So your first big question might be- What exactly is “negative SEO” anyway?
Negative SEO practices include all malicious attacks designed to damage your website rankings and/or reputation online. In some cases, negative SEO attacks may even result in Google penalizing or completely de-indexing your website.
- 1 What will you learn about negative SEO in this article?
- 2 Why do some people choose to use Negative SEO?
- 3 A Brief History Of Negative SEO
- 4 Is Negative SEO a Real Problem?
- 5 Can Your Business be Significantly Damaged?
- 6 The Top Five Most Common Types of Attacks
- 7 How to Protect Your Website
- 7.1 Analyze Your Backlinks
- 7.2 Which Links Should I Disallow?
- 7.3 Spammy Anchor Texts
- 7.4 Massive links with Text Anchor of Main or Commercial Keywords
- 7.5 What are Brand Keywords and Neutral Keywords?
- 7.6 Negative SEO with Toxic Domains
- 7.7 Negative SEO Tactics Using Social Engineering
- 7.8 Fake Reviews Online
- 7.9 Duplicate Content Attack
- 7.10 Negative ORM (Negative Management of Online Reputation)
- 7.11 Injection of malicious code
- 7.12 Sabotage and Denial of Service (DOS)
- 7.13 In Closing
What will you learn about negative SEO in this article?
The first thing you’ll learn is that I will NOT be providing detailed examples nor explaining the specifics on how to carry out any “Black SEO” or “SEO Black Hat” techniques.
If you’re looking for info that teaches you how to pull off these types of shady negative SEO practices, this is not it, so stop looking!
So why exactly am I writing this?
Because of my own website recently came under negative SEO attack and, as a consequence, I can now definitely understand the dangers through my own first-hand experience.
Fortunately, as I will detail here, I was able to spot the attack almost immediately and promptly mitigate any significant damage.
But make no mistake-
- Negative SEO practices exist
- These unethical techniques can definitely, negatively impact your business
- Learning how to identify these methods is the best way to combat them!
Simply stated- If your site is online, then you need to learn how to protect it from these malicious attacks.
Because providing information that’s blatantly unethical and dangerous would make me complicit with malicious attackers.
Why do some people choose to use Negative SEO?
Because negative SEO works…sometimes.
The immediate goal of positive SEO is to position your site in Google’s top page results so that you can maximize your visibility, increase click-through rate (CTR) and jumpstart your profitability. Of course whenever there’s an opportunity to beat the system, damage your competition and score “easy” money, a certain percentage of unethical people will be more than willing to “do whatever it takes” to do precisely that.
Especially when deploying negative SEO tactics actually can be easier, faster and cheaper than employing ethically sound, “positive” SEO techniques.
As a direct result, the unfortunate current online business reality is- When your successful website starts to gain an envious reputation for “outranking” your competitors, you may sooner or later be forced to deal with one or even a series of these types of attacks.
A Brief History Of Negative SEO
Negative SEO tactics have been around for quite some time, but gained increased popularity after Google released its “Penguin” update in April 2012.
As an indirect and unintended result of the stricter penalties imposed by Penguin, Google inadvertently increased the overall effectiveness of negative SEO tactics. And as an additional unexpected result, tools that were previously positive for positioning suddenly stopped being so positive. For example, the rapid acquisition of links, with exact anchor text, etc.
These external factors could now be relatively easily manipulated through the use of negative SEO without your site’s consent or knowledge.
Quick Note: Negative SEO is NOT ALWAYS behind penalties, un-indexing penalties, or drop in rankings. In many cases, this is due to other factors or circumstances.
Now please keep reading to learn how to effectively identify negative SEO, and then learn what your best options to protect yourself.
Is Negative SEO a Real Problem?
Based on the number of gigs from the online job freelancing site, Fiverr, which utilized negative SEO tactics, I would say a negative SEO problem exists, and it is very real!
Controversy remains on the subject today, but negative SEO is real and has happened to many victims, including my website. But there’s an even easier way to demonstrate the reality of negative SEO.
