Google Classifies Back Button Hijacking as Spam: What You Need to Know
Google is classifying "back button hijacking" as spam, targeting sites that abuse the browser History API to trap users when they attempt to navigate away. This new policy, effective June 15, 2026, will result in penalties ranging from manual spam actions to algorithmic ranking demotions.
What is Back Button Hijacking?
Back button hijacking involves using scripts to inject fake entries into a user’s browsing history, preventing them from returning to the previous page when they press the back button. This can lead to users being trapped on interstitials, ads, or the same page they were trying to escape.
What Counts as a Violation?
Google's policy encompasses any technique that inserts or replaces "deceptive or manipulative pages" into a user’s browser history, impeding immediate return to the previous page. This includes:
- Exit-intent overlays triggered by back navigation
- Popunder ad scripts
- Recommendation widgets that intercept the popstate event to redirect users
Liability for Site Owners
Even if the offending code comes from third-party ad networks or engagement scripts, site owners are still liable for violations. Google recommends webmasters conduct a thorough audit of their entire technical stack, including ad networks, A/B testing tools, consent modules, and engagement widgets.
Grace Period and Penalties
Google is providing a two-month grace period until June 15 for sites to remove non-compliant code. After that date, pages caught hijacking the back button face:
- Manual spam actions from Google’s webspam team
- Algorithmic demotions affecting search visibility
This latest move by Google underscores its ongoing efforts to combat malicious practices and ensure a better user experience on the web.