Negative SEO results when too many links of poor quality are linked to your website. What’s more, some less than scrupulous individuals have attempted to threaten sending thousands of bad links to a website in order to harm that website’s SEO. This may come across as quite confusing, since many individuals still hold on to the notion that having lots of links to your website can only be a good thing. This could not be further from the truth.
If you feel you’ve been the victim of a negative SEO attack, you are not alone. We’ve been hit with multiple. Here is one fairly recent example:
While negative SEO is so 2014, SEO.co has been the recipient of negative link building campaigns as recent as 2020.
Years ago, it is true that having many poor quality links to your website would not be harmful. In fact, it would have been beneficial. Previously, it had been a wise practice to simply get as many inbound links to your site as possible, no matter the relevance or quality of those links. An entire industry sprouted as a result that was dedicated to providing massive amounts of spam-based links.
What resulted from this is that a massive influx of spam-based content began to circulate around the Web, and Google’s search results started to be negatively affected as a result. Unsurprisingly, many users started complaining to Google about the poor search results that they were receiving. Google, to their credit, took swift action to remedy these problems. This is when Google released their Penguin algorithm. This algorithm was, naturally, designed at targeting spam on the Web.
What resulted was that Google effectively turned SEO practices on its head. Now, having a massive influx of shoddy links would not help SEO rankings. Instead, they would do the opposite. Google, in short, rendered the effectiveness of quantity-based linking obsolete.
This change, while largely effective, has not come without cost or its fair share of negatives. The biggest negative, pun intended, is negative SEO. Since it is now possible to negatively affect a competitor by spamming their website with shoddy links, a new practice of negative SEO was born. Indeed, entire companies have arisen that are devoted to this harmful SEO tactic and practice.
The SEO community was shaken by reports that malicious companies were offering “negative SEO” packages for sale. Customers were able to purchase negative SEO and watch as their competitors sunk down in ratings. It didn’t always work, but it was enough to tank small businesses who didn’t know they were being attacked. Negative SEO attacks are considered black hat tactics and completely against the Webmaster Guidelines. If your site has ever dropped off in search engine results, it may have been directly related to a competitor who wanted to get above you and used negative SEO as a way to do it. However, you have a lot of options if you are ever threatened by negative SEO. To protect your business against these types of nefarious threats, you have to stay vigilant and employ some different tools to ensure that you are always are ahead of the game. Before getting into protecting against attacks, it’s essential to know what these attacks are.
When someone attacks your site with negative SEO, they are employing unethical black hat strategies to manipulate your rankings and bring you down in search engine results. There are a number of ways this is done:
Forums are one of the most notorious places where negative SEO exists. There are also SEO agencies that employ these tactics by spamming bad links in comments.
Negative SEO is at once a huge threat and less of a threat than people imagine. Successful negative SEO attacks are rare, and there’s a reason for this. Large businesses with established, old websites will have thousands, if not hundreds of thousands, of incoming links already. A negative SEO attack adding a few hundred or a thousand spam links will hardly budge that site’s ranking. The percentage of bad links is simply too low. The site may experience a brief drop in rankings, but such a bump in the road is normal for large, established sites.
Small businesses and new websites looking to build a following are most at risk. Small niches can be incredibly competitive, and black hat webmasters won’t think twice about using a negative SEO attack to nuke the competition.
The typical story for a small business is this.
Business A has very little recourse, and it all comes down to information and timing.
A lot of webmasters are having extreme difficulty determining what backlinks are negatively affecting their rankings in the search engines. However, there are a few major types of backlinks that have the potential to reduce visibility in the search engines.
It’s important to understand that there is nothing wrong with buying links. Thousands of companies buy links on webpages because it’s a great way to reach more people. In fact, a lot of companies make a decent ROI through links that they’ve purchased on various webpages.
However, the search engines want webmasters to label paid links with a no-follow tag, which means ranking power is not passed through the links.
Webmasters need to avoid paying for links that are do-follow, which means the links pass ranking power. Although research shows that paid links do increase search engine rankings, they can also cause ranking penalties, which have catastrophic effects on search engine rankings.
