Google Search Quality team posted about the types of website hackings & their preventions. In general, the most common and dangerous hacking techniques are: “SQL injection — a technique to inject a piece of malicious code in a web application, exploiting a security vulnerability at the database level to change its behavior, and cross-site scripting (XSS) — a technique used to inject malicious code in a webpage, exploiting security vulnerabilities of web applications.”

To identify the hacking of your site: You can run site: search operator combined with spammy keywords on Google search, for e.g.: site:example.com viagra OR casino OR porn OR ringtones

Google will return all the indexed pages of your website that contain those spammy keywords and that are, with high probability, hacked. You could also use Google Alerts to monitor queries like above. In addition, you can also use, Google's Webmaster Tools to spot any hacking activity on your site