Every so often we come across malicious behaviour on the Internet that draws a lot of attention. One of these such cases has surfaced and we're reading about it all over the Internet. The latest malicious behaviour involves websites that insert pages into your browser history. This means that when you click the back button, instead of going to the page that you were previously on, you'll be directed to another page. These other pages contain advertising and the likes. The aim is obviously to trick the user into clicking on adverts, thus allowing the perpetrator to generate a revenue. Here is an example of the sort of page you might be lead back to if the script has taken control of your browser:
As you can imagine, this is against Google's quality guidelines and Google are therefore taken action against this. Websites that Google finds with such scripts may be removed from their index completely. In simple this means that Google will be removing the sites from their database so people don't accidentally arrive at them from search results.
The problem with these sorts of scripts is that the best way for them to spread is by injecting the code into websites across the Internet. In other words, software gets written that looks for websites that are not updated and may be vulnerable, the software then inserts the malicious code and when your visitors arrive, the script attacks their computer and injects into the browser history.
It is important to note the following two things:
- If you're using WordPress, Joomla, Drupal or any other content management system (CMS), you must keep the software and its associated plugins updated to avoid leaving holes open to these injecting programs.
- If you run a website and you're anxious that someone has injected a script or malicious code that performs a deceptive action or you've noticed that your website isn't appearing in the search rankings, Google allows you to submit a site reconsideration, but you'll need to make sure that your website is clean of any scripts or malicious code.