Has your site been hacked? If so, you may have just gotten a personal email from Google letting you know.

Matt Cutts, the man in charge of Google’s webspam team, announced today on Twitter that the search engine has sent out 20,000 new message notifications to websites that have been hacked because of “weird redirects.”

Lately it seems like more and more sites have been redirecting to non-authorized sites. According to Search Engine Land, the webmaster usually isn’t aware of these redirects because they only occur when someone clicks from Google’s search results to the website. Because most site owners don’t typically go to Google to find their own sites (we just go there directly, of course!), the chances of finding these redirects are slim.


  • According to Search Engine Roundtable, what happened is here is that the hackers gains access to webmasters’ HTACCESS and only redirect users who click from Google to your web site. “Otherwise, if they type in the domain name directly, there will be no redirect,” Search Engine Roundtable said. Sites are getting labeled and canonical tags are being used.
  • To further explain the matter, Google’s support page revealed some more information about the weird redirects:


This identification is based in part on guidelines set by StopBadware.org. Google uses its own criteria, procedures, and tools to identify sites that host or distribute badware. In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

If you feel your site has been mistakenly identified, or if you make changes to your site so that it no longer hosts or distributes malicious software and you secure your site so that it is no longer vulnerable to the insertion of badware, you can request that your site be reviewed (see below).

To protect users and communicate with owners of hacked sites, Google uses automatic scanners to constantly look for these sorts of web pages. If the hacker inserted malware into your site, we’ll also identify your site as infected in our search results to protect other users.

Any determination that your site is infected is based purely on the content of the infected pages, and not on your reputation as a webmaster.


  • Turns out some of our very own CAP members have been hit by this hack. Alex Pratt said that it happened to all of his sites that were on Joomla. All of his sites were redirecting to a site in the Philippines called Happy New Year.
  • The best way to save your site from this issue is to get access to Google Webmaster Tools and verify your website, configure notifications and alerts to arrive to an email you regularly check.

Has Google sent a message to you? If so, let us know!

Related posts: