good one!) homepage in the search results.
That's quite ironical indeed, the webdesign company.
The other result redirects to planchemag.com, which only gives one result on a site:www.planchemag.com/. What about this one?
Is it possible this hack only limits to those two pages?I used the tool copyscape.com and it seem to be only the following pages that are affected:
What about this one: search for site:soft-solutions.nl and you'll find our iPhone 5/5s pagina. Search for 'iPhone 5 hoesje' and Google shows our correct page as a result. How is this possible?
Marcel
-
Hi Marcel,
If I do a site:www.wearemash.com there seem to be only 2 pages from your site indexed at the moment - possible that the other ones haven't been picked-up by Google yet. Quite ironical that the domain wearemash.com belongs to a web design company.
rgds,
Dirk
-
Hi Dirk,
I just set the redirect, just to be sure. This is a realy bad thing, people can abuse Google to negatively impact a whole company and lots of individuals. That should not be possible, hope Google will fix this soon!
You assume the whole site will go down in Google and not only those two pages? This will be terrible.
Marcel
-
Hi Marcel,
Don't think that it will change a lot. If the hack is done in the same way as the other cases (which seems to be the case), they copied your entire site into the site which has been hacked. They present this version to Google (cloaking - as you can see in the cached version) - but "normal" visitors are redirected to a different e-commerce site. To make sure the hacked site is positioned well, they point hundreds of links from other hacked sites to the cloned version of your site. So whatever you change on your site, will not impact the cloned version, which will keep it's position, until Google takes action.
It's a quite a simple trick, and to be very honest, I am surprised that Google is not capable to detect it.
rgds,
Dirk
-
Hi Dirk,
This should be a Google task to prevent her customers/users from those kind of hackers right?
Do you think that redirecting my iPhone 6 page to a new URL would help? I can imagine the hackers hijacked an URL, when I pick a new one and 301 redirect the old one to the new, will my own result show up again?
I already spoke with Google this morning and they are going to look after it.
Marcel
-
Hi Marcel,
It seems to be a plague recently- there where similar cases on Moz the last two weeks: http://moz.com/community/q/chinese-site-ranking-for-our-brand-name-possible-hack (similar situation as you) - a site being hacked http://moz.com/community/q/getting-different-search-queries-in-google-webmaster. It seems the hackers are exploiting a vulnerability in the slider used on these Wordpress site.
Apart from filing spam reports there is not much more you can do. You could inform the site owners that their site has been hacked & ask them to clean it, but I fear that these hackers are capable to switch sites quite fast.
Good luck,
Dirk
-
Hi Matt-POP,
Thanks for this opening, didn't look at it this way. All our domains got replaced by wearemesh in the cached page. The VWO code looks like ours, so do you really think they were testing? All of the source code is ours, also the canonical, only the domain got replaced by theirs..
We are using VWO but we are doing it by ourself. I'm not sure VWO is the problem.
This problem occured last Saturday. What we did on Friday is make our website mobile friendly for the scheduled 21st of April mobile Google update. Is this coincidence? The two companies who helped us with this change, made some changes to the canonical tags among other things.
A strange thing here is that a competitor has a same problem, wouldn't that seem like a conscious action (hack)?
@Patrick: We don't know them, for sure. If you go to the unkknown website, you see that they don't use our meta data, so that's the strange part.
Update: the domain www.wearemesh.com now redirects to www.ovsee.com, the same website you got redirected to when you click on the hacked result of the competitor I wrote about. The visual URL there is Finan.nl. This Ovsee.com looks like the perpetrator. But I still can't get a grip on it.. the other hacked result leads to www.planchemag.com which redirects to http://planchemag.fr.
What can I do to get my results back? I already filed a spam report in GWT.
Thanks again,
Marcel -
Their Google cache results were somehow corrupted temporarily:
http://webcache.googleusercontent.com/search?q=cache:http%3A%2F%2Fwww.wearemash.com%2F
There's a VWO code in there:
So it looks like they were split testing. The canonical is set to their domain which is why they took over results temporarily on these search terms.
It looks like the split test somehow grabbed your page info & theirs and split tested it giving theirs a canonical on your content. That would do it.