Webmasters should also avoid getting irrelevant links to their website. The Google Penguin update changed the importance of various ranking factors.
Basically, it greatly enhanced the importance of relevant links while decreasing the power of irrelevant links. The Penguin update made link relevance crucial. It only makes sense that a website about hotel would have relevant links from websites that are about hotels or similar.
If an abundance of irrelevant backlinks aren’t already hurting your search engine rankings, then there is a good chance that they will in the future. Put simply, it’s best to avoid obtaining irrelevant backlinks.
It’s not unnatural for many of a website’s links to become broken over a long period of time. A few broken links will not cause too much harm to your rankings, but if a website loses a large percentage of its links, it can negatively impact search engine rankings. Both external and internal links can reduce search engine rankings when broken, so it’s a good idea to keep track of both.
In the last couple of years, the Internet has witnessed a massive increase in link networks. A link network can be any network of web properties that are used for the sole purpose of building backlinks to a website. There are both public and private links networks.
Search engines have been taking action against the largest link networks. Some link networks are made out of websites that have expired while others are created with hundreds of free-hosted blogs. There is no denying that link networks pass serious ranking power.
If they didn’t, then the search engines wouldn’t be attacking such networks so aggressively. However, while the ranking power of link networks can be quite potent, they also come with a huge level of risk. Due to the very strict stance that search engines have taken against link networks, both public and private, any websites caught using such networks are at risk for being penalized.
In a worst-case scenario, a website might even be kicked out of the search index, which would cause a total loss of search engine traffic and rankings. It’s best for webmasters to avoid getting links from any type of link network.
There is no point in explaining what an anchor is. A quick search will yield the definition. Put simply, it’s the text used to link to a website. For years, many webmasters have been manipulating anchor text because the major search engines use it to understand what a website is about.
In the past, it was possible to get backlinks to a webpage that all used the exact same anchor text, and the search engines would rank the webpage very high in the rankings for the anchor that the backlinks were built with. However, times have changed, and the Google Penguin update took a major stab at anchor-rich backlinks.
When the Penguin update was released, websites that had an abundance of anchor-rich backlinks experienced a penalty, which negatively impacted search engine rankings. When acquiring links, webmasters need to avoid getting too many backlinks with the same anchor text. Too many anchor-rich backlinks will send your search engine rankings down the virtual toilet.
Many services offer to submit a website to a variety of low-quality web directories. It’s important to understand that there are a few high-quality web directories that are worth getting a backlink from.
The Yahoo, Best of Web and DMOZ web directories are looked favorably upon by the search engines because they’re heavily moderated. Backlinks from many low-quality web directories can negatively affect search engine rankings.
In the past, these directories were abused, so the search engines had to take action and significantly reduce their value. Many professional SEOs believe these directories can actually cause a website to be penalized. These days, it’s best to only get backlinks from the top directories, which were mentioned earlier.
Another type of backlink that can negatively impact search engine rankings is a link exchange. Although it’s certainly possible to stay under the radar with one or two link exchanges, getting more than that can cause a penalty, which reduces rankings.
It’s important to understand that the search engines have issues with excessive link exchanges. A handful of these backlinks shouldn’t do any harm, but when obtained in excess, link exchanges can be toxic for search engine rankings.
A link exchange involves two websites linking to each other. However, it’s when the link exchange looks unnatural or in excess that problems arise.
In many industries, blog commenting is commonplace. There is absolutely nothing wrong with visiting other websites and leaving a valuable comment on them. After all, the Internet was built for information sharing. Many webmasters engage on forums and blogs, and links from these places are fine.
However, it is how these links are created that matters. There are many software programs that automatically spam forums and blog with comments, and these programs normally build anchor-rich backlinks, which means a keyword phrase is used in the place of a real name.
If you leave a bunch of backlinks on blogs or forums using your real name, this shouldn’t negatively affect your search engine rankings. However, creating backlinks on blogs and forums using keyword-rich anchors is one of the fastest ways to get a search engine penalty.
Although this is not an exhaustive list of toxic backlinks, it contains some of the most common types of backlinks that can negatively impact your search engine rankings.
If you want to stop these attacks from happening or recover from negative SEO, you can follow these tips.
