We have recently observed many cases where a product page or a page on our site appears in the search results under the name of your site, which you do not remember. We will explain the causes and countermeasures in this case.
When a site with an unknown domain is found in the search results with the name or keywords of your (your company’s) site.
If you search for your site’s name or keywords, and a site with an unfamiliar domain appears in the search results of Google or other search engines, and when you jump to that site, you find that the content of the site has been replaced, even though the header and footer of your site are the same, or you are redirected to an invalid validation page. The site has been hacked and the site has been tampered with,
It is likely that the site that has been hacked and defaced is the site of that domain and not yours.
The reason why such pages exist is that hackers have borrowed only the header and footer of your site and created fake pages on the hacked site on another domain with only different content.
In this case, unless the hacked external site removes the defacement, your site will continue to appear in search results.
If your site’s name or keywords appear in the search results for a product or service on your domain that you do not remember.
If a search for your site’s name or keywords turns up a number of product pages that you do not recognize, and the domain is your site, there is a good chance that your site has been tampered with by a hacker.
Pattern 1: Search result links to unrecognized pages result in a 404
In this case, it is likely that the hacker has altered only your site’s sitemap (the file that tells search engines what pages exist on your site ).
You will need to verify the sitemap contents, remove the malicious sitemap, and perform vulnerability testing and backdoor (malware) testing and removal.
Pattern 2: Search result links to unrecognized pages exist on your server’s domain
This case is even more deadly and means that the hacker has completed creating a fake page on your server’s domain.
In this case, it is possible that a large number of files have been generated or even the database containing the site’s content has been tampered with.
If this is the case, it is recommended that you have the WordPress:Malware Scan & Security Plug-in [Malware and Virus Detection and Removal] scan your site for malware, including databases.
Delete unrecognized product pages from search results.
This will not remove the malicious pages from the search results until the search engine crawls your site again and confirms that the malicious pages are no longer there.
With Google Search Console, you can also re-register a cleaned-up sitemap to notify the search engines that the site’s rogue pages are no longer present sooner.