Just answer the following question-
If you go overboard with your link building (acquiring too many links too quickly from low authority sites, with too exact anchor text for example), will you find yourself in the sights of a revenue damaging Google penalty?
The obvious answer is YES…of course you will.
Anyone who’s spent any time at all using SEO tools has undoubtedly over-optimized their website simply by overly aggressive experimenting with links and/or anchor texts.
Can Your Business be Significantly Damaged?
Very short answer- Yes.
If the tactics are well-executed and deployed efficiently, your business can be dealt a swift penalty, since Google’s algorithms will detect if/when you’re attempting to “game” their system and improve your position in violation of its rules.
In general terms, there are two types of Google penalties- Manual and Algorithmic.
1. Google Manual Penalty
Manual penalties are the easiest to spot, especially if you’re signed up for Google Search Console. You will receive an almost immediate notification explaining what’s happened and this notification will often include instructions on how to act .That’s why it’s highly recommended that if you haven’t already done so… Sign up for Search Console!
NEAT TRICK: If you Google search for your domain with your operator site (site:domain.com) and see zero results, it’s almost sure that you’ve already suffered a manual penalty and that Google has de-indexed you. In case you experience this kind of penalty (and after you’ve solved it) you can ask Google for a reconsideration and will then have a good chance of being re-indexed, or at least be provided instructions on what to do next.
In case you suffer this kind of penalty (and after you’ve solved it) you can ask Google for a reconsideration and will then have a good chance of being re-indexed, or at least be provided instructions on what to do next.
2. Google Algorithmic Penalization
This type of penalty is a bit more complex as well as difficult to initially identify because, in this case, you will not receive a notification!
Typically you’ll only realize you’ve been penalized after you’ve lost rankings, and after you’ve already suffered a decline in traffic visible in Google Analytics.
Also, in this case, you can not directly request a reconsideration, and your solution will be significantly more complicated as well.
You’ll have to find out for yourself-
- The specifics of the problem
- Attempt to solve it
- Be forced (in the case of Penguin) to wait until Google re-crawls your website and all of your site’s backlinks.
Combating a large scale negative SEO attack is complicated, and unfortunately for your business, it’s also far too easy to create new problems when trying to address or solve the original one.
What does Google say about this in their “help” documents?
“That is to say: it is you who must do everything possible to take precautions and defend yourself from the negative SEO, do not trust Google to step forward and get you out of the quagmire.”
But if you carefully re-read the quote above you’ll see that Google does not state whether or not negative SEO exists, although when you read about this topic from 15 years ago (in 2002) in, “Information for Webmasters,” the picture becomes much more clear.
How about them apples?
Very different from what they state now, right? That is to say: Something happened (Penguin?) that’s changed the opinion of Google, and also that negative SEO is a new reality.
The Top Five Most Common Types of Attacks
(and how to detect then solve them without further damage)
1. Malicious Link Building
This is the most common negative SEO practice and the most frequent one you’ll most likely experience.
But although it is usually most frequent, fortunately, it’s not usually the most effective, especially if your site is older and already has some authority.
2. Low-quality Blog and Forum Comment Backlinks
This problem is one of the most common black hat SEO techniques due to it being relatively inexpensive and straightforward to execute.
Almost anyone can spam comments and insert links in abandoned blogs or online forums which lack regular moderation. As a standard example, when you regularly monitor your link profile, you’ll be able to quickly notice hundreds or even thousands of links that appear suddenly, which should alert you that you’ve been attacked. Without regular moderation, this can become a big problem.
3. Malicious Backlinks
This negative SEO tactic a bit more of a severe problem, especially if the links are created rapidly, typically at a speed that’s nowhere near usual to your site.
With this attack, you run the risk of Google thinking that you’re attempting to aggressively position yourself by buying links and, as a default reaction, they will penalize you.
What can you do in this case? I recommend-
- If you have not already done so, immediately register your website in Google Search Console, and then regularly, scrupulously monitor your portfolio for all links, especially focusing on those you haven’t consciously created yourself.