Google has a variety of tools that can help you prevent negative SEO from tanking your site. One of them is through email alerts. Google can send you an email for each of the following:
You have to connect your site to Google Webmaster Tools.
If you want to prevent spammers from succeeding in taking down your site, you have to use tracking tools. There are a few different ones that can monitor backlinks like Ahref or Open Site Explorer. However, these are more manual checks. If you want to get one that will always track your backlinks, you can go to MonitorBacklinks.com. This site sends email alerts whenever your site loses or adds new important backlinks.
When sites of a high PageRank with authority link to your site, you want to keep them. Spammers often look for ways to get these links removed. They can contact the owner of the site where you are linked and even request that it be removed. To prevent this, you need to communicate from your site’s email address instead of using Yahoo or Gmail. You also should track your best backlinks. You can do this with any of the monitoring tools mentioned above.
Hackers and malware can destroy your site’s ranking. Security is an essential ingredient to a properly working site. You can install plugins on WordPress to protect your site such as the Google Authenticator Plugin or just simply create a very strong password that combines numbers and characters. You should always create a baackup of your site and files s well. Your hosting provider may also provide tools that you can install such as an antivirus.
Duplicate content can kill SEO faster than a mosquito bite in summer. It’s a typical technique of negative SEO practitioners. One tool that can help is Copyscape.com. You just add your site or look up your articles in Copyscape to see if your content is located anywhere else on the web. If it is, you can have it quickly removed by contacting the website owner or reporting it to Google.
If your website doesn’t load very quickly but it used to load just fine, you might be getting thousands of requests per second by a spammer. If you don’t stop this, the spam can actually bring down your server and make your hosting company very upset with you. Pingdom offers a great tool to help you improve site performance. You can also use Google’s PageSpeed checker to figure out what’s going on with a slow loading site.
Haters are going to hate. Spammers who want to negatively affect your SEO can make dozens of social profiles dedicated to spamming your content and bringing down your social signals. To find out who might be mentioning your site in a bad way, just use Mention.net. As soon as your site is mentioned anywhere, you’ll get an alert.
You also have to be careful that you’re not doing anything to bring down your site’s ranking. Google penalizes sites swiftly for the following:
You should always be professional whenever you talk to marketers or fellow competitors. You don’t want to give people any reason. Spammers do what they do for a variety of reasons, but many of them just pick a reason for a reason or to outrank competition that they don’t like. While you don’t want to seek out friendships either with these negative SEOs, you also don’t want to invoke their wrath.
In order to combat these unwanted SEO attacks, Google wanted to provide webmasters with a simple and efficient way to notify Google. The disavow tool is Google’s answer for having an efficient conversation about negative SEO. With this tool, website owners are allowed to send Google a list of links or domain names that should be ignored where their site link profile is concerned. Better still, this tool is easily available within the Google Webmaster tools.
Cutts, the head of Google’s webspam team, has stated what the main intended purpose for this tool is. According to Cutts, Google has always maintained that the disavow tool was primarily intended for webmasters who had done bad SEO and had manual action taken against them by Google in the search results. For these webmasters, once they had done their best to clean up their link profile, they could use this tool to clean up their profile if spam-based links still existed after these initial efforts. Still, webmasters do not have to wait until manual action is taken against them and their site to use the tool. Indeed, webmasters that are concerned about their profile are encouraged by Google to use the tool at will.
If you have the suspicion that a negative SEO campaign has been launched against you, then the first step taken should be to log in to your Google Webmaster account. If manual action has been taken, you will receive a message which informs you that “some of your site’s pages may be using techniques that are outside Google Webmaster’s guidelines.” If, by contrast, no manual action has been taken, then just use the disavow tool to inform Google that they should ignore these links.
Cutts has also suggested that the disavow tool can be used preemptively as well. “If you are at all worried about someone trying to do negative SEO or it looks like there’s some weird bot that’s building up a bunch of links to your site and you have no idea where it came from, that’s the perfect time to use disavow as well.”
