Cyber Terrorism Leads to Our Website Being Penalised By Google – Could Google be doing more to assist innocent victims of hacking or cyber terrorism?

Until the 9th June 2008 our website www.ukfinancialoptions.co.uk ranked consistently on page 1 of Google for many keywords such as credit card, best credit cards, compare credit cards and many more. These rankings helped an average of just over 800 visitors find our site daily. On the 9th June 2008 our website lost all of its page 1 positions. We were demoted to page 6 and 7 for virtually all our keywords. We were bemused and a little distraught!

We had always worked hard to make the site a useful resource. We updated it daily with quality original and helpful content on the subject of personal finance. We had made a point of sticking to Google’s quality guidelines and we never used black hat search engine optimisation or even anything a little grey. What could have caused this sudden loss of ranking was therefore a mystery.

On the 10th June a close inspection of our html code revealed hundreds of invisible links stuffed into the blog posts of the website’s blog. There were around 200 links in several blog posts. The links pointed to various adult websites who had themselves been hacked and their home page taken over and whatever their original content had been, they now contained anti Western propaganda. It would appear that the links were intended to give these propaganda filled websites a boost in the SERPS. Clearly Google would have an issue with any site that chose to suddenly link out to hundreds of unrelated sites, but the question we would like to pose is should the level of Google’s algorithm technology enable them to distinguish between genuine cases of spam and innocent victims of third party acts?!

Yes we were partly, albeit innocently at fault. The hacker was able to insert the links because we naively did not update our Wordpress script and it transpired that there were security issues in the version we were using. KEY TIP – Every time a new version of Wordpress is released update your script.

We believe the addition of the invisible links caused our site to get penalised by Google. We removed these links immediately, submitted a reconsideration request and reported the matter to Essex Police. Then the waiting process began.

As at today (11th August 2008) the site’s rankings are still on page 6 and 7. The website held it’s PR5 in the recent Google update but our blog, which also had a PR5, now has a grey bar.

Essex Police have shown themselves to be very efficient and to our surprise actively investigated the matter. The hacker is well known and has been traced to a number of personal blogs. It appears that he is 16 years of age and lives somewhere in Istanbul. I have posted a comment on the Google Blog on a post about websites which have been hacked. A month later and I still have not heard anything back from them.

There are many other people who have had similar problems. However, knowing that we are not alone in our plight does not give any peace of mind. It just makes the question of whether Google should be doing something about this type of third party activity an even more poignant question. See the comments at the link below.

https://www.blogger.com/comment.g?blogID=32069983&postID=2323900324311879792&page=1

We do not know whether anyone from Google has looked into our reconsideration request yet. We wonder whether we ever will know. We understand that Google cannot get back in touch with every webmaster and that they have thousands of requests to go through. But as this is a growing problem, surely Google should be addressing it.

Google is way ahead of the other search engines in terms of algorithm technology and clearly tracks a lot of historical data regarding sites within its index. Surely therefore Google already has the algorithm technology to make such problems largely a thing of the past.

Take our site for example. I assume that Google respected and trusted the site highly. It was 2 and a half years old, had been updated daily and had a PR5 on the home page and on many inner pages. The site ranked very well and new pages that were put up and would themselves rank highly very quickly. Google’s algorithm would therefore, we assume, have historically concluded that the site was a valuable resource and worthy of its previously high positions.

If we assume that the Google algorithm tracks the historical development of a site then where sites that it trusts are concerned surely it should be capable of flagging issues which on the face of them look like spam, rather than automatically applying a penalty.

Google does have a great index and they have this because they do not tolerate spam. I whole heartedly agree with this policy as it means that it gives the end user the search results they want and therefore they come back to search on Google again and again. This is a win win situation for users, webmasters and Google.

However, the problem as our site acutely demonstrates is that the algorithm appears to take no notice of whether the spam like activity on a site is the doing of the website’s webmaster or the malicious acts of a third party. Many of you may ask how is Google to tell if the actions are that of the site’s webmaster or a malicious third party. Well given that Google tracks a website’s history then therein is the simple answer.

Here Are Two possible Solutions

If a site is well respected by Google, then before a penalty is applied for actions which don’t fit in with the historical progress profile of the site, Google could send an automated note to the Webmaster via Google’s Webmaster Tools. If remedial action is not taken within a fixed period of time then the penalty should then be applied. If remedial action is taken then the site will not suffer and arguably Google’s index benefits too as it will not penalise a site that is a genuinely good recourse within its index.

OR
The other alternative is to penalise the site and automatically reassess the site every month. If the site is not cleaned up then the penalty stays. If it is cleaned up then the penalty is lifted.

If of course the website is new or not historically well respected by Google then it may well choose to apply a penalty without warning or scope for reconsideration, but older trusted sites would be given the benefit of the doubt. This seems far fairer to me than simply treating every site that suddenly demonstrates some indicators of spam as genuine spam that deserves to be forever penalised.

I do think this issue is something that Google needs to tackle sooner rather than later. By not tackling such issues Google makes it easy for third parties to damage other people’s websites, businesses, societies, charities and general freedom of speech via there search engine. Hackers manipulate sites within Google’s index for their own ends. I am sure Google does not like this, so is it not about time that they did something more proactive to address the problem?

I develop websites for other people which gives me a second source of income, but many people rely on their websites for their entire living. If I had relied on this website for my entire living I would have been in serious financial trouble because of the actions of one malicious person.

There are a multitude of reasons why people might want to damage some one else’s website and it is not just adding Malware, as we discovered. Unfortunately there will always be people in the world who want to damage others people’s property. Google has the resources and technology to make the actions of such people less of an issue so surely they should address the issue.

We hope that if enough readers bookmark this article or reference it on their own sites and blogs that we will be able to raise awareness of the issue and that it comes to the attention of Google. Alone we are a tiny voice, but collectively we may possibly be heard. Your assistance is raising such awareness is appreciated.