- Subscribe to a payment tool, such as Majestic or Ahrefs, and then SEO audit your backlinks frequently.
- If you use Majestic, you can receive automatic alerts by email when the tool detects new links to your domain.
- Whenever possible (complicated in the case of an attack) try to contact the owner of the website and ask him to remove the link, or at least use the “no follow” attribute to decrease his strength.
- Use the “tool disavow links” (disavow).
- Review detailed information about disavowing links and how to do it in the box below.
4. Use the Disavow Tool to Disallow Toxic Links
This negative SEO tactic penalizes low-quality, toxic, unnatural or fraudulent links. When attacked with this, it’s time to review all the links your website, analyze them and then determine if you want to disavow these links. Google’s Disavow Tool, can be carefully used to effectively un-authorize links that may be negatively affecting your position.
Google’s Disavow Tool, can be carefully used to effectively un-authorize links that may be negatively affecting your position.
But beware, this tool is expert level only, and definitely should be your last option! If you’re unsure exactly what the story is, read Number 5 first before you decide to take action. Or hire a professional.
5. Disavowing Links is a Controversial Topic
We all know that Google can detect patterns of links, texts, social interaction and more, and also that attempting to precisely eliminate links is another pattern that, contrary to what many may think, will also turn around and bite you.
For example, your website fails to improve position with new links that “you have gains,” and even begins to lose rankings, despite being of high quality.
If/when you’re in this situation, do not disavow any links: you’ll only be explicitly informing Google that they were right and, consequently, it will take even longer to get you out of hot water!
How is that even possible?
Imagine that you’ve created links from a PBN well hidden from the eyes of search engines, but you’ve now generated too many in much too short a period.
At this point, Google may detect a pattern then, while it may not immediately penalize you, it will leave “freeze” your position and then wait for you to un-authorize those links. So be calm and simply wait a month before slowly, gradually disavowing those links more “organically.”
A Practical Example using the Disavow Tool
This is what happened with Andy, one of my clients.
1. He inserted a follow link into a link building spam farm.
2. This link pulled thousands of websites automatically linked to his home page.
3. Google penalized him, which in turn affected many of the sites attached to the program.
Over time, affected webmasters began to remove that link then sent requests to Disavow Tool: error. Google now knew that he was part of that network and the Disavow tool confirmed it. As a direct result, his penalty was compounded.
How to Protect Your Website
The first thing to do is to investigate the links that your website has achieved naturally, as well as those that you’ve created yourself.
To do this, just analyze your domain with Site Explorer from Ahrefs.com or Majestic SEO and then track the domains that point to your website.
You can also use Search Console by accessing Search Traffic Links to your site, although it does not show updated results like the other two tools we recommend.
In both, however, you can see growth graphs of your links; so when you find very large peaks, you may need to pay strict attention.
Now create an Excel file and write:
- Domain Ranking (DR). The more, the better
- Ranking of Ahrefs, The lower, the better.
- Alexa ranking. The lower, the better.
- Trust Flow. The bigger, the better.
- Citation Flow. The higher, the better.
- The number of links you receive.
- Reference country. If they’re from Russia or China, 99% are spam. Try to get links only from countries where you want to position.
Once completed, the most suspicious links you need to immediately disallow will be visible.
In Search Console Manual Actions you can also see if/when Google has detected suspicious links you should act upon.
For example, seoexpertbrad.com receives links from such dubious websites as- popular.jp0.Ru, listofdomains.org, list-of-domains.org or webnamelist.com.
All of these are domain directories that Google considers as link farms and, in addition to this, your domain may unknowingly appear listed next to adult websites or casinos.
So we’re ready to disavow these links:
- We created a .txt document (encoded in UTF-8 or 7-bit ASCII)
- And we’ve included the domains or links that we want to de-authorize one per line.
Now if/when you want to disavow an entire domain-
- Start your line with “domain: thedomain.com,,” and if it’s a specific page, include only the absolute URL.
