Insight, advice, news and chit chat

Why do hackers hack?

Is it personal? When your website gets hacked

It’s a total violation.

And it can feel personal!

One day, everything is as it should on the site. The next, you find random pages appearing.

Suddenly, pages on your site are redirecting visitors to gambling or scam content.

And these attackes are happening more often these days as hackers are becoming more sophisticated.

It’s hard to take emotions out of it. The feeling of a site you’ve poured your heart into being hijacked is awful. These attackers are evil, and I set out to discover WHY they did this!

The real reason you’re targeted: not personal, just highly profitable

It’s not about attacking you specifically.

It’s about piggybacking on your authority.

They don’t want to start from scratch. Attackers use automated bots to scan for vulnerabilities—outdated themes, unpatched plugins, weak passwords.

And then inject their malicious code.

They need a quick way to rank.

Your established business domain has age, trust, and backlinks. By placing spammy content (like gambling or foreign keywords) on your domain, or by inserting malicious links that search engines can see, they exploit your reputation. This is called SEO poisoning.

The objective is traffic and revenue.

Visitors are silently funnelled to their scam pages, generating clicks and revenue for the attacker. The result for you is immediate brand and trust damage, and a possible security warning from search engines.

This is a professional, high-volume, low-effort crime.

Our solution: proactive maintenance is your best defence

We take this threat seriously.

When a hack like this occurs, the only reliable path is to restore a clean backup copy. We can’t stress this enough.

This is why frequent, reliable backups are your ultimate insurance policy.

Our TLD Hosting includes robust, server-level backups as a core component of the service. Your files and databases are securely stored offsite.

For our TLD Loyalty Club members, we go further. We provide monthly full backups of your files and database as part of our comprehensive proactive maintenance and health checks.

This support is one of our “3 Uniques”. We support you comprehensively through the process, ensuring you have a safety net even when the worst happens.

The essential security checklist for a clean-up

If you suspect this SEO spam hack, you must act immediately. Send this practical checklist to your development or hosting team:

1️⃣ Isolate the site. Do not simply disable the page; move the entire site to a quarantine/holding page or shut down the affected server environment to stop the infection from spreading and block the redirect.

2️⃣ Restore a clean backup. Find a backup copy from before the infection date. The newest backup is usually still infected.

3️⃣ Scan the entire source code. Run a deep scan on the restored files and the database for malicious code, backdoors, or newly injected users.

4️⃣ Clean and patch. Immediately update all your content management system software (like wordpress), themes, and third-party plugins to the very latest versions, as outdated software is the main entry point.

5️⃣ Harden user accounts. Change all passwords for admins, FTP, and databases. Implement multi-factor authentication (MFA) on all accounts.

6️⃣ Request a review. Once clean and patched, use your search console tool (like Google Search Console) to submit the site for a security review and ask for any security warnings to be removed.