Sucuri, a company that cleans over 500 hacked sites a day, has released a statement about new occurrences of a of certain type of SEO spam which involves maliciously installing subdirectories on WordPress websites.
The idea behind this black hat scheme is to abuse the server resources and storage by installing spammy sites within a WordPress subdirectory.
The spammy sites are usually promoting products, designer sunglasses for example, with the intent for the attacker to make affiliate income.
What sets this tactic apart from other SEO hacked spam, such as malicious redirects or defacements, is that it doesn’t change the appearance of the original site.
The hackers cover their tracks by hiding their spammy site within the legitimate site’s subdirectory, so the site owner may never even notice it. Having some type of security monitoring in place is one way to be alerted if something like this happens to your website.
Another way to find out if an attacker is spamming your site is to use Google Search Console, Sucuri recommends. If you see a lot of search queries for things that are way off topic, you might be a victim of an SEO hack.
That’s not a perfect way to diagnose if you’re a victim of this new type of SEO subdirectory spam, but it’s somewhere to start.