What is pharma hacking and how do you spot it?

Hacking has several faces - some are easier to detect than others. When ads for Viagra are flashing on your webshop without your consent, you know you have been hacked. But if you are the victim of the so-called Pharma Hacking there’s a good chance you don’t know about it.

What is Pharma Hacking?

Pharma Hacking is an invisible form of hacking. The hacker will place keywords in the title of your website, create a new folder in your file system or place hidden links in your text. Neither of the changes will be visible to anyone but Google’s crawler robots.

It’s called Pharma Hacking because the hidden links will often be related to pharmaceutical products, but links to gambling sites, counterfeit designer goods, and sites with adult content are also common.

The purpose of this type of hacking is related to ranking in Google. There are two ranking-implications.

1. The ranking of your webshop

After a Pharma Hacking attack, your webshop will be infested with links and keywords completely unrelated to what you sell. Google punishes this by lowering your ranking. If you are really unlucky, Google will blacklist you, which means that your webshop will never show up in the results from a Google search. This can dramatically reduce your sales.

2. The ranking of the hacker’s webshop

On the contrary, the hacker will receive much better ranking in Google. By placing links to his webshop and keywords relevant to what he sells, the hacker’s webshop will appear much more popular than it really is. The hacker’s webshop will be one of the first results in a Google search related to his product, which most likely will drive up his sales.

It’s difficult and expensive to clean and restore a website after it’s been Pharma-hacked. Therefore, you should ALWAYS keep a recent backup of your website. With a backup, rebounding from a Pharma hack is fast and easy.

How do I know if I’ve been Pharma hacked?

The Pharma Hacking is not immediately visible on your webshop, which means neither you or your customers will notice the hacking just by scrolling through your website. Luckily, there’s an easy solution.

The best trick is to google your own webshop (in quotation marks). You need to check the links that are shown under the link to your homepage. If any of these links are unrelated to what you sell on your webshop, you have most likely been Pharma hacked.

How can I avoid Pharma Hacking?

There’s a number of things you can do to avoid being the victim of Pharma Hacking:

• Update to the newest version of your CMS
• Install and continuously update to the newest safety plug-ins
• Use strong username and password combinations
• Get an SSL Certificate and have SSL activated
• Choose a web host that cares about the safety of your CMS
• Block unusual traffic to your webshop
• Use your own server - web hosts (i.e. WordPress and Joomla) are exposed to Pharma hacking far more often

To sum up

All in all, Pharma Hacking is a terrible, widespread phenomenon. But at least now you know how to protect your website against Pharma Hacking and also how to check your current site for this hacking type. That’s one step in the right direction.