Disavow Links also includes comments to help you remember when you added links and will attempt to contact webmasters to remember later when you update the file.
2. Add the links and domains.
3. Save changes.
4. Access the Disavow Tool website in Search Console.
5. Choose the web and upload the file (up to 2 MB).
NOTE: The Disavow Tool is not a tool against spam, i.e., Google does not take into account the websites listed to penalize them (at least for now). And always try to eliminate low-quality links yourself by directly contacting the webmaster, but if this isn’t possible, then use Disavow Tool.
Once uploaded, Disavow Tool will inform you if the file is correct and the number of URLs or domains it includes, and will send you a copy with an email like this-
Which Links Should I Disallow?
If you want to build a good profile of authoritative links to your website, natural is always best; so write high-quality content, interact with other webs in the sector and the links will come. We all know that this can be a slow process, while your competition might be generating links artificially to improve their positioning.
But you don’t have to fall into this trap.
Instead, more carefully review links that come from-
- Low-quality directories- Their low-quality design is usually a sure sign that they are or will be penalized.
- Link farms- There’s no classification here; they appear one after another without any criteria.
- Content blog farms- Blogs networks where you can publish optimized content. Do not confuse with guest blogging.
- Finally, if you create links, always track your anchor text ratio of keywords- This will prevent Google from detecting an over-optimization or link pattern.
As you can see, the process of disavowing links is fairly simple, but you have to be very clear which links you want Google to ignore so that it does not negatively impact your site’s positioning.
IMPORTANT NOTE: Do not obsess over “bad” links.
By this, I mean don’t waste time continually searching for links that seem “inappropriate” or pouring over every one of them. It’s one thing to suffer a massive attack with thousands of links, and quite another to receive the occasional “bad” links for various reasons. Everyone gets those, and that’s natural too.
For example, having a few hundred links that come from the “footer” of a “friend” page (something that’s now considered harmful) is not necessarily problematic. But if 75% of your Backlinks are of this type, then you may have some problems. And the same if most of your Backlinks use your main Keyword as anchor text- This would not be natural. Use latent semantic keywords.
Just try to have a “normal” link profile, with enough variety of “good”, “bad”, “follow”, “nofollow”, with anchor “branded”, anchor “neutral”, etc.
Spammy Anchor Texts
Although it seems counter-intuitive, the worst negative SEO attack you can receive is precisely the one that simulates a “reasonable” (but abusive for Google) SEO strategy that you can conduct yourself. That’s why it’s increasingly essential that, for long-term positioning, you try to stay as far away from spammy SEO as Google considers questionable. If you’re only positioning strategy is to create links in abandoned blogs or with exact commercial Keywords, it’s very easy for you to drop the first attack which merely amplifies what you’re already doing.
Examples of Mass Links with Text Anchor containing Spam-
Sometimes, by checking your links with Search Console or Majestic, you may find that the anchor text of your links suddenly contains some “strange” keywords. If these links point you to Keywords that are not specific to your content, (like all those porn-related, piracy-related, or Keywords in a different language) usually you don’t need to worry. It’s not unusual for this types of attacks to affect the positioning of your “good” Keywords or trigger a penalty.
Luckily these types of links usually come from sites of low quality and end up disappearing over time or are directly devalued. Of course, they can still “tarnish” your link profile, and if they begin to dominate it, they’ll “plug” the Keywords that interest you.
That is- Your Commercial Keywords, your Brand Keywords, etc., could decrease in percentage within your profile, and this may detract from authority when positioning some of those Keywords.
If you’re attacked with a massive campaign of “dofollow” links, which also point you to the Keywords that are normally associated with your site … then this attack can be severe.
This is because it’s possible that by doing so your attacker is or can become Penguin prone. And if this happens, in addition to devaluing all the Keywords of the External Links you currently have (both good and bad), the same would happen to the Keywords of your internal links.
That is to say; Google would believe that you’re now abusively using your keywords in your backlinks and would then nullify the value of these Keywords; both the “good” links you’ve obtained and the “bad” links your attacker has created. And because Penguin depreciates all links containing those Keywords arbitrarily, you’ll also lose the value of your internal links.
