Preventing Referral Spam in Subpage Header & Navigation

Greetings folks -
Can anyone explain how content spam gets added to WP template sites?

I’m not talking about comment spam. I’m talking about the navigation getting taken over by spam links or actual content on the page getting injected with craptastic promotional ads completely unrelated to the site.

I’m asking because I had a strange thing happen when I clicked on a deep link to my site recently. The page had on it embedded links for services all over the globe. In this particular instance it said, “How to buy lasics online” and it listed a bunch of places within my site header and in the main nav from all over the world like Dubai, Candada, etc… It was essentially hijacking my page and loading a bunch of spam/phishing links on there. I don’t know where it came from and unfortunately didn’t grab a screenshot, but as soon as I logged into the admin panel, the links disappeared and the page looked normal.

What the heck was going on there? Does anyone have experience with what this might be?
Has this theme been compromised? Or, perhaps it’s my login credentials, except the page looks fine in admin view…

It’d be terrifying if these parasites where somehow able to mask from me that they where using my site as a zombie bee :honeybee: making me think things were fine, because I’m no longer seeing anything when I’m log in as an admin. I’ve verified on 2 other machines that it’s not permanently on the site and the page in WP looks fine, but I’m shaken by this experience.

If you know how and why this is happening so that I can put a permanent end to it, please advise.

FYI, years ago on a different machine I identified a melicious browser plugin that injected links into WP content when an author was editing that would only appear on the website after it was published. The solution then was to turn off all browser plugins when I edited content. Wonder if this is the same thing. I’ll investigate further.

Thanks in advance,

That site was hacked. Hard to tell where the loophole was. Maybe you used weak password, outdated WordPress, plugins or a theme.
This is not really a good place to discuss such a broad topic. There are many articles or specialized WP forums about this on the internet, just search for stuff like “wordpress security malware hacked” and you get plenty of resources.

You can start here:

Thank you @LSVthemes

I’m a bit of a newb with these forums and just finding my way around. I’ll goto the WP site for these type of things. FWIW, it does help that it isn’t my browser hijacking the page, but potentially a hacked login or WP plugin. Again, much appreciated insight. :+1:

Well, maybe it was your browser. I don’t know. But non properly secured WP site is much more likely the reason.