The Pharma Hack & SEO Implications
We usually have multiple projects going at once and I'm one of the multiple 3plains employees who are working on any given project at one time. Typically I'm involved with the setup, the launch and the search engine marketing side of projects.
For this project, my employee had noted in the initial project ticket that when this new client had signed on, that his rankings were not what they used to be - in fact "terrible" was the word used multiple times. I didn’t stress too much about this, because this is quite common with new clients to talk about poor Google, Bing and Yahoo rankings.
I typically take over a website after the web design and content phases has been completed. But, before I launch the website, I usually setup and track a few sets of keywords for a SEO/SEM starting basis for the client, so they know where they were at initially and where they are at a few months later down the road.
No search engine rankings
This client and project in particular was quite odd. The rankings were zero for ALL of the keywords. The website domain was pretty old and had a lot of age to it so I was kind of scratching my head. However, in the same breath, I wasn’t too alarmed as the client had hardly any content on his last site - and I mean hardly any.
Digging further, I went to Google and did a few website domain checks in the SERPS and low and behold I found the culprit on the first try. It wasn't just a few results either. It was hundreds and even into the thousands of results in the Google SERPS. Take a look at the graphic below.... just pages and pages of Cialis and Viagra pages on their website.
What does this mean
This is known as the "Pharma Hack". What is the Pharma Hack? The pharma hack is an exploit that takes advantage of vulnerabilities in WordPress websites, Joomla websites, Drupal sites, hosting environments not up to date and a variety of other reasons, causing search engines to return ads for pharmaceutical products along with legitimate listings. The hack can be difficult to detect because it does not affect the displayed pages of the compromised website (as in this case).
In this case, the customers web company had not updated their website to the newest version of Wordpress - which I find ironic since every new web company toutes how great Wordpress is. As have always said, Wordpress is nothing more than a tool.
The purpose of the hack
The purpose of the pharma hack is to make pharmaceutical sales on websites they are promoting appear higher in Google results than they otherwise would. The Google search engine ranks the list of hits for a given website according to (among other factors) the number of external sites that link to it. By inserting the rogue code into an unsuspecting victim's site, the hack in effect links that site to the cracker's site. If done on a large enough scale, this tactic can result in the hackers targeted website showing up near the tops of various search engines resulting from keyword-based searches.
After the hack
Victims of the pharma hack have reported decreased traffic to their sites and, in some cases, removal of their sites by Google from search result lists. Because website owners cannot readily see when they have been pharma hacked, the online reputation of a legitimate company or individual can be seriously damaged before the rogue code can be removed.
How did the former web company and SEO consultant not notice
The part that had me scratching my head is how could the former web company / SEO consultant bill my new customer several hundred dollars a month for so called services of "SEO" and not notice such a simple thing or the fact that he was not ranking at all?
I’m not saying that the old web company was being dishonest for their SEO services but unfortunately now my new client’s website is now ranking poorly, leads non-existant and probably zero website sales since this pharma hack happened.
Now that I discovered the issue, it was my duty to inform the customer of this bad news. I showed the client the hundreds and hundreds of Viagra and Cialis pages that got automatically setup on their website without their knowledge because of the hack. As you can expect, they were quite shocked.
Unfortunately, once this issue is discovered, the affected website and the process takes considerable time and effort to get the website ranking well again. So needless to say, being the messenger of bad news is not always a fun job knowing that you need to dig the new client out of a massive hole the last web company put your new client in.
In this case I'm glad I was able to diagnose and am currently treating the issue as it's a big one. As you can see, by the chart to the right we were able to gain rankings in the following week, however it's going to be a big uphill battle in the following months.
My best advice for any client is to know who your website design/marketing agency is, ask for transparency and to hold them accountable.
I'm a little disappointed in the former web company and the former SEO since they obviously were just collecting the money on this SEO campaign taking hundreds of dollars a month and clearly doing nothing. These types of companies are embarassing to our industry and makes us all look bad. It's no wonder when new clients call us they have such a lack of distrust in their former web companies and web companies in general - I can't blame them after incidences like this.