According to Google’s State of Website Security in 2016, the number of sites hacked in 2016 was 32 per cent higher than in the previous year. More alarmingly, the increase is part of a trend that gives no indications of slowing.
The spike in attacks has two main components. On one hand, hackers are becoming increasingly aggressive. On the other, site owners often neglect content management system updates, leaving large gaps in security ready to be exploited.
Based on the report, Google strongly recommends that site owners verify their websites with Google Search Console. To make the offer more attractive, the internet giant notes that “84 [per cent of] webmasters who do apply for reconsideration are successful in cleaning their sites.” This is a good incentive, although webmasters who go through the verification process are also much more likely to keep their CMS current anyway.
Getting Google Search Console verification is free and does pay off since it is the quickest way for Google to warn a site owner about a hack. According to the security report, 61 per cent of hacked website owners did not get a notification from Google because they had not verified their site.
The State of Website Security 2016 also lists three widespread hacks and how to fix them.
Gibberish Hack: This hack generates numerous pages filled with nonsensical sentences made up of target-site keywords. The goal is for the hacked pages to turn up high in Google Search. Then, when visitors try to open such a page, they are taken elsewhere, often a porn site. Learn how to fix the Gibberish Hack here.
Japanese Keywords Hack: This hack generates new pages filled with Japanese text in random directories on the target site. Affiliate links to fake brand merchandise ensure the pages appear prominently in Google Search and, thus, ensure monetisation. Hackers would sometimes go as far as adding their accounts in Google Search Console as site owners. Learn how to fix the Japanese Keywords Hack here.
Cloaked Keywords Hack: This hack is similar to the Gibberish Hack at first glance, as it also generates automatically a number of pages with nonsensical texts, links, and pictures. However, it is more sophisticated since it retains much of the target site’s template, so one only detects the hack after reading the content, and the infected pages hide deeper into the target site’s structure. Learn how to fix the Cloaked Keywords Hack here.