In practice, this means that you would stop positioning yourself for those Keywords and that would make it very difficult for you to do so again.
What can you do in this case?
- Carefully study your link profile, especially the density of your Keywords in anchor texts.
- If you keep a historical record of your links (which I highly recommend) look at the record before the attack when you were positioning for your Keywords.
- Once you know what profile Google considered to be “right,” try to return to it by reducing the density of the affected Keywords in any way you can.
- But do it progressively and patiently: if you were (for example) with a 3% density for a particular Keyword, and now you’re at 6%, don’t go down to 3% at a stroke. Drop to 1% and wait a week. If you don’t improve your position, drop another 1% and wait another week, etc.
- Continue building, or start getting quality links that point to your website using your Brand Keywords, or Neutral Keywords. And do not re-use Exact Keywords until the density caused by the attack is diluted.
- Why Brand Keywords, not Commercial or Top Keywords? Because of this way, when these links disappear or weaken, you won’t run the risk of suddenly finding yourself with a profile of over-optimized links.
What are Brand Keywords and Neutral Keywords?
For my website, Brand Keywords would be: ”
seoexpertbrad, “Brad Shaw,” “Brad,” “Blog of SEO expert,” etc.
And Neutral Keywords: “Click here”, “website”, “here”, etc.
Negative SEO with Toxic Domains
Surely you’ve read “tricks” or “techniques” to avoid a penalty to “moving” your content to another domain and redirecting traffic.
If you’ve tried it, you’ve no doubt discovered that penalties were severe and, sooner or later, they affected your new domain. And just as with other negative SEO techniques, an adversary can take advantage of this situation to attack you by redirecting a penalized domain to yours, with the intention that the penalty will catch you.
What can you do?
- You can detect this type of attack if suddenly, and without any action on your part, the authority of your domain or a particular page decreases quickly.
- The first line of defense is to include the redirected domain in your Disavow file.
- But do not stop there; try to locate where the toxic domain is hosted then contact their support to explain the situation and ask them to eliminate the redirection or suspend the account depending on the case.
Negative SEO Tactics Using Social Engineering
Of course, it’s not always easy to get quality organic links. And once you obtain them you’d like them to remain active, while you’re gaining authority and increasing your position. Unfortunately, this slower process doesn’t always appeal to certain unscrupulous competitors who campaign to try to have them withdrawn.
How do they do that?
With some of the oldest, shadiest techniques still available:
- Social Engineering
- Supplanting your identity
- Posing as others.
Just send an email on your behalf to the owners or publishers of the sites and request that they remove them because “Google has marked them as spam.” Or you can also pose as a positioning agency that works for you and is currently “cleaning” or “restructuring” your profile links. And the sad thing is that some webmasters can remove your link without verifying the origin of the email.
Fake Reviews Online
Another technique, which is, unfortunately, becoming more fashionable, is to create a lot of false reviews that and then publish them in pages like Google’s My Business.
This achieves two goals at once:
- Attacks your positioning by inviting penalties
- Damages your online reputation
What can you do?
- Regularly monitor your most important links and if one or more of them suddenly vanish then contact the party responsible for the website in question to find out what happened.
- Monitor the reviews of the sites where you publish the data of your company to report attacks of this type.
Duplicate Content Attack
Surely you’ve read that duplicate content can negatively influence your positioning. And again this problem can be used by your competitors using negative SEO.
How can they do it?
Simply by creating identical copies of your articles or web pages and then publishing them in other domains. When there is a multitude of copies of the same article, Google can be confused and thus position others ahead of the original, yours. Especially if the site in which it’s re-published has authority as well as a related theme.
Also, if the attacker manages to index your content before you do, Google may consider your attacker to be the original author, a full-blown robbery.
What can you do?
- First, immediately index your articles as soon as they’re published. If Google indexes your content first, they’ll know it’s the original and discard the rest as copies.
