Google to Penalize Sites Hijacking Browser Back Button Starting June 2026

Google will add back‑button hijacking to its spam policy and begin penalizing offending sites worldwide starting June 15, 2026.^[1]

The move targets a growing tactic that traps visitors, forces unwanted ads and erodes trust in online navigation, which Google said harms the overall user experience.^[3]

The new rule expands Google’s existing malicious‑practices spam policy to explicitly ban scripts that block or manipulate the browser’s back button, a technique previously addressed only under broader “cloaking” provisions.^[1]

Enforcement begins on June 15, 2026, and sites will have a two‑month remediation window to remove the offending code before penalties take effect.^[4]

The policy applies to any website indexed by Google Search, affecting billions of pages across the globe.^[1]

Back‑button hijacking typically involves JavaScript that intercepts the back navigation event, displays a full‑screen advertisement, or redirects the user to a different domain, preventing a return to the previous page.^[3]

Violating sites may see a drop in search rankings or removal from search results altogether, mirroring the treatment of other spam violations.^[1]

Webmasters have been warned that failure to comply within the two‑month period could result in significant traffic loss, prompting many to audit their code for unauthorized back‑button handlers.^[4]

Industry analysts said a sharp increase in back‑button hijacking over the past year, with some estimates suggesting the tactic appears on as many as one in twenty high‑traffic sites.^[3]

Google’s spam policy, first introduced in 2019, already targets cloaking, hidden text and link schemes; the new provision simply codifies a practice that has long fallen under the umbrella of deceptive behavior.^[1]

Search‑engine optimisation firms said rankings can tumble by several positions overnight after a penalty, which may translate into millions of dollars in lost ad revenue for affected publishers.^[5]

Experts said site owners should audit their JavaScript for event listeners attached to the window.onpopstate or beforeunload events, and remove any code that blocks the native back navigation without user consent.^[4]

Because Google processes over 90 % of global search queries, the policy’s reach extends to virtually every online business, from small blogs to multinational e‑commerce platforms.^[1]

Google said it will issue manual actions for confirmed violations and may also employ automated detection tools that crawl sites for back‑button interception scripts.^[4]

Google said site operators should update their privacy policies, notify users of any navigation changes, and test pages on multiple browsers to ensure the back button functions as intended.^[4]

Compliance will not only protect rankings but also improve overall user trust, a factor that advertisers increasingly consider when selecting platforms for their campaigns.^[5]