Selective redirect abuse

If your site redirects only on mobile or ad traffic, that is often a compromise pattern, not a random bug.

Attackers frequently target only mobile users, paid clicks, or selected referrers because those redirects are harder for site owners to reproduce during normal testing.

When a site redirects only on mobile or ad traffic, it often means malicious code, scripts, plugins, or tag logic are selectively hijacking visitors for fraud, malware, or affiliate abuse.

No signup requiredResults in under a minuteBuilt for SMB operators

See redirect malware symptoms

What this means for you

The risk is not the issue list. It's what attackers can do with it.

Selective redirects can quietly burn paid traffic before your team sees the problem.

Mobile-only redirect abuse is common because site owners often test on desktop first.

Visitors blame your brand when they land on scam or malware pages.

If the redirect is selective, the persistence mechanism is often designed to survive superficial cleanup.

What attackers usually do next

Step 1

Redirect only ad or social traffic to maximize monetization while avoiding detection.

Step 2

Target mobile visitors because they are less likely to inspect URLs or scripts closely.

Step 3

Use injected scripts, tags, or plugin hooks to re-enable redirects after cleanup.

What the scanner checks

Plain-English security context, not just raw scanner noise.

Redirect behavior across devices and traffic sources

Third-party script, tag, and suspicious resource clues

CMS, plugin, and WordPress compromise indicators

Blacklist, Safe Browsing, and attack-surface context

What to do next

Start with the fix that protects trust, traffic, or checkout first.

Priority 1

Test the redirect from mobile devices, ads, and different referrers before making changes.

Priority 2

Audit scripts, tags, redirect rules, plugins, and theme snippets tied to traffic handling.

Priority 3

Remove the persistence path, not just the visible redirect destination.

Priority 4

Re-scan and monitor mobile, ad, and search traffic after cleanup.

Related guides

Keep moving through the problem, not just the keyword.

Read the FAQ

Website redirect virus

Use the broader redirect malware page for the main symptom cluster.

Checkout page compromised

Selective redirects often overlap with e-commerce abuse and fake payment flows.

Check if site is hacked

Use the broader hacked-site path if redirects are only one symptom among several.

FAQ

Short answers to the exact questions people search.

Why does my site only redirect on mobile?

Attackers often target mobile visitors selectively because it is harder for owners to notice during normal desktop testing.

Why would redirects only affect ad traffic?

Ad traffic is valuable and easy to monetize, so attackers often hijack only paid clicks to avoid broad detection.

Can tag managers or plugins cause this?

Yes. Selective redirect abuse can live in plugins, snippets, tag logic, or third-party scripts that look legitimate at first glance.

Will clearing cache fix it?

Usually no. The code or logic that triggers the selective redirect has to be removed from the site or its scripts.

Ready to check?

See what attackers see before it becomes a cleanup project.

Run the scan, get the risk in plain English, and move from symptoms to fix priorities faster.