The truth is, most people don’t know that their site has been hacked, and in a lot of cases, you won’t know until you start looking. Sometimes, you’ll have regular followers who lodge a complaint, or if you monitor your site regularly, you might see a few suspicious signs, but in most situations, the only way you’ll find out is if Google tells you, or you Google yourself and find astonishing results. So we’re giving you a little handbook on what your site was hacked for, and how to know it was hacked, which is usually a bit more difficult:
There are all kinds of reasons hackers will try to infiltrate your site, but we’re going to talk about three main methods, and what they look like.
Reason #1: The pure unadulterated joy of ruining your life – Generally caused by teenagers, or somebody who thought destruction was the answer to your boredom, they’ll delete your site, and leave you with a landing page calling card that might look something like this:
While this may seem like the most fruitless version of hacking, it is the easiest to discover, and if you had your site backed up regularly, you’ll probably be okay in terms of rebooting your site. It might take you awhile, and you’ll probably need some professional help, but it definitely could’ve been worse.
Reason #2: Hosting files – It’s possible that some hackers might need the computing power that your server provides, but the either don’t have the means to purchase it, or want to use it anonymously. When they hack into your site this way, it’s much more difficult to recognize that something has even happened, but it’s likely they’re housing something that they don’t want to be known for, under your name. Sometimes they’re using your server for complex computations, and sometimes they just need your anonymity. These are difficult to detect, but still as dangerous as other hackers, so it’s important that you monitor your site regularly.
Reason #3: Blackhat SEO – Some people aren’t dedicated to putting the time and effort into their website to make it rank via nice methods. While you’ve diligently been putting out content on your blog, have been taking control of your local listings, and are working on making sure your meta-tags are in order, others (dirty hackers) have been taking over your site for their own personal use, generally in the form of links. They may link to their site from your pages, in ways that you may or may not be able to see. Essentially, they’ll be using your site to generate traffic for whatever site they want, via links and pages that you don’t know about on your site.
How can you tell if you have a hacked site?
Unfortunately, it can be very very difficult to tell if you’ve been hacked if you don’t regularly monitor your site, or Google yourself. There are, however, a few warning signs that you can use to determine if you’ve been hacked.
- Your site is gone – This one is not so subtle. When we talked about hackers who like to hack for purposes of destruction, this is what you get. Generally, they’ll take literally everything that exists of your site and delete it, leaving you with only a landing page similar to the image above, that functions as their “calling card.” Some do it for fun, and others do it because they don’t like what’s on your site. The latter are called hacktivists, essentially the imposing vegans of cyberworld. Whatever you’re doing, they disagree, and will remove you by force, leaving you with an opinionated landing page exploiting the nefarious badness of your site, and the greatness of whatever they believe. Either way, it’ll be pretty obvious to tell if you’ve been hacked.
- Notification in Google search console – If you check your Google Search Console, it should alert you when it suspects any suspicious traffic. Usually, it will send you a message telling you what it has detected, and where you can find the issue on your site. It should also give you some instruction on how to right the issue. While it’s not a good idea to just wait for Google to alert you that something’s gone wrong, it certainly is a good way to make sure you’re notified that something has happened.
- Google Warning – Unfortunately, if Google knows you’ve been hacked, then the rest of the world knows it too. If you’ve been hacked and Google knows about it, it will list the off-putting warning “this site may be hacked” to anyone who might consider heading towards your site. This hurts you in a lot of ways, but it definitely works in notifying you that something’s wrong. Address this problem as soon as possible, or you’re likely to lose a lot of traffic.
- Increase in pages – If you’re on your site a lot, and monitor it regularly, then you might notice that your website seems to be growing, without you doing a thing. This is not a good thing. This is an undeniable sign that your site may have been hacked. Generally, this means that the hacker is creating their own pages on your website, which will hurt you, and probably help them direct more traffic wherever they want that traffic to go.
- Odd behavior – Finally, if you notice anything else that’s weird, like a lot of spammy comments on your blog, or text showing up where you know you didn’t put it, it’s time to investigate. Any kind of odd behavior or unexpected, weird happenings on your website are cause for concern. If your company is based in Oklahoma, and you suddenly start getting a lot of traffic from Russia, you could potentially have an issue. This is something you’ll want to get out in front of, so address the problem sooner rather than later.
In closing – If you suspect your site is hacked, there are all kinds of ways to troubleshoot it. We recommend you talk to a professional, as they’ll be able to help you get rid of all hacker traces, and should be able to expedite the process a little bit. Do know that unfortunately, it can take a long time to get your site back to where it was in terms of traffic and viewers. However, we do recommend a couple prevention methods, going forward; first, talk to your hosting company, they will be able to recommend multiple ways to help prevent unauthorized access to your site. Also, make your passwords difficult, and it’s best practice to change them a few times a year. While these won’t help you clean up your current problem, they will help you identify infected files, and prevent other cyber attacks.
Even if you take the highest level of safety precautions, you can still be hacked. That’s why it’s important to know the signs of a possible hacking attempt, and always have your site backed up regularly. Those are your best two defenses against hackers.
If you have any more questions about hacking, and how to identify it, please give us a call, message us online, or just leave a comment! We’re always happy to help.