SEO negative attack? 12-step guide to help you reverse the damage.

Authors

Scroll Down

A brief overview of negative SEO attacks: Yes, negative SEO is a real thing that can affect your website. Is negative SEO illegal? Although black hat negative SEO is not illegal, it’s shady, underhanded, and outright despicable. before To better understand the concepts discussed in this article, it is recommended that you have a basic understanding of SEO (Search Engine Optimization) and  SEO vs PPC (Pay-Per-Click) advertising.

What is a negative SEO attack?

There is a whole cottage industry built around taking your online competitors down. These days you don’t have to launch the attack yourself. You can just hire a black hat from fivverr.com to do it for you. Unfortunately, many people drift into these tactics and launch negative SEO attacks on one another. The internet is a competition for visibility; not everyone likes to play by the rules. OWDT can help protect your business from negative SEO attack services done by others.

Importance of protecting your website from negative SEO

A negative SEO attack can be very damaging. If a new website is launched and it doesn’t really have any history or other credible backlinks, a negative SEO campaign can completely wipe a new website off the map getting completely de-indexed by Google. Wherein a website that has been around for a while will be able to withstand the attack and weather the storm.

Signs of a negative SEO attack

You may notice things like a drop in your ranking on the search engine results page (SERP), a drop in traffic, or possibly an increase in traffic from less-than-reputable sources… My guess is if you are reading this, you already know you know your website has been hit, and you are ready to do something about it. So what can you do?

There is not one negative SEO checker, but this is my quick, step-by-step guide to diagnosing and countering spam attacks. Again this is a quick, easy-to-use guide to detecting spam, getting rid of it fast, and fixing your website. For this, I just focus on Google (sorry, Bing), and I mostly focus on SEO and not how to technically find the hack within the website. This is an action plan from an SEO perspective showing you how to keep your business safe online.

Here are the tools I will be using in these examples and what you should consider getting access to in order to counter a negative SEO attack

  • Google Search Console (Webmaster Tools) (1)
  • Google Analytics (2)
  • Ahrefs (3)

First, you must determine how your website has been hit before launching a full SEO recovery plan. To answer this question… what tipped you off? There are many types of negative SEO techniques.

  • Have they sent a bunch of spammy forum comments to your web page?
  • Have they infiltrated your site and built pages or subdomains of your main domain?
  • Perhaps they hijacked your comments section and sent links to weird?

Take Action

Learn more about our SEO services and options available to you, or contact our specialists to discuss how we can realize your vision.

Here is a 12-step guide on how to protect your website from negative SEO attacks

1. Check manual actions

Log into the Google search console and check to see if they have hit you with any manual actions. This will help confirm exactly what the attack was. In this case, the action was ‘Unnatural links to your website.’ If you see a penalty, diagnosing the issue will make it easier.

  • Unnatural links to your website penalty
  • Unnatural links from your website penalty
  • User-generated spam penalty
  • Hacked website penalty
  • Pure spam penalty
  • Spammy structured markup penalty
  • Hidden text or keyword stuffing penalty
  • Thin content with low or no added value penalty
  • Cloaking or sneaky redirects penalty
  • Spammy-free host penalty

If you don’t see a manual action, that doesn’t mean you haven’t been hacked (it just means Google hasn’t officially caught it yet with a manual penalty)

2. Monitor Google Analytics

This is where you may be tipped off that something is wrong. Keep a lookout for any abnormal spikes in traffic. As you can see here, we were hit around September, which drove our traffic up in Google Analytics.

google analytics

Audience overview in Google Analytics showing SPAM increase

3. Check security issues

Move down in the search console and check the security issues. If you see something here, again, that is a good sign because it means Google has caught something and is notifying you. From here, it is easy to follow up on what actions to take because Google will help lead you into the process.

If you don’t see any notification in the security issues tab, again, that doesn’t mean you haven’t been hacked or that your site isn’t compromised… it just means Google hasn’t caught it yet. So let’s move on to the next steps, do some detective work, and find the spam.

4. Check backlinks

backlinks

The question… who is linking to my website? What is SPAM, and what isn’t?

Use Ahrefs to view your backlink profile. It is a great tool for seeing what domains are linking to your website and what pages on your website are getting the most links sent to them. This is a great tool for identifying spam and backlink cleanup. Keep this in mind as you view the next couple of screenshots.

You should be able to use the free trial. Set up an account and log in. Once you are in, enter your website domain and see the main timeline.

Pro-tip #1 – Use Ahrefs alerts & disavow the feature

You can use Ahref backlinks alerts to get notified about any unwanted backlinks. Always track your new backlinks. The referring domains graph in the Ahref tool is very helpful in detecting any sudden changes in your backlinks. So that you can always fix it on time before it can affect your site ranking. Ahref recently launched a new feature to its wide features, “Disavow links.” It’s a bit costly but worth trying if you can fit it into your budget.

