How hacking hurts your website’s ranking in search results

When your website’s down, it takes your search rankings down too.

The first page of search engine results is prime real estate. And every webmaster is trying to get their website to show up there. But just when you think you finally landed a slice of that coveted real estate, you find your site’s ranking has dropped like a rock. Sometimes, it means your site was hacked.

Why hackers hack

Often, they want to pick your pockets. They’re not just nerdy teenagers looking for an ego trip. No, they’re hacking to get rich quick, using your passwords, your identity, your banking information, your credit card information, and anything else they can get their hands on. That’s why they’re called cyber criminals.

Other times, they want to use your website or computer for their clandestine activities – pirated software, phony prescription drugs, pirated music – and pick other people’s pockets.

These cyber pirates opt to leech your computer juice or good reputation for their questionable activities instead of doing the hard work of building a reputable business themselves.

To do this, they identify a vulnerability in a software, create a software that exploits that vulnerability, then send their program into the web to comb for unsuspecting sites that have the vulnerable software.

If your site is one of them, it gets attacked. Once the hacker has gained access to your site, they will either spam your site or install malware.

The difference between spam and malware

Hacks can take on two faces: spam and malware.

We’re all familiar with email spam. Who hasn’t gotten those emails posing as a well-known brand name that wants you to verify your information or claiming that a destitute widow’s son is dying in the hospital?

Well, website spam is text that is riddled with links to the scammer’s website. This kind of spamming can be happening without your knowledge. Many times, the code with spammy links is hidden deep in your website and is redirecting your site’s visitors to the scammer’s website.

Malware is malicious software that takes over your website or computer and uses it to spread the infection. Your computer may become part of a botnet, a zombie army of computers that unleash copious amounts of viruses and spam into cyberspace. These botnets then harvest sensitive financial and identity information from a broader range of victims.

This video from Google gives an excellent overview of the hows and whys of hacking:

How your site becomes vulnerable

It’s not enough to create a great website and leave it set. A healthy website requires ongoing maintenance.

If you’re like many website owners, you’re using WordPress, a free open-source software. But that means that any vulnerability that is found in the WordPress core software, its themes or its plugins is posted publicly. Malicious cyberpunks love to lurk in the dark recesses of outdated WordPress plugins and themes.

If you happen to slack on the mundane task of installing updates, you may become the target of a malicious hacker. Outdated software is the number one reason that websites get hacked.

Your site can get blacklisted by Google

If Google thinks that your site is infected with malicious software, it will blacklist your site.

They call it quarantining, but regardless of the term, your site will be flagged or removed, which means your search rankings will plummet. This happens to around 10,000 websites daily. If your site’s been blacklisted, you can expect to lose about 95% of your traffic.

A new hacking threat has surfaced recently in the form of cloaked PDF pages. Sophos, a software security company, discovered hundreds of thousands of these on search results.

Cloaking is the cloak-and-dagger version of website hacking. Hackers used PDF files, which were possibly more trusted by Google’s algorithms, to embed spammy links that direct hapless visitors to unscrupulous websites.

Google is upping their aggressive war on spam by changing some of their search algorithms and rigorously removing hacked sites.

How to find out if your site has been hacked

If you see a warning like this on your site’s search results, it means you’ve been hacked:


If you’re brave and click on the link anyway, you might see this message:


If this is what your customers are seeing when they try to access your website, your business will take a hit. After all, most of us will run from a site that has an ominous warning and an image of a bandit on it.

If you have an account on Google Webmaster Tools, Google will place an alert on your account. They will also try to send notifications to your domain email accounts.

If you haven’t found any obvious clues that your site has been hacked, but you still want to check it, visit the Search Engine Ranking Report site and use the free Malware Scanner tool. The sooner you can catch and shackle the hack, the less likely that your site will get penalized.

Fixing and preventing hacks on your website

Fixing a hack can cost thousands of dollars, not to mention lost revenue from customers being afraid – or unable – to step foot on your site.

Unraveling the labyrinth of malware code from your website, rescuing or rebuilding your content, and getting de-blacklisted takes times.

Some brave webmasters tackle it themselves, but for most, it’s a task best left to professionals. It depends on your depth of computer savviness.

To prevent hacks, keep your site updated. You can dramatically decrease hack attacks if you update.

Backup your site regularly. Your data isn’t safe just because it’s online – it needs to be backed up just as much as your local desktop files.

Invest in some real-time monitoring. Updating and backing up your site won’t automatically insulate your website. A real-time monitoring service watches for malicious activity on your site and fixes and cleans it before you can say “boo”.


Take action now to prevent hacks – long before they have the nerve to take up residence and take your website rankings to the black hole of search engine blacklists.

As they say, “An ounce of prevention is worth a pound of cure.” A high-caliber security and backup system will keep your website where it should be, on prime search engine real estate.

Related reading

steps to deliver better technical seo to your clients
search reports for ecommerce to pull now for Q4 plan