The next logical question, then, is how does a webmaster use the tool? First, you should sign in to your Google Webmaster account. Then, under the ‘Search Traffic’ feature, find the ‘Links to Your Site’ icon and click it. Next, click ‘More’ under the ‘Who links the most’ section, and then click ‘Download more sample links’. As a result, you should have a complete listing of the links to your website, and this can be used to pick and choose which ones should be ignored by Google. These links that should be ignored should then be saved to a .txt file and uploaded to the Disavow links page within your Google Webmaster account.
When business A finds themselves removed from the rankings, there is little indication that a negative SEO attack has happened. It can take seven days or more for Google Analytics and the Google link profiles to update enough to show the spam incoming links. That’s a full week, minimum, before the webmaster of business A can even determine why they were removed from rankings. Third party link evaluation sites can take even longer to update.
Meanwhile, Google updates much faster. Internally, there is closer to a two-day turnaround for ranking updates. A negative SEO attack happens, Google sees the spam incoming links, and within two days, business A is penalized. That leaves five or more days before business A knows why.
The timing issue doesn’t stop there. In the ideal world, after seven days, business A sees a more or less complete list of incoming spam links. This is assuming the negative SEO attack was a one-time thing, and not an ongoing process. Business A gathers up the spam links and reports them to Google via the disavow links tool.
An aside; the Google disavow links tool is the answer to negative SEO, as far as Google is concerned. If your site is being attacked, simply plug in the spam sites and submit the form. After a few days of processing time, Google will remove those links and prevent them from affecting your ranking. At least, in theory. In reality, Google might not remove all of them, and it might take longer.
Assuming complete removal through the disavow links tool, the site finds the incoming links removed. At this point, the negative SEO effects are cleared up, but the business has not been restored to its place in the rankings. To do that, the webmaster must submit a reconsideration request to Google. These requests can take as long as four weeks to process, and they might be denied.
By the time business A is restored to rankings, business B has six or more weeks of head start. Meanwhile, business A has been spending money to keep up with incoming reports. It has lost significant revenue from the penalties. Businesses of a small enough size, hit by a negative SEO attack, can easily bankrupt themselves.
Unfortunately, there’s no easy way to handle negative SEO attacks. Google needs to calculate some value for incoming links. If there’s no penalty for low quality links, spammers can use them to benefit a site. If there’s no value for incoming links, high quality backlinks become useless and the work Google does to encourage community fails.
A similar problem happened on WordPress, with trackbacks. The system they implemented notifies a webmaster of a trackback and asks them if they want it to count. This gives the webmaster control over incoming links through WordPress. Such a system would fail on the scale of the Internet at large, however. Imagine a site like Amazon, with over one billion incoming links, suddenly being required to approve them or deny them on an individual basis. Businesses would need to create entire departments just to keep up with incoming links. Such a system is unsustainable.
The bottom line is that Google does not have an effective system in place to combat the threat of negative SEO. No matter how rare these attacks may be, small businesses will live in fear of an attack ruining their reputation and their revenue. Until Google comes up with a solution to the problem, negative SEO will remain a threat.
Take a look at these five facts about negative SEO you might not have known:
When most people think of SEO, they think about irrelevant or intentionally over-optimized backlinks pointing back to the victim’s domain, which in turn, would lower the victim’s page rank via a Google penalty. It makes sense, and negative link building is by far the most common type of negative SEO. They’re easy to build because they usually require no verification of site ownership, and virtually anyone can make the attempt. They can also be difficult to remove, making them an even stronger negative strategy.
However, these types of sabotaging links aren’t the only strategy associated with negative SEO. The motivated webmaster could attempt to hack into your site in an effort to sabotage your onsite efforts. They could go the obvious route by posting spammy content, wrecking your title tags and meta data, and so on, but these are unrefined and easily noticeable tactics. It’s more likely that they would use coding tricks, like including a robots.txt file that blocks search engines from crawling your content, or eliminating your microdata structures so they can’t be deciphered by Google.
These types of sophisticated hacking assaults are much rarer than negative link building, but they are possible, and have been known to occur. You can protect yourself against this type of attack by keeping your servers up-to-date and secure.
Paranoid webmasters often assume the worst about backlinks that show up mysteriously, but not all strange links are a sign of negative SEO. There are many reasons why a link from an unfamiliar domain could turn up, and even if that domain is of a low authority, the link itself might not be hurting your authority—at least not much.
