Google search results hijacked
Juha Sompinmaeki
154

This is a fairly common hacked-pages method of search spam. It incorporates quite a number of bells-and-whistles so to speak:

1. User-Agent Cloaking (only showing certain content to Googlebot that you don’t show users)

2. Referrer Cloaking (only showing certain content to users with a specific referrer, in this case a Google SERP)

3. Redirect Penalty Avoidance (a game of catch-me-if-you-can where redirects are used to stay ahead of Google penalties which are applied on a domain-by-domain basis)

4. Link Spam (somewhere, at the beginning of this chain of redirects, is a bunch of link spam)

The hardest part of this technique is actually the “hacking” part, although it is probably just a series of known Wordpress exploits tied together. Several years ago, I had a conversation with Matt Cutts about the direction of search spam in which I lamented that hacked pages was becoming the dominant form of search spam. It appears to be, unfortunately, coming true. Also, for clarification, we generally reserve the word “hijacking” for a different type of search spam that literally replaces your listing with another. It is far more rare (I haven’t personally seen an instance of it in a few years, although no doubt it still exists in one form or another). DejanSEO Has a good breakdown on how that technique works — http://dejanseo.com.au/hijack/