Home Testimonials Company Support 1–888–873–0817
PRICING SUPPORT LOGIN
Home Notes Malware Signatures About

Malware entry: spam-seo.hidden_content.80

Description: An invisible or barely visible spammy link injected mainly by various rouge WordPress plugins that add social media widgets, e.g. facebook-widget-plus, my-twitter-timelines, advanced-twitter-embedded-tweets-shortcode, advanced-facebook-likebox-shortcode.

According to Google, such links are considered spammy:

Widgets can help website owners enrich the experience of their site and engage users. However, some widgets add links to a site that a webmaster did not editorially place and contain anchor text that the webmaster does not control. Because these links are not naturally placed, they're considered a violation of Google Webmaster Guidelines.

Here's how it usually looks like in the HTML code

<div class="support" style="font-size: 9px; text-align: right; position: relative; top: -10px;"><a href="//www.<spammysite>.com" title="Click here" target="_blank"><spammysite>.com</a></div>

And here are some typical examples of the PHP code injecting those links

echo '<div style="font-size: 9px; color: #808080; font-weight: normal; font-family: tahoma,verdana,arial,sans-serif; line-height: 1.28; text-align: right; direction: ltr; position: relative; top: -24px;"><a href="http://www.<spammysite>.com/" target="_blank" style="color: #808080;" title="Crayfish Studios">Crayfish Studios</a></div>';
echo $after_widget;

or

		
if($author == "true"){
$data .= "<div style='font-size: 9px; color: #808080; font-weight: normal; font-family: tahoma,verdana,arial,sans-serif; line-height: 1.28; text-align: right; direction: ltr;'><a href='http://www.<spammysite>.com' target='_blank' style='color: #808080;' title='pacrimauto.com'>Click Here</a></div>";}

To resolve this issue, webmasters should either add rel="nofollow" to the widget links (if you really want to keep them) or remove them.



Affecting: Mostly WordPress sites with installed rogue plugins.

Cleanup: Remove rogue plugins, or remove the code that injects the spammy links.