For example, there are countless sites that exist to analyze domain information, or sites that scrape the web, and it’s not uncommon to have several links from these sources. Similarly, it’s possible that a major site like yellowpages.com is linking to your site regularly—maybe even thousands of times. If you see this type of data in your Webmaster Tools account, don’t panic. Google does a great job of determining what constitutes a sitewide link, and you generally don’t have to worry about the negative repercussions of such an event. You certainly don’t have to worry about it being some kind of attack.
There’s also a chance that these unfamiliar links are ones you’ve built yourself, without remembering—have you ever paid for link building service, maybe a long time ago? Are any of your friends or employees building these links with good intentions? There are a lot of possible origins for these strange links that have nothing to do with negative SEO, so avoid making snap assumptions.
Back in 2007, Google announced that there was “nothing a competitor can do to harm your ranking or have your site removed from our index.” Shortly thereafter, they changed this statement to the slightly more open “there is almost nothing a competitor can do to harm your ranking or have your site removed from our index.” This change indicates that Google recognizes the possibility for negative SEO to exist, but also believes that such instances are incredibly rare.
Today, Google’s statement reads “Google works hard to prevent other webmasters from being able to harm your ranking or have your site removed from our index. If you’re concerned about another site linking to yours, we suggest contacting the webmaster of the site in question. Google aggregates and organizes information published on the web; we don’t control the content of these pages.” This indicates that Google understands that negative SEO is a realistic possibility, but still not something that most webmasters need to worry about. In the event that a negative link is posted or a negative SEO attack is carried out, Google can probably recognize it, making negative SEO attacks rare and effective negative SEO attacks even rarer.
In the event that you are suffering from a real negative SEO attack, there are many strategies you can use to mitigate the effects. First, if your site has been hacked and your code has been sabotaged, you can easily reverse the changes they made—as long as you have backups of your site. In order to prevent future attacks from occurring, you can change all your passwords and increase the levels of protection you use to ward off would-be attackers.
There are also many tools you can use to monitor the types of links that are pointing back to your site, such as Webmaster Tools or Open Site Explorer. You can use these immediately to determine whether any backlinks have been posted without your consent, and check them on a regular basis to scout for negative SEO and eliminate it before it takes effect. You can generally remove negative links just by asking a webmaster, but if that doesn’t work out, you can always use Google’s Disavowal Tool to request that those links be ignored.
This is critical. People often overestimate the amount of damage a handful of bad links can do; if the vast majority of your onsite content and offsite links are of high quality (especially if you are using white label SEO services), even a well-executed negative SEO attack can’t do much to hurt you. At most, you’ll lose a couple of ranks for short period of time, and in the grand scheme of things, that isn’t very significant. Lately, a lot of search marketers have warned about the dangers of negative SEO—but there aren’t many real examples of significant or irreversible damage. Keep in mind that negative SEO is real and something you should watch for, but it isn’t something that’s going to undermine or overturn an otherwise powerful strategy.
On the Internet, the threat of your website coming under attack is a constant one. You never know when you might become the target of a competitor looking to use Black Hat techniques to take you down, a hacktivist group looking to prove a point or a foreign hacking cartel trying to create chaos. No system is perfect, of course, but you can take several steps to limit the possibility of a successful hack.
The number one largest vulnerability hackers use to access a website and gain control over it is out of date software. Companies push updates for two reasons; to add features and to patch holes. If you put off updating your site, you’ll find that you’re leaving security holes open. It’s like locking the deadbolt on your front door, but leaving it open when you do. Hackers with the knowledge to exploit these security holes will find it an easy matter to do so. Apply all updates, regardless of their content; there may be hidden bug fixes that close security holes.
On that note, you should also avoid using old, unsupported software. Some companies fail and cease to support their old software. If a hacker discovers a vulnerability, the company no longer exists to create a patch. Even if the company still exists, unsupported software by definition no longer receives security updates.
All of this goes for the software on your workstation as well. It doesn’t matter if your website is secure, when a hacker with a keylogger can steal your password when you log in. Maintain active virus scanners and firewalls, keep your operating system and software up to date and only sign in through a secure connection.
