Details
- Vector type:
- Google Manipulation
- Risk level:
- None
- Impact level:
- None
Included here for the sake of completeness only.
This NSEO attack vector entails submitting a sitemap to Google which contains redirected HREFLANG content from the target’s website to yours. Google would then automatically associate the redirected content with the original, thus allowing the attacker to “siphon” relevance and rankings through the abuse of Google’s canonicalization system.
Defense
Google fixed this exploit back in late 2017 or early 2018, and it is no longer a threat. However, while it the exploit was active, there was no defense against it.
It was discovered and filed as a Bug by Tom Anthony (Twitter link). For more info, have a read of
Google exploit via XML Sitemaps to manipulate search results.