Black hat techniques abound on the Internet, and search engine providers like Google are becoming more adept at routing out and eliminating these pages from search results. Page hacking steals another website’s original content and attempts to pass it off as their own. This can hurt the reputation of a site by making a mirror site that looks like the original provide incorrect information or offensive.
Page hijacking redirects traffic and exploits what could be considered bugs in search engines. By creating a site that very closely replicates an existing site, hackers can actually create a website that makes the search engine think the second site is the more reputable site. This can be accomplished by adding content to the site to make it seem more informative to search engines. However, these competitor sites are typically only used as a way to redirect traffic to another site.
How hackers do this is by creating a script that temporarily redirects site visitors. These scripts can be placed within an existing website, mark it as temporary and reduce its search engine ranking. The hijacker can then boost the prominence of their second page to overcome the search engine results for the official page. Sometimes hijackers may use additional black hat techniques like phishing and other forms of malicious activity to steal user information and destroy the reputation of a website owner.
In most cases, page hijacking is only going to work on outdated websites that aren’t properly maintained. Most of the vulnerabilities that allow a hijacker to use page hijacking techniques have been discovered, and webmasters have become more savvy in preventing this type of behavior.
Here’s an example of how a page hijacking might work in a real life situation. Let’s say you have a major manufacturer that has written a top-ranking article on their niche. You search in Google and this article shows up as number one in the search results. You click on the link expecting to arrive at the manufacturer’s website, but then something strange happens. Even though the domain link in the search results clearly showed the manufacturer’s domain name, the link takes you to a third-party landing page. If you looked at the source code on the third-party website, you would see that it is a redirect script and not a page.
So, how does this work? A temporary redirect tells a search engine or browser that the page you’re looking for is no longer there. However, it also tells your search engine or browser that the link is available on a new page. Since search engines typically hold on to the old and new link. Since Google views the new, false page as a redirect, it uses content from the page it points to index the content. Google ranks the original page lower, since it could change at any time and the new hacked page goes up in the search engine rankings.
If all this is confusing, it basically boils down to two things. The spammer has tricked a search engine into believing that the original site is just a temporary page. Since it’s not a permanent page in Google’s eyes, it still keeps the original page but gives more prominence to the page it redirects to. Webmasters can protect themselves by redirecting any non-www-based pages, use full links with domain names, use the “base” meta tag, and use dynamic content on each page. Consult an SEO Company for best practices.