If security holes are like locking an open door, weak passwords are like using a deadbolt made of paper. Take a moment to read one of the annual published lists of most common passwords. Is yours on the list? If so, change it immediately. There are a number of rules to follow to create a strong password.
There are other password tips as well; it’s a subject on which much has been written. Review articles by top security experts for more information.
Some website software, particularly WordPress, allows additional plugins and add-ons to increase functionality. One plugin you should always get is an up to date security suite. Of course, make sure any add-on your use is up to date as well.
Always be wary about the third party content you use on your site. Add-ons can be very helpful, but if they’re published by an untrusted source — or they’re several years out of date — they may be gaping security holes waiting to happen.
If you sell anything through your website, do not, under any circumstances, program your own commerce platform. There are several good commerce platforms to choose from online, all of which are designed with security in mind. Programming your own is both reinventing the wheel and opening yourself up to outside access. Use an online shopping cart suite from a trustworthy developer, process transactions in a secure manner and maximize security each step of the way.
Any data sent between the user and your website should be encrypted. This means using SSL and HTTPS for your data traffic. You want to do this for two reasons. First, in case there is any device on your network or software on your server that can monitor or access user data, the data it can access is unreadable. Second, in case your user has compromised security. You cannot control how security-conscious and updated your users are. Rather than risk data leaks from an external virus, encrypt your traffic.
When you’re updating your website, use encrypted channels as well. Regular FTP is a plaintext, easily readable format. You’ll want to use secure FTP to upload your data through an encrypted channel.
Take steps to keep your users informed about security. Let them know that there may be imitators looking to impersonate your site to steal their information, in a process called phishing. Let them know that to increase their own data security, they should maintain active virus scanners. One particularly good avenue for these basic security tips is through your e-mail newsletter. Don’t forget to add security descriptions, certificates and other information to your checkout process. The safer users feel when they use your platform, the more likely they are to return.
This goes hand in hand with using encryption to transmit data. No matter how secure your data is when you transmit it from one place to another, if that destination is plain text, hackers can simply read it without issue. Store user data in encrypted databases.
If something happens and your site is compromised, what can you do? You need to keep regular backups of your website, user data and other important information. You can store this locally, on a remote server or on the cloud. Make sure it is stored encrypted, of course. Maintaining a backup is an important part of data security.
Occasionally, a site may be infected with malware without the owner realizing. One way to learn is to search your site on Google. Google is very good about flagging a site as untrusted or malicious when there is an infection present. Make sure your site looks as it should from a search engine perspective. If you use Google Webmaster Tools, you will also receive a notification if malware is detected on your site.
No matter how good your security is, how strongly encrypted your information or how secure your passwords, it’s always possible for your site to be hacked. Don’t fall prey to overconfidence; plan for disaster. A disaster recovery plan will help you recover from a potential hacking as quickly as possible, to reassure users and to maintain your own flow of commerce. Your business can’t afford the downtime associated with lacking a disaster recovery plan.
Long ago, in the early days of SEO, it was relatively simple to game the system and entice Google into pushing your site to the top of the rankings. The algorithm was in its infancy back then, and it used simple metrics to decide how a site should be ranked. One of them was incoming links. A site with a large number of links pointed to it must be influential and useful, right? After all, other sites wouldn’t link to them if they didn’t provide something of value.
Unfortunately for Google, the value these sites provided was money. A site could pay to have hundreds or thousands of blogs link to their page. With hundreds of incoming links, Google parsed the site as popular and pushed it to the top of the rankings.
Eventually, Google caught on to this tactic and began analyzing incoming links. Links from high quality sites still provide value, but incoming links from low quality or spam sites actually penalize the linked page.
Educating yourself is the best defense against a possible negative SEO attack. Hopefully, after understanding the limits and scope of negative SEO, you’re no longer worried about the possibility of seeing all your hard work go down the drain because of one rogue webmaster’s hateful efforts. Keep up a solid link building and content marketing strategy and regularly audit your backlink profile. As long as you’re paying close attention to suspicious activity and protecting your domain with consistent best practices, you have nothing to worry about.