“Buy Viagra” SERPs of No Priority to Google

Dear Welsh Centre for Crime and Social Justice, you have been hacked. Not only have you been hacked, at least 218 pages you probably have no knowledge of have been placed on your server, all targeting all sorts of pharma keywords:
Welsh Centre for Crime and Social Justice hacked by pharma spammers
Do these pages rank? You bet!
Hacked site in buy viagra SERPs
Being on an authority .ac.uk domain, they even rank with minimal effort:

URL links for one of the hacked pages

But the sheer scale of what’s been going on (and by the looks of it, it’s been going on for a while) has already caused some major disruption to the domain’s overall link profile:

WCCSJ anchor text profile spammed with pharma keywords

Yet, as you see in the SERPs screenshot above, Google even fails to display a “this site may have been hacked” notice. I am somehow pretty sure that no notification of being hacked or malware present on the domain has been sent by Google to the site admin either.

This is not the only hacked site in the pharma SERPs, neither in the UK Google nor in the .com one. Yet, all those sites seem to be without any hacked notices at the moment. Google seems to not care at all, despite this video released earlier this year, where Matt Cutts says something about the issue of hacked sites specifically:

6.  Improvements On Hacked Sites

Google has done a lot of work with hacked sites and their index, specifically labeling the search results of potentially hacked sites, removing those sites and also warnings webmasters about the hack. Matt said Google is working on rolling out a new feature to better detect hacked sites in the upcoming months. Cutts also added they plan on improving webmaster communication in regards to hacked sites.

Really? REALLY???

Check the SERPs like these any day, compare of any of their propaganda webmaster videos, spot the difference. Make your own conclusions.

A bit of an explanation for those reading this who might not be aware how and why this works. It is possible to hack the site in my example because of an unsecured Joomla installation. Further, the hacker creates hundreds of cloaked pages that look to the search engines like this:

Cloaked page on the hacked site

A human visitor, however, doesn’t see any of that because of a cloaked redirect sending them over to the store site (warning, be extremely careful clicking these, there may indeed be malware that could get installed on your computer):

Viagra store

So why is Google turning a blind eye to the massive problem present in these and many other top competitive SERPs, despite all its loud declarations of good intent? Don’t they have enough PhDs to figure out how to fight this issue effectively, after so many years and plenty of very obvious signs?

Might I humbly suggest that the reason could be in the yellow square above the organic results in the first screenshot, a.k.a. AdWords ads. The more competitive the SERPs are, the more expensive it is to run an ad campaign in those SERPs – this has been the law of Google economics since the launch of their paid advertising program.

If I had a site selling Viagra and were to give up trying to rank organically because of all the spam rampant in the vertical and resorted to the option of running an ad for “buy viagra”, I would end up paying up to £16 per click!

Buy Viagra AdWords
Seeing this, you have to ask yourself how viable it is for Google as a business entity to really honestly fight spam in niches like this.

Dear Welsh Centre for Crime and Social Justice, apparently Google will not help you or even warn you of the disaster that has been going on with your site for the last few months. But I will. I am ready to offer you a few pro bono tips on how to resolve this situation, should you want them and should you need my help with this. Please feel free to get in touch with me via info at irishwonder dot com (if anybody seeing this post knows anyone working for WCCSJ, please help pass the message – I honestly mean to help).

4 Comments.

  1. It looks like Google only cares about their ad revenue? 🙂

  2. If this isn’t hard evidence I don’t know what is 😉 Great post, hope you pick up some business rectifying the issue

  3. Sooooo… has the wccsj been in contact I wonder?

    • Strangely, they never did… site:wccsj.ac.uk/index.php?id= still shows 213 injected pharma pages, from what I’ve seen they have removed a couple manually and 301’d them to the home page… *facepalm*