As Google becomes more sophisticated and starts handing down penalties to sites for building spammy backlinks, a new trend has emerged among some less scrupulous companies. This trend is referred to as “negative SEO”, where a competitor will deliberately engage in obvious, black-hat tactics aimed at your website in the hopes of reducing its ranking in Google. At its worst, negative SEO aims to get your site de-indexed, but how worried should you be? If you are the target of an attack, how should you respond?
How Likely am I to be Targeted?
The first question to ask yourself is “How likely am I to become a target for negative SEO?” Businesses who have found a market that isn’t especially competitive or where there isn’t much money changing hands do not need to be as concerned. Positive SEO efforts on your site are usually more cost-effective than attempting to run a negative SEO campaign on a competitor, and thus your competition would rather invest in that than an attack. Rank Executives provides SEO services to dozens of domains, and thus far only two have suffered attacks – one a negative SEO attack after starting with us and another that we discovered was hacked before they signed on. Given that we deal with a wide variety of industries ranging from health and safety regulation to automotive, including highly competitive fields such as civil law, most of whom rank on the front page for their keywords, it should be comforting that only one has suffered an attack.
Part of the reason for the rarity of attacks is that most negative SEO campaigns are not effective. We’ll go into more details about some of the tactics employed and how effective they are later, but the major take-away from this is “be not afraid”. That being said, just as some people learn martial arts for defense, even though the odds of them needing it are low, it is important to know how to defend yourself just in case.
Recognizing the Attack
The first step in defending yourself against a negative SEO campaign is to recognize when you are actually under assault. This is one of the major reasons why SEO is a full-time job, it requires regular monitoring of Google Analytics to spot any fluctuations that may be damaging to your site. However, even these fluctuations might not be your competitors. There is a great article on Moz that was published six months ago that provides a fantastic breakdown of how to recognize an SEO attack.
A good way to tell what is going on is by figuring out where the links are coming from. A site-wide link from a domain, for example, could show up as tens-of-thousands of links, something that will look like an attack but is, in fact, perfectly natural and won’t result in a Google penalty. Some red flags to look for are things like exact-match anchor text (that is: keywords showing up in the anchor text of the links being built to your site), tens of thousands of new links showing up per week from multiple domains, and low quality, indecipherable content surrounding the link (like a website whose top post was discussing “the scud missile from Mt. Rushmore selling parkas”).
Disavow, Disavow, Disavow
This is a time-intensive tactic, but ultimately it is your best defense against links you do not want affiliated with your website. Among the webmaster tools that Google provides is the disavow tool, which allows you to let Google know that you did not authorize the link and could not get it taken down. The big problem with disavowing links is the amount of time it can take. When thousands of spammy links are being built to your website per month, the disavow process alone can take away time that would be dedicated towards other SEO efforts.
Keep Your Nose Clean
Google has repeatedly claimed that most negative SEO attacks are ineffective, and there is a reason for that. Their algorithm and web spam team do not consider solely the way things are, but also look at history. Thousands upon thousands of new backlinks showing up in a vacuum will not damage your site. However, if you have a history of spam or employing other black-hat tactics, you are more likely to suffer from a negative SEO campaign. This is because if you did it before and it happens again, what else would a third-party observer think except that you are up to your old tricks? That is the key to any SEO campaign, positive or negative, remembering that Google is merely an observer who tells users about the things they ask about. If string of robberies were happening on your block, for example, who would you be more likely to suspect? The man who admits he used to be a burglar but turned his life around, or your friendly but klutzy neighbor?
Ultimately, the best defense against negative SEO is constant vigilance. Even if your website probably won’t fall victim to an attack, it pays to do regular audits of your link profile. If you have already hired an SEO agency (like us), keep an eye on the links that they are building to your site to know whether the new links popping up are a result of their efforts or an attack by a competitor. Obviously though, a good SEO company will let you know if they believe an attack is taking place on your site, and like any other reputable service provider will endeavor to be transparent about what they’re doing.
Negative SEO Tactics
Ultimately, the best defense against any attack is knowing what form the attack would take. While I loathe providing possible tips to black-hat search engine marketers, the fact is that dozens of blogs have already given the information out. Furthermore, the benefits of people knowing what to expect far outweigh the costs of possibly arming the enemy. I’ll also go into strategies for defending against these specific tactics, note that in some cases I’ll repeat some of the points above since those general strategies do work against most of these tactics.
Spammy Link Building
This is one of the most common, easily recognized, and least effective negative SEO tactics. It involves hiring a company that engages in black-hat tactics and asking them to build thousands of links to a competitor’s website. Over a long span of time, it may result in a negative impact on rankings, but this is where judicious use of the disavow tool comes into play. As mentioned above, it will take time to disavow all of those links, particularly when they come at you in the thousands to tens of thousands, but ultimately that is usually the most damaging effect.
There are exceptions of course: some websites might find themselves decimated by this sort of attack. Websites that deal with high volumes of money (payday loan sites are a perfect example) are especially vulnerable to the link spam attack. Domains with a history of black-hat SEO tactics are also vulnerable.
Earned Link Removal
This one is a little more insidious. It requires a bit of social engineering on the part of your competitor and involves emailing webmasters and asking them to take down links to your site, pretending to be you. This exploits the paranoia over Google algorithms and the fact that many firms do not build close relationships with the webmasters who promote their content. Furthermore, in an industry that is driven by results and velocity, it is easy to forget links already built. However, SEO is like war: the only secure ground is the ground you are standing on.
To counter, keep track of every link you’ve built. Furthermore, establish ties with webmasters, make it so they know you. This way, if they receive a sudden e-mail asking them to take down a link, they can alert you. Ultimately, vigilance is your best defense against this strategy.
Direct Site Hack
Yes, a website hack can also be used to hamper your SEO efforts and ruin your site’s positioning. More overt signs of a hack include altering your robots.txt to block your site, effectively de-indexing your homepage from google. Another possible option is a code injection on your site that attaches your site to a spammy webpage. In either event, your best defense is security. Make sure your CMS is fully up-to-date, and don’t use any plugins that are vulnerable to an attack.
If your best efforts at securing your site fail, there are a number of signs and symptoms that warn you that something has happened. The first alert should be if your web site begins ranking for keywords that are irrelevant to your site such as “Viagra” or “short-term lending” (unless your website provides Viagra or short-term lending). Also, be sure to check your robots.txt to make sure there were no unauthorized alterations.
This is another method of manipulating Google’s algorithm that is relatively new exploits the end-game of all major search engines: giving the user what they want. Click-Through-Rate (or CTR) is a signal used to indicate what people are looking for. If most people searching for a given term click on a specific site, then it is natural to think that the site has what those people are looking for and increase its rankings. However, what if, instead, nobody clicked on their links? What if a competitor created a bot that clicked on every single link except yours? This CTR Attack can cripple your rankings, and the only hint is a sudden, sharp decline on your Analytics.
This is a more difficult tactic to counter, as the only way to counter to draw more clicks to your website. You can try to compensate with a click bot of your own, but this is a dangerous tactic and NOT recommended as if you are pushed too far down in SERPs, or worse onto the second page, then using your click-bot will look unnatural and may result in a penalty to your site.
Ultimately, most people don’t have to worry about negative SEO attacks, but it’s just like any other rare event: you do not assume it will never happen, but simply prepare just in case it does happen. Your website was a massive investment, and your position in search engine results in factors into your livelihood, so you cannot take any chances. Ultimately, the trick is to stay vigilant, and check your analytics on a regular basis. Look for unusual trends and, when they appear, learn how to adapt. It is something we do here for all of our clients, and a practice I highly recommend you adopt.