Welcome to WebmasterWorld Guest from 220.127.116.11
One common way hackers take advantage of vulnerable sites is by adding spammy pages. These spammy pages are then used for various purposes, such as redirecting users to undesired or harmful destinations. For example, we’ve recently seen an increase in hacked sites redirecting users to fake online shopping sites.link [googlewebmastercentral.blogspot.com]
How many of the links we see every day on sites could be hacked but just is highly sophisticated - enough to pass for normal?But you don't see the injected links - they are hidden "off page" with CSS. Some of the out of place spam/hacked keywords I've seen in pages tend to be possible evidence of a failed hack or a crude attempt at clickbait SEO. The iffy links might be IDN versions of legitimate sites but most of the injected links tend to use the luxury product name or designer in the domain name. Then there are the injected links to problem ccTLDs that should not exist in most sites outside those countries.
It's also very unlikely that they'd look for their sites via the hacked target phrases. FWIW, in the example search above, I'm not seeing the "This site may be hacked" message on some very obviously hacked sites.The problem is that Google cannot tell a good link from a bad one.
all you have to do is search for "fast shipping" and you'll find a boatload of hacked sites
But you don't see the injected links - they are hidden "off page" with CSS.
The problem is that Google cannot tell a good link from a bad one.