Many of us have experienced a ‘hacked’ website, where some malicious agent has replaced our site or inserted messages and links all over it. However, there aren’t really any commercial gains to be had from this, other than extortion. We’ll get it fixed quite quickly, even if it’s costly to do so.
To gain commercially, hackers need to gain a more long-lasting impact from controlling a site. To do this, they gain access to editing our sites without us even knowing, and add links that we as siteowners might not even see.
Many sites host these links forever, quite unaware that they’re doing so.
The best way to combat this, apart from having good website security in the first place, is to frequently check all the outbound links from our sites. These are what the hackers will place surreptitiously, perhaps from existing text or images.
Using a website link checker such as Screaming Frog is a good way of doing this. A tip I’ve read recently is to set this to emulate Googlebot, as hidden links can be cleverly hidden to everyone except Googlebot.