- Contact the webmaster and ask him to remove the duplicate content: it’s possible that he’s also been hacked and is publishing your content automatically without his knowledge.
- Contact the hosting where the domain that is copying is housed and report the problem.
- Use Google’s legal troubleshooter tool to report the problem, and request that they remove the duplicate content from the index.
- Create Google alerts for the title of your articles and will notify you automatically when an identical copy appears.
Negative ORM (Negative Management of Online Reputation)
As you’ve seen throughout this article, anything that positively affects you can also do so negatively.
Therefore, if you can work to get a good Online Reputation (ORM), your opponents can equally strive to get it dirty; that is, create reviews or negative publicity about your company or your products.This is not entirely worrisome if this “bad press” fails to appear on the first pages of results. But when you start to dominate the second page of Google for your Commercial Keywords or Brand … you have a reputation problem.
What can you do?
- First of all, it is essential to control your Online Reputation, and the easiest and most effective way to do it is with SERPWoo: it will automatically notify you when other results you have not created begin to climb positions, and before it is too late.
- Discovering negative results as soon as possible will give you the opportunity to react, creating and positioning positive content that “covers” and “pushes down” adverse content.
Injection of malicious code
You’ve already seen that a bombardment with your main Keywords as Anchor text can be quite unpleasant.
But what happens when you discover that there are a lot of Backlinks pointing to a specific page in your links profile, with an unknown anchor text?
For example, hundreds of links pointing to an inside page of your website with “viagra,” “casino,” etc. When this happens, it’s possible that your site’s been hacked and that the attacker is using it as a Parasite to position other pages.
One of a lesser-known Black Hat strategies is to take advantage of some weakness in your site then inject and hide code with links to pages they try to position. That is, they take advantage of the authority of your website, as a parasite, then create links to the hacked page with your objective Keywords to increase their relevancy. And you run the risk of Google blocking access to your site if it detects malicious code or thinks you’ve been hacked. Make sure you monitor your site using Google Webmaster tools.
What can you do?
- If you suspect that you’re a victim of this attack, but do not see anything unusual in your website code, examine the dubious page with Search Console’s “Explore as Google” tool.
- It’s possible that malicious content remains hidden when viewing the page or even when reviewing the code. But you can reveal it by using Explore as Google because for this technique to work Google must be able to “see” and then index the link.
- Schedule time to regularly examine your link profile in Search Console and SEO tools like Majestic, to detect this situation as soon as possible.
- Use Secure Hosting, which has excellent technical support that you can contact for help.
- Always keep your WordPress and plugins up-to-date, and use a plugin like Wordfence that adds extra security.
Sabotage and Denial of Service (DOS)
Sabotaging your website or the location where it’s hosted is one of the most brutal techniques that exist with negative SEO.
This “method” is called Denial of Service (DOS).
With this tactic the attacker tries to make your site completely unavailable, sending a flood of traffic that saturates the server where you’re hosted, exhausting all your resources and bandwidth. In the eyes of the visitor, and Google, it will appear that your website is “fallen” or no longer exists.
If this situation is prolonged, you can completely disappear from the Google index. And even if the attacker is unable to achieve this end, your rankings could still be negatively affected because Google will position sites that “respond” faster than yours. Not to mention the sales or hiring losses; no one likes to interact with a slow site or that it is “hung.”
What can you do?
- The best defense is to hire a hosting company that can deal directly with this types of attacks, and one you can conveniently communicate with in case of attack.
- Expect to make daily copies (or at least every time you make changes) to your website so you can quickly restore it to another account or hosting, then redirect your DNS to it as you solve the problem.
Negative SEO is an unpleasant reality which can happen at any time. It’s a terrible and unethical business practice, but certain parties will continue trying to use it. Especially if/when you’re in very competitive niche markets. The best way to defend yourself is to naturally increase the authority of your site and then monitor your backlinks on a regular basis.
The higher quality your website maintains, the less likely you are that Google will penalize you in the event of a Negative SEO attack.