Google is introducing a new spam policy targeting “back button hijacking”, a deceptive tactic that traps users on websites, with penalties that could see offending sites pushed down or removed from search results.
Spam Policy Change Under “Malicious Practices”
Google has confirmed that from 15 June 2026, back button hijacking will be treated as an explicit violation of its spam policies under “malicious practices”.
This means websites using the technique could face manual penalties or automated ranking drops in Google Search, significantly reducing their visibility and traffic.
The company says the move is in response to a growing number of sites using manipulative tactics that interfere with how users expect the web to work.
In its announcement, Google made the reasoning clear, stating that the behaviour “breaks the expected user journey” and leaves people feeling manipulated.
What Is Back Button Hijacking?
Back button hijacking is a relatively simple concept, but one that most users will have experienced at some point.
It happens when a website interferes with a browser’s back button so that clicking it does not take the user back to the previous page as expected. Instead, users may be redirected to another page, shown unwanted content, or kept within the same site.
In some cases, additional pages are silently inserted into the browser history, creating the illusion that the user has navigated normally when they have not.
The result is a browsing experience that feels confusing and, at times, deliberately obstructive.
This type of behaviour undermines one of the most basic assumptions of the web, that users are in control of their own navigation.
Why Is Google Acting Now?
Google has said it has seen a noticeable rise in this kind of behaviour, which has pushed it to act more explicitly.
While similar practices have long been discouraged, this is the first time back button hijacking has been clearly defined as a standalone violation within Google’s spam policies, signalling a more direct approach to enforcement.
This practice sits within a wider rise in so-called “dark patterns”, where design or technical tricks are used to nudge or trap users into actions they did not intend, with back button hijacking being a clear example that undermines the basic user experience and breaks the expectations people have of how the web should work.
How These Web Tactics Are Being Used
In many cases, back button hijacking is implemented through scripts that manipulate browser history or intercept navigation events.
For example, users might click a search result, land on a site, and then find that pressing “back” does not return them to the search results, but instead cycles through pages they never intended to visit. This can be used to keep users on a site longer, increase ad impressions, or funnel them through affiliate links.
It should be noted here, however, that it is not always deliberate. Google has acknowledged that some instances may come from third-party advertising networks, plugins, or embedded libraries that site owners are not fully aware of.
This means businesses could end up being penalised for behaviour they did not even realise was happening.
Back Button Hijacking – The Consequences And Penalties
Now Google has decided to act, the consequences of being caught using back button hijacking could be significant. Google has made it clear that sites engaging in the practice may face ranking demotions or, in more serious cases, removal from search results altogether.
For businesses that rely on organic search traffic, this could have a direct and very serious impact on visibility, enquiries, and revenue.
However, Google has also said that sites which fix the issue can request reconsideration, suggesting the focus is on correcting behaviour rather than issuing permanent penalties.
The key point here is that enforcement will be both automated and manual, meaning detection could come from algorithms as well as human review.
What Does This Mean For Your Business?
For businesses with a website, this change is less about a specific tactic and more about a broader change in expectations.
Google is basically making it clear that interfering with user control, even indirectly, is no longer acceptable, and that technical implementations need to align with how users expect the web to behave.
That puts greater responsibility on organisations to understand not just their own code, but also the behaviour of third-party tools, plugins, and advertising platforms integrated into their sites.
It also highlights how user experience is now directly tied to search performance, and practices that frustrate or mislead users are increasingly being treated in the same way as traditional spam.
For many organisations, this will mean taking a closer look at how their website behaves in real-world use, particularly around navigation, redirects, and history handling.
It also means that search engines are now moving beyond content quality alone and are placing more weight on whether a site behaves in a way that users trust.
Google’s move against back button hijacking is a relatively small technical change on the surface, but it reflects a much bigger direction of travel. It seems that the web is being pushed back towards a model where users remain more in control, and where attempts to manipulate that control come with some clear consequences.