Are you using VWO? Are you using these guys to do your conversion optimisation? You may have the same conversion company who made a mistake or you may have the same VWO designer. I'm not sure how it got there but looking at the code, VWO does look to probably factor into the problem.
-
Hi Marcel
Quick question - I know you said "unknown", but are you sure that this site has nothing to do with your site? Like, did they develop or design your site at all?
Here is a help section from Google on these sorts of issues - it covers everything from cloaking to content scraping, and doorway pages to other spam types.
I would try contacting the webmaster of this site and asking them to remove your titles/meta descriptions. If they do not respond, or are not willing to cooperate, reference the resource above as Google has steps to take to ensure action is taken against sites that do this sort of thing.
Hope this helps! Let me know if you have any questions or need more help, good luck!
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
What would be the best course of action to nullify negative effects of our website's content being duplicated (Negative SEO)
Hello, everyone About 3 months ago I joined a company that deals in manufacturing of transportation and packaging items. Once I started digging into the website, I noticed that a lot of their content was "plagiarized". I use quotes as it really was not, but they seemed to have been hit with a negative SEO campaign last year where their content was taken and being posted across at least 15 different websites. Literally every page on their website had the same problem - and some content was even company specific (going as far as using the company's very unique name). In all my years of working in SEO and marketing I have never seen something at the scale of this. Sure, there are always spammy links here and there, but this seems very deliberate. In fact, some of the duplicate content was posted on legitimate websites that may have been hacked/compromised (some examples include charity websites. I am wondering if there is anything that I can do besides contacting the webmasters of these websites and nicely asking for a removal of the content? Or does this duplicate content not hold as much weight anymore as it used to. Especially since our content was posted years before the duplicate content started popping up. Thanks,
White Hat / Black Hat SEO | | Hasanovic0 -
Is there any SEO impact to using "www" vs. non-"www" preferred domain name?
My client has been using "www" with his domain and before I took over, has used it in marketing etc. I typically don't use "www" in my wordpress setup, and set non-www as the preferred domain in google analytics and google search console. Does it make any difference? Especially when www resolves to non-www? I appreciate some guidance with this.
White Hat / Black Hat SEO | | chill9860 -
A doorway-page vendor has made my SEO life a nightmare! Advice anyone!?
Hey Everyone, So I am the SEO at a mid-sized nationwide retailer and have been working there for almost a year and half. This retailer is an SEO nightmare. Imagine the worst possible SEO nightmare, and that is my unfortunate yet challenging everyday reality. In light of the new algorithm update that seems to be on the horizon from Google to further crack down on the usage of doorway pages, I am coming to the Moz community for some desperately needed help. Before I was employed here, the eCommerce director and SEM Manager connected with a vendor that told them basically that they can do a PPC version of SEO for long-tail keywords. This vendor sold them on the idea that they will never compete with our own organic content and can bring in incremental traffic and revenue due to all of this wonderful technology they have that is essentially just a scraper. So for the past three years, this vendor has been creating thousands of doorway pages that are hosted on their own server but our masked as our own pages. They do have a massive index / directory in HTML attached to our website and even upload their own XML site maps to our Google Web Master Tools. So even though they “own” the pages, they masquerade as our own organic pages. So what we have today is thousands upon thousands of product and category pages that are essentially built dynamically and regurgitated through their scraper / platform, whatever. ALL of these pages are incredibly thin in content and it’s beyond me how Panda has not exterminated them. ALL of these pages are built entirely for search engines, to the point that you would feel like the year was 1998. All of these pages are incredibly over- optimized with spam that really is equivalent to just stuffing in a ton of meta keywords. (like I said – 1998) Almost ALL of these scraped doorway pages cause an incredible amount of duplicate content issues even though the “account rep” swears up and down to the SEM Manager (who oversees all paid programs) that they do not. Many of the pages use other shady tactics such as meta refresh style bait and switching. For example: The page title in the SERP shows as: Personalized Watch Boxes When you click the SERP and land on the doorway page the title changes to: Personalized Wrist Watches. Not one actual watch box is listed. They are ALL simply the most god awful pages in terms of UX that you will ever come across BUT because of the sheer volume of this pages spammed deep within the site, they create revenue just playing the odds game. Executives LOVE revenue. Also, one of this vendor’s tactics when our budget spend is reduced for this program is to randomly pull a certain amount of their pages and return numerous 404 server errors until spend bumps back up. This causes a massive nightmare for me. I can go on and on but I think you get where I am going. I have spent a year and half campaigning to get rid of this black-hat vendor and I am finally right on the brink of making it happen. The only problem is, it will be almost impossible to not drop in revenue for quite some time when these pages are pulled. Even though I have helped create several organic pages and product categories that will pick-up the slack when these are pulled, it will still be awhile before the dust settles and stabilizes. I am going to stop here because I can write a novel and the millions of issues I have with this vendor and what they have done. I know this was a very long and open-ended essay of this problem I have presented to you guys in the Moz community and I apologize and would love to clarify anything I can. My actual questions would be: Has anyone gone through a similar situation as this or have experience dealing with a vendor that employs this type of black-hat tactic? Is there any advice at all that you can offer me or experiences that you can share that can help be as armed as I can when I eventually convince the higher-ups they need to pull the plug? How can I limit the bleeding and can I even remotely rely on Google LSI to serve my organic pages for the related terms of the pages that are now gone? Thank you guys so much in advance, -Ben
White Hat / Black Hat SEO | | VBlue1 -
Negative SEO campaign just started against my site. What do I do?
