Haters gonna hate, as the saying goes. SEO is no exception. If you’re ranking well for in-demand keywords, you can expect to be the target of a number of negative SEO campaigns trying to tear you down a peg or two. Unfortunately this black hat SEO technique can be remarkably effective. It generally relies on leveraging Google’s own algorithms against you, earning you penalties for infractions you never committed.
Here’s what you need to know to spot the 7 most common attacks, fix them and protect yourself in the future.
1. Auto-complete SEO attack
The principle is simple, but this negative SEO attack is very difficult to defeat. Practitioners simply search your brand name numerous times with words like ’scam’ included in the search. Do this enough times, and users who type in your brand name will get an auto-suggestion including the negative term. This might seem petty – and it is – but it can have a big impact on your brand perception.
You can spot this attack by keeping a close eye on your search queries. If unusual terms start to appear, you’ve probably been a victim of this negative SEO technique. You can’t do much to stop this happening, but a smart content marketing strategy can help you rank positive content for those negative terms.
2. Link removal attack
Backlinks constitute an important SEO ranking factor, so it’s little surprise to see these targeted by SEO saboteurs. This technique sees attackers emailing the webmasters behind your best links and requesting that they’re taken down – usually masquerading as you. The sheer number of legitimate link removal emails means that these imposters can escape without proper scrutiny and you lose your best links in the process.
Diagnose this attack using link-monitoring tools such as Majestic or Monitor Backlinks. If a link is unexpectedly taken down, you can investigate immediately and resolve the problem before your rank is badly affected.
3. Hack attack
Unlike some of these other attacks, SEO hackers aren’t normally looking to damage your ranking. Rather, they’re jockeying off your authority to build their own. Aside from being unfair, the unfortunate by-product of this attack is often penalisation for your site. This technique is when a hacker-attacker hacks into your site and buries spammy links in your content to build their own backlink profile. They might even create a series of new pages that drive traffic back to their own site.
This attack is noticeable if you start to recognise strange anchors for keywords you’ve never tried to rank for. If you suspect you have been hacked, you should investigate promptly to discover how the hackers got in so you can shut them out the next time they try. You can help prevent hacking before it happens by installing plug-in updates as soon as they’re available and using double authentication for your back-end users.
4. 404 Error attack
If Google detects that many of your pages are getting a 404 error message, they’ll generally drop your site like a hotcake, before you can deliver a terrible user experience. Unfortunately, negative SEO practitioners know this and can manipulate that knowledge to attack their competitors. They simply create thousands of links back to pages on your site that don’t exist, so when Google tries to follow those links, a 404 error is generated:few things can adversely affect your ranking so quickly.
You can spot this attack by closely monitoring your ‘Crawl Errors’ through Google Webmaster. If you see a sudden leap, that’s a good sign that you’re being targeted.
Luckily, you’ll generally find that a pattern emerges so you can easily spot which URLs are involved in the attack. Then you can request that your site delivers a 410 ‘Gone Forever’ message instead, to cut down the number of 404 messages being issued.
5. Redirect attack
As you may or may not know, redirects allow link equity to be passed to a new domain. Negative SEO attackers use this knowledge to redirect negative link equity to your domain, so you’re penalised for their bad links. In its most basic form, this is simply pointing a penalised domain link back to your site so you get the penalty. In its more complex form, a committed negative SEO attacker might copy your entire website, add canonical tags and then bury spam links in the content. The spam links will be penalised and the canonical tags ensure that penalty is transferred to your original site.
You can spot this attack in several ways. Firstly, keep a close eye on your link-monitoring tool. Majestic reports redirected links in the same way as normal links, for instance, so you can quickly spot any issues and disavow. You can also search Google for copied versions of your content and check manually whether the canonical tag has been used.
6. Spam links attack
This is one of the most common negative SEO attacks, as it’s one of the easiest to implement. An attacker simply creates an unnaturally large number of links pointing to your site, which triggers Google’s Penguin tripwire. Google assumes that you’re engaging in black-hat SEO yourself by creating unnatural links in order to improve your rating and it penalises you accordingly.
This attack is all about volume, so it should be pretty obvious if you’re a victim. If your intelligence platform tells you that you’ve suddenly received an unusually high number of links, often on the same day, it’s probably SEO attackers at work.
Often all links will point to the same page on your site – to allow the attackers to quickly create links. They’ll often come from very similar sources, with a similar authority ranking. If you’re using Majestic, you get a Trust Flow report telling you how trustworthy the linking site is. Often this ranking will be very similar.
You might also notice that links are using the same anchor text, making Google think that you’re playing the system. In the Google universe, over-optimising your focus keywords is a punishable offence and negative SEO attackers use that to their advantage.
To combat the link spamming attack, add those links you’ve identified to your disavow list, so their link equity doesn’t count towards your ranking. You might also register a spam report with Google which identifies which domains are involved in the link spamming.
7. Fake parameter attack
This is an insidiously effective attack that targets your URLs. Basically, an attacker creates multiple links that point back to legitimate URLs on your site, but using fake parameters. (www.mysite.com/legitimate-url?spam-fake-parameter.)
These links then create duplicates of your legitimate pages, which can flag a Panda penalty. The keywords used can also indicate that your site isn’t relevant, which is one of the fastest ways to incur Google’s wrath. Say you run a property firm, for example, then a URL littered with keywords like ‘viagra’, ‘gambling’, or ‘discounted storage solutions’ is a pretty sure sign of irrelevance.
These URLs will often achieve a 200 OK response, so they are treated as normal, genuine pages. As such, this can be particularly difficult to spot and you’ll find it more productive to stop this attack before it happens. The best way to do that is to use the canonical tag, to identify which pages should be ranked. This makes sure that no other pages using that URL can rank and cuts the SEO attacker off in their tracks. You could also configure your server to recognise and ‘noindex’ any unknown parameters.