An SEO Cyber Mule or SEO Hack is when unauthorized links are embedded into your website without your knowledge for the sole purpose of increasing Google rankings. For Google to increase a site rankings they look for the number of one-way backlinks. That’s why the hackers do it. In most cases these links are to pornographic movies, material and services that have nothing to do with your business. These links are positioned so they don’t actually appear on the webpage, but Google can still see them when they send in the spiders. So why is this problem?
Other than the obvious reason that someone has injected code into your site without your permission, the bigger issue is that if Google discovers these links and deems them inappropriate, your site will be blacklisted. Blacklisting is when Google and other search engines no longer index your site. When someone is searching using your keywords, your site will never come up. Google often never informs web owners that they have been blacklisted, and the effort to get off the list can be very time consuming.
The result in a nutshell, all the time, work and money you have spent to get rankings will be obviated. Your site visitors and revenue will drop. You may think throwing more money at it will work, but you are just throwing it away. So what can you do?
How did I stop being an SEO Cyber Mule?
Early discovery is your best defense. It can take Google a while before they catch the offensive links which gives you time to fix the problem. The easiest way for discovery is to open your site up in Firefox. Hit the CTRL+U keys, and scroll though the code. If you see a section with unknown links, usually at the end, then you are an SEO Cyber Mule.
First: If you are uncomfortable with computers and computer codes, then you need to hire a web security monitoring service. I have been using SiteLock for years and it was through one of their security alerts that first informed me of the hack. The alert gave me time to fix my site before Google found it. Plus, if I had been blacklisted, SiteLock has the means and reputation to notify Google and get back in good graces.
Second: If you do find the offensive code, cleaning and hardening the site may not be enough. In my case I had a plugin that was hacked and the code re-injected the links even after multiple cleanings. It finally took their senior analyst to discover the root code and remove it. Something I know I would never know how to do.
SiteLock people are very knowledgeable, but their services are expensive. While it took over a month to finally find the hacking code because it was buried inside the lease obvious plugin: Akismet – “the best way in the world to protect your blog from comment and trackback spam.”
Actually, I had two sites with the same problem. So I also signed up with Sucuri to see how well they would do. Sucuri actually informed me of the problem on the second site, whereas SiteLock never did. Contacting Sucuri is a problem. They don’t answer their phones. Even their answering message requests you not leave messages. Very poor customer service. I also sent emails to their recommended addresses, only to find out that they were all going into their spam box. Ironically, I got the necessary attention when I tried cancelling their service. Hey, money talks.
When the SEO hack appeared on my second site, and since SiteLock already gave me heads up on the location of the malicious code, I disabled Akismet, notified Sucuri that I needed a clean, and the problem went away within 4 hours. I then removed Akismet and re-installed it fresh. Much shorter time than the 1.5 months SiteLock took. But to be fair to SiteLock they did give me the source. Sucuri only came back with the “site clean” notification.
Third: After the code is removed and things are back to normal, don’t rest yet. You will want to preforms a full backup of the content and data tables just in case. I my case it took over 6 different attempts to clean the site before SiteLock finally discovered the source. Now I have a fixed site and a backup so if I get hit again I can simply restore from a previous version.
Last: I changed every password to all my websites and web service providers just in case.
Conclusion, Don’t be an SEO Cyber Mule
Small businesses are the most vulnerable since they often lack the resources to monitor everything. If I had been notified of the attack then all the investments I have made over the last seven years would have been wasted. While we all have our personal opinions of these hackers, the hard reality is that they are here to stay and it’s up to you to safeguard your property.
So here are my four top recommendations:
- If you have a website then it’s a good idea to periodically check it using the Firefox CTRL+U test. Internet Explorer doesn’t seem to have this capability and I never use Chrome.
- Hire a reputable web monitoring service like SiteLock or Sucuri to notify you early. SEO Cyber Mules are only one example of the attacks hitting legitimate sites.
- Which one would I recommend? I really can’t. Both have their pros and cons. It seemed that when I was about to fire SiteLock did the problem get elevated to higher management and engineers. SiteLock should have put their senior people on the case sooner. However, at least they were reachable by phone and email.
- Change passwords after every clean.
Sucuri was fast and inexpensive, but if I had to rely on their communications capabilities then I fear I would still have the SEO Hack code. But I did like that their notification seemed quicker and the fix faster.
So for now I still have both SiteLock and Sucuri. I look at this as my insurance policy for my web based business. My paranoia makes me check my sites at least every day. And I back up my data frequently and keep older copies in case there is a time bomb in the code.