As the question says, I have just got alerts of new links, being clearly a negative seo campaign against my site. We are talking, lots of spammy, rude anchor text type keywords being used. Whilst I only have alerts of a small number (around 30), it has just happened and I know from the type of spammy links they are that more will be coming. So, question is, should I disavow? Do I keep submitting new disavows every few days as more are discovered? Any advice will be greatly be appreciated.
White Hat / Black Hat SEO | | jonathan790 -
Is horizontal hashtag linking between 4 different information text pages with a canonical tag to the URL with no hashtag, a White Hat SEO practice?
Hey guys, I need help. hope it is a simple question : if I have horizontal 4 text pages which you move between through hashtag links, while staying on the same page in user experience, can I canonical tag the URL free of hashtags as the canonical page URL ? is this white hat acceptable practice? and will this help "Adding the Value", search queries, and therefore rank power to the canonical URL in this case? hoping for your answers. Best Regards, and thanks in advance!
White Hat / Black Hat SEO | | Muhammad_Jabali0 -
Does IP Blacklist cause SEO issues?
Hi, Our IP was recently blacklisted - we had a malicious script sending out bulk mail in a Joomla installation. Does it hurt our SEO if we have a domain hosted on that IP? Any solid evidence? Thanks.
White Hat / Black Hat SEO | | bjs20100 -
Press Releases and SEO in 2013
Mozers, A few questions for the community: Distributing a press release through a service like 24-7pressrelease.com - is it a serious duplicate content issue when an identical press release is distributed to multiple sites with no canonical markup (as far as I can tell)? All of the backlinks in the press release are either nofollow or redirects. If there IS a duplicate content issue, will the website be affected negatively given the numerous Panda and Penguin refreshes? Why SHOULDN'T a company issue a press release to multiple sites if it actually has something legitimate to announce and the readership of a given site is the target demographic? For example, why shouldn't a company that manufactures nutritional health supplements issue the same press release to Healthy Living, Lifestyle, Health News, etc _with a link to the site?_I understand it's a method that can be exploited for SEO purposes, but can't all SEO methods be taken to an extreme? Seems to me that if this press release scenario triggers the duplicate content and/or link spam penalty(ies), I'd consider it a slight deficiency of Google's search algorithm. Any insight would be much appreciated. Thanks.
White Hat / Black Hat SEO | | b40040400 -
Rollover design & SEO
After reading this article http://www.seomoz.org/blog/designing-for-seo some questions came up from my developers. In the article it says "One potential solution to this problem is a mouse-over. Initially when viewed, the panel will look as it does on the left hand side (exactly as the designer want it), yet when a user rolls over the image the panel changes into what you see on the right hand side (exactly what the SEO wants)." My developers say" Having text in the rollovers is almost like hiding text and everyone knows in SEO that you should never hide text. "In the article he explains that it is not hidden text since its visible & readable by the engines.What are everyone's thoughts on this? Completely acceptable or iffy?Thanks
White Hat / Black Hat SEO | | DCochrane0