Sneaky Redirects – What You Need To Know

There are several ways a website can deceive a search engine and its users. Some manipulative cloaking techniques aim to display different content to users than what’s expected or indexed by search engine web crawlers like Googlebot.

Legitimate redirecting, such as 301/302 redirects (and sometimes using Javascript), are considered to have good intent and a useful purpose because they direct visitors to where they should be, such as during a website migration to a new address or to an internal page after logging in.

On the other hand, sneaky redirects (a type of cloaking) don’t have a legitimately useful intent in terms of the Google Webmaster Guidelines. They are primarily used to manipulate the search engine results, or deceive users and advertisers, in order to artificially direct traffic.

They can take a few forms (including Javascript), but most of them aim to trick users by making them think they’re going to see some specific content when instead they are shown completely different content, made to click spam ads, or have cookies installed in their browsers.

What Are Sneaky Redirects?

As previously mentioned, a typical 301 redirect is the common practice of sending visitors to the new address of a site that has moved. Web crawlers will understand this and follow the redirect to the working page.

Sneaky redirects can be a little different. With sneaky redirects, Googlebot may fail to follow the redirect target and index the original page instead, while users get surreptitiously sent to another page with content that the web crawler doesn’t see.

It’s in clear violation of Google Webmaster Guidelines to serve different content to users than the search engine results. This also includes showing different content based on what platform is being used, such as redirecting mobile users to a different page than desktop browsers.

Sneaky redirects can be a type of web attribution fraud (especially when used to manipulate affiliate ad networks with cookie fraud). For example, after placing a copy of a brand’s ad in the SERPs, affiliate ad hijackers may direct users through a series of masked redirects to hide their footprints and claim referral credit before directing the user to the official brand’s site.

Mobile sites are notorious for using sneaky redirects (such as through WAP-click affiliate programs). For years Google has been taking punitive action against mobile sites that redirect users from the mobile SERP to an unwanted or completely different spam domain.

How Do They Work?

Sneaky redirects look and feel like any other page redirect. You type in one URL or follow a link from a Google search, but you’re redirected to something significantly different than the content you expected.

Google probably ends up indexing the original page and content when sneaky redirects are used in this way and is unaware of a redirect target that is misguiding traffic.

Sometimes a user may temporarily get redirected to the wrong page before getting redirected to the correct location.

The two main ways that sneaky redirects work are:

• Showing search engines one type of content while users are shown a different type of content.
• Some desktop users receive a normal page, while mobile or different desktop users receive a completely different spam domain.

Types Of Ways They Are Used

A user can be redirected to a different page by doing a Google search, but actually, go to the correct page when entering the URL in the search bar or clicking a bookmark. Or both can lead to a sneaky redirect.

Quite often there are ads or elements that pop up on web pages or are positioned so that users accidentally or unknowingly click on them and get redirected to a completely different site. This can artificially increase a site’s bounce rate by sending users to where they didn’t want to go.

More often than not the redirected page will have spam content that’s irrelevant and of lesser quality than the originally indexed page that Google sees.

Snippets can be used to deceive users too. Google expects users to land on a page that’s reflected by the SERP snippet, but a sneaky redirect won’t follow suit.

Sneaky mobile redirects are very common and can be created with deceptive intent by a site owner, or implemented by hackers and spam artists without the site owner ever knowing. These mobile redirects can be implemented with these types of configurations:

• Using a script or element (like Javascript) to redirect users to bad websites (web page elements and rich media are not crawled very efficiently).
• Adding code with rules that force mobile users to get redirected to a completely different page
• Hiding links in Javascript code to redirect users to unrelated sites.
• Using a script to display sneaky advertisement redirects (like popups).

Another nefarious method is for a shady publisher (i.e. hacker) to purchase a domain with a common misspelling of a popular site or advertiser, and then join the legitimate site’s affiliate program.

What proceeds to happen is that a user may accidentally enter the misspelled domain URL and temporarily land at the fake site. The malicious publisher can then load a tracking cookie into the user’s browser and redirect her to the correct site that she intended to visit.

Now, because of the sneaky cookie, the affiliate program will credit the malicious website whenever that user makes a purchase from the legitimate website.

How To Find Them

One obvious way to know whether your website is associated with a sneaky redirect is through Google Search Console, where you will receive a Manual Action Report. The manually detected issue can be sitewide or partial.

It can be very helpful for Google to notify you if your site has been affected because it’s possible for hackers to hide the sneaky redirects from webmasters and steal their visitors indefinitely.

You can learn about Google Search Console and manual action reports from our article on Google penalties.

You can also manually check your site by navigating it from a Google search with a mobile device or mobile emulation in a desktop browser. This way you can visit all your pages and assess the overall user experience.

Monitoring your site’s user activity and analytics is also helpful for picking up on suspicious actions. You will want to specifically look at the average time spent on your site or how long user sessions last on specific pages (like the landing page).

The Fetch as Googlebot tool (Google Search Console) can be used to test if Google can properly access a URL and show you how it renders pages. This is a very useful tool to see whether content is showing up normally to Google compared to how it appears when you visit.

How To Fix Them

Stop and fix your pages if you’re intentionally engaging in this behavior. Confirm that your fixes worked by navigating your pages from the Google search results.

Assuming you received a manual action report from Google, submit a reconsideration request and be patient while Google reviews your site.

Make sure you’re not hacked if the sneaky redirects are not your fault. Google has a securities issues report that can help you determine whether you’ve been hacked.

You should also audit your site for any third-party scripts or elements that may be causing the redirects. Remove them one by one from the redirecting page if you don’t control them.

After they are removed, check your site on a mobile device or browser emulator to see if the redirection stopped (mobile users are redirected a lot).

Conclusion

Sneaky redirects can be a pain in the ass for any SEO (not to mention the potential harm they may cause). Consider yourself fortunate if you haven’t had to deal with them yet. But also be prepared for when you do.

If you’re involved in affiliate marketing, make sure your ad networks are using industry best practices for safety and integrity. If you deal with advertisers, make sure they are transparent about their user traffic and activity.

Finally, listen to your users if you care about their user experience. They can see your website in different ways and they’ll be the first ones affected by a sneaky redirect.

Contributing Author: Brian Kihneman

Related Posts