You press back. You land somewhere you never asked to go. You press back again. Same thing. You're stuck, cycling through pages you never visited, until you give up and close the tab.
Sites have been doing this for years. Google noticed, said nothing, and rankings stayed untouched. June 15, 2026 is when that free ride ends.
TL;DR
- Google enforces a new spam policy against back button hijacking starting June 15, 2026
- Previously had zero ranking impact. That position is now fully reversed
- Violations face manual spam actions or automated ranking demotions
- You're liable for third-party ad or tracking scripts doing this, even if you didn't write them
- Affiliate sites, ad-heavy publishers, and lead gen pages are most at risk
What is back button hijacking?
You know it when you feel it. You find a page through Google, it's not what you needed, you hit the back button, and instead of returning to Google, you land somewhere you never chose to visit. Or you keep hitting back and nothing happens. You're stuck.
That's back button hijacking. The site inserted fake pages into your browser history. When you try to leave, you cycle through those entries: ads, upsells, newsletter prompts, instead of going back to where you came from.
Try it yourself
Start on the Hijacked Site mode. Click the search result, land on the article, then press the back button. See how many presses it takes to get back to Google. Then switch to Normal Site and try again.
The Browser History Stack panel below the browser shows exactly what happened: in hijacked mode, three fake pages were inserted into your history the moment you landed on the article. Every back press cycles through one of them before you can reach Google.
Why Google is acting now
For years, Google's official position was that this had no impact on Search rankings. That's now reversed. They've upgraded it from a vague UX concern into their malicious practices spam policy, the same framework used for cloaking and deceptive redirects. Human reviewers can now flag sites for a manual action.
Their stated reason: the behaviour is increasing. When a dark pattern scales, Google codifies enforcement around it. The two-month notice window is deliberate: they want removal, not surprises.
Who actually needs to worry
This is a monetization tactic. Sites running it are trying to extract extra ad views or affiliate clicks from users who are already leaving. If your site doesn't do that, you're likely fine.
| Site Type | Typical Use | Risk Level |
|---|---|---|
| Affiliate / coupon sites | Redirect to offer page when user tries to leave | High |
| Ad-heavy publishers | Insert ad pages into history for extra impressions | High |
| Lead gen pages | Re-trigger opt-in on back navigation | Medium |
| E-commerce | Push upsell page on exit | Medium |
| B2B SaaS | Rarely implemented | Low |
Some ad networks inject this behaviour without site owners knowing. Google holds you responsible for everything running on your domain including code you didn't write. Check your ad network and tag manager before assuming you're clean.
The big names doing this right now
When this announcement hit Hacker News, it got 862 upvotes and nearly 500 comments, almost all of them people naming the biggest offenders: LinkedIn, Reddit, Facebook, Instagram, TikTok. All of them redirect users to their feed when those users try to go back to Google.
None of those platforms depend on Google organic traffic. So Google's main enforcement lever, ranking demotions, does not threaten them. This policy will mostly affect the long tail of affiliate sites, content publishers, and ad-heavy blogs. The household names will probably ignore it.
What to do before June 15
If your site has any ad monetization, lead gen overlays, or affiliate redirects, run this audit. The fix is usually fast once you know where to look.
Two months feels comfortable until it's three weeks out and removing the code means a dev sprint on a revenue-generating feature. Start the conversation with your team now.
If your site uses any back button manipulation, remove it before June 15. Not just because of the penalty. Users who feel trapped don't convert, don't return, and don't recommend. The ranking hit is the consequence. The trust was already gone.
Frequently asked questions
- A site secretly inserts fake pages into your browser history when you land on it. When you press back, instead of returning to Google, you land on those planted pages: ads, newsletter prompts, upsell screens.
- You never chose to visit these pages. The site loaded them to trap you and extract ad impressions before you can leave.
- Aggressive implementations fill your entire history with fake entries, making escape nearly impossible without closing the tab.
What this means by vertical
Affiliate and lead gen: Highest risk. If anything redirects users on back navigation, strip it before the deadline. Short-term revenue loss is recoverable. A manual spam action is not.
Ad-supported publishers: Audit your ad network contracts. Some programmatic vendors have used this to inflate impression counts. You're liable for what runs on your domain.
E-commerce: Check checkout and upsell flows. Exit-intent overlays are fine. Inserting pages into browser history is not.
Reality check: LinkedIn, TikTok, and Instagram won't comply because Google can't hurt them. This enforcement targets everyone who depends on organic search. That's exactly who should take it seriously.
Yuval Halevi
Helping SaaS companies and developer tools get cited in AI answers since before it was called "GEO." 10+ years in B2B SEO, 50+ cybersecurity and SaaS tools clients.
Related Articles
Your Search Console Impressions Were Wrong for 11 Months
Google over-reported impressions from May 2025 to April 2026. Clicks were fine. CTR was not.
Technical SEOChatGPT's Favicon Is Missing from Google Search Results
The world's most-used AI tool looks like a suspicious phishing site in search results.
ResearchForbes Advisor Lost 23.6M Visits. CNN Underscored: 3.2M to Under 1K.
Full data-driven autopsy of how Google ended the Rent-a-Domain model.