What is injected spam?

One of the things we scan for with our security checkups is injected spam. This is code that results from a hacker adding spam links or text to your site’s pages. The injected content is almost always unrelated to your site’s content. It often contains pharmaceutical or pornographic terms. This is a type of malware, is very common, and can result in a negative impact on your site’s SERP (Search Engine Result Pages).

Here’s an example that I stumbled on yesterday. I’ve scrambled the text and images to protect the identity of the site owner, but this is on a portfolio page of someone who designs websites for income. 👀

Injected spam example

See it? Yeah. Not cool. Would you trust this person to design your website? Especially to represent a business or organization? Probably not. Websites represent the image of a company, and it’s possible to suffer significant losses due to injected spam. Visitors may lose faith in sites that cannot promise security and will become wary of performing online transactions.

Please be aware that removing spam content won’t address underlying vulnerabilities that allow hackers to compromise a site. Without correcting the root cause, a site may be hacked again in the future. At the very least, all software running websites should be kept up to date to minimize the chance of spam being injected into a site.

Fresh Prince Graffiti

Think about injected spam as graffiti on the side of a building. What’s the best way to make sure no one can paint on the building? Don’t provide any means of access.

Of course this isn’t realistic for a lot of buildings without high levels of security like you’d find around government locations, but in the digital space, it’s a different story. It’s not too difficult to secure a website with the right setup.

Interested in a security checkup to make sure your website is secure and well-maintained? Let me know. We offer them for free and would be happy to help.

Default image
Scott Pruett
Articles: 11

Leave a Reply