I like the idea of an automatic alert spammy-keyword-list, but I’m somewhat worried how it would look if Google were to provide something like that. I have a feeling this would make a great service by someone outside of Google, it could be a kind of wiki that collects this information and helps users to set up appropriate Google Alerts. Since these alerts just send you an email, the occasional false positive wouldn’t be much of a problem.

John

Thanks, you helped clarify the difference here between malware and hidden links. I see now why the Google Alert strategy is not just complementary but an essential part of your site defence.

It’s a tricky one this. Most normal users are going to be assuming the Google Safe Browsing API picks up these kind of text-book hacks. I’ve found the easiest way to explain these new tools are “anti-virus protection” for your websites.

On the one hand, yes I think people would like to know if you pick up that kind of material on their sites. In Dave’s case here, a warning email or alert on the API would have really helped.

On the other hand, like you say, it’s going to be hard to work out intent here. If someone has chosen to link out to these places, it would be harsh to stop their traffic with the interstitial page. Especially as the most recent copy doesn’t seem to offer any way to continue to the site.

So I’d be in favour of warnings but not the interstitial page for these kind of situations.

The Google Alerts service is great but it’s still left to the owner to set this up. I know a lot of people who have no idea about GWC – let alone how to set up alerts or check for keywords. It would be great to make this easier for people somehow. Maybe it could be built into the API with a public list of “suspicious” words (Cialis, Prozac etc.)? People are lazy and I think most just want this kind of “anti-virus” protection, where they just enter their URL and applications flag up issues.

The API seems a great step in this direction, as it allows so many people and applications to build in these kind of reports. Getting them to set up Google Alerts for their users is going to be too much work. Also a centralized “suspicious” list would be updated more regularly as new keywords appear (drug brand names etc.). It would be interesting to see how we all agree on the list though! Maybe we need to do it like the RBLs, certain people create their own filter list which can be easy or hard and that interacts with the API in some way.

We notify webmasters through Webmaster Tools when we spot malware, but general hidden/hacked content like this is hard to spot algorithmically with certainty, so we can’t always notify the webmaster about it.

One way of recognizing this would be to regularly check Webmaster Tools, Statistics / “What Googlebot Sees.” On that page is generally a section for “Keywords in your site’s content.” If everything is ok, you should see keywords there that match what you write about. If it’s hacked with hidden text/links, you’ll likely see things that match the hidden content, like various kinds of pills, porn phrases, etc. Maybe this should be something that webmasters should be doing on a regular basis? :-)

You can achieve the same by setting up Google alerts for those kinds keywords on your site. I like to do that anyway, just to be sure that I don’t accidentally miss anything (it could also bring up spammy comments that you can remove, etc).

I hate it when sites get hacked like this (and there are a LOT of sites hacked like that) and honestly, I don’t know how the search engines should react when we spot hidden content like that. On the one hand, the site was compromised and ANYTHING could be placed on it by the hackers, including cloaked redirects to pornographic sites and malware; on the other hand, the webmaster is often not aware of it and we don’t want to be too harsh.

What do you think?