Watch this video to learn more about how the Ahref Disavow link works. Read more about how to disavow spammy links at the Loud Techie blog.

Alok Rana, Founder – Loud Techie

Pro-tip #2 – Use a backlink monitoring tool

Setting up a backlink monitoring tool is a must if you are trying to prevent negative SEO or spam from affecting your site. After all, you can’t stop what you can’t see. Currently, there is no tool in the market that can prevent bad links from being built to your site. But by effectively monitoring the links being built to your online properties, you can stop and actively deal with attacks as they happen, which can help significantly reduce the damage caused by those types of negative links.

Ramon Khan, Online Marketing Director – National Air Warehouse

Pro-tip #3 – Linkody can be a good option to monitor backlinks

Several tools can help prevent a harmful attack and send you timely updates once suspicious activity has been spotted. One of them is Linkody. This tool helps you to monitor all your backlinks and their metrics and sends you daily or weekly updates of your link profile.

Once you start monitoring your backlinks, pay attention to these backlink metrics:

  • Backlinks from websites with high Spam Scores – 17/17 is the highest, 0/17 is the lowest and safest score. Everything above seven should be Disavowed.
  • Check for a lot of links with unrelated Anchor Texts, low Domain Authority scores, and links from unrelated industries and/or foreign languages.
  • Check for hidden links – those are links that use anchor text as a “white” text or ”    ” a lot of spaces.

These are the basics of making sure you have a healthy link profile.

Once you have spotted the harmful links, Linkody has a “one-click” Disavowal option that you should definitely use if you spot “red flags” in your link profile.

Helvis Smoteks, Marketing Specialist at Linkody

5. Be aware of any large spikes in traffic.

In September 2016, we were hit with a negative SEO campaign. You can see from the screenshots above that there was an abrupt jump in traffic in September-December. No matter what tool you use, you need to monitor your website for any unusual spikes in traffic. There are many tools you can choose from that our experts recommend.

Pro-tip #4 – Sign up for Google webmaster alerts

Spammers and negative backlinks can hamper your SEO efforts. Keep on top of both negative and positive backlinks by signing up for email alerts in Google Webmaster Tools. You can track your backlinks profile and get email alerts automatically. Be mindful of tracking your top backlinks to make sure that you aren’t accidentally creating negative SEO by linking from low-quality sites. If you feel you have been hit with an attack, contact the negative sites’ webmaster or the hosting provider to remove the link to your site.

Mark Tadman, Top Template Engineer at NinjaCat

Thank you, Mark. Next, we’ll drill down into these graphs to see what this odd traffic is all about.

6. Check the anchor text of your backlinks

Ahrefs is a great tool that will reveal who is linking to you and what anchor text they use. This is useful in finding a potential motive for the attack. In this case, there seem to be pills and pharmaceutical spam. When you get to this page and have a list. In this case, they are sending traffic to a bunch of fake directory links.

Pro-tip #5 – Filter your backlinks

Using backlink services such as Majestic or Ahrefs, filter the backlinks based on Anchor text (if a known anchor text is associated with the negative SEO), or filter the backlinks based on link quality (both Majestic and Ahrefs use different quality scores so you would need to come up with a threshold for each) then use Google Search Console Disavow tool (4)  to tell Google that these are spammy backlinks to your site.

-Tony Hsieh, SEO Specialist at Digital Ready Marketing

Go to the bottom left of the page and export these links. (This will come in handy later)

Ahrefs tool is great for finding spammy anchor text backlinks

7. Check 404 crawl error page backlinks

404While you are already in detective mode, open up your crawl errors window to see if there are any irregularities.

You want to look and see if any of these pages are taking on any strange external links. I don’t believe there is a negative impact on the Google results page from spam links to your already 404’d pages but what you want to do is add any weird external links that you find as you go through your pages to the spreadsheet that you have already created from the Ahrefs exported CSV. Make a list of any pages that have weird links built into them.

Check the Google Search Console 404 ‘linked from’ tab for more detail.

8. Disavow bad backlinks

Now it’s time for action. So how do I remove bad backlinks?

First, format that spreadsheet of weird links you compiled from Ahrefs and your 404 crawl errors into a Txt file. Remember to strip out all the extra sub-domains and directories from the URL and just list out the main domain. You can put a comment at the top of the file as well.

Example disavow file:

# I tried to get these spammers off my page, but they insist on sending me bad backlinks

Example.com
Spammers.org
Badbacklinks.com

That’s it! Just open the disavow tool and upload your file. Now it is out of your hands, and you have done all you can do at this point to remove bad backlinks pointing to your website.

Pro-tip #6 – Automation: streamlining the disavow process

Suppose someone uses a spam creation tool like GSA Ser to assault you with thousands of bad links. Of course, doing Disavow manually can be pretty painful. A better use of your time is going to be to create a Standard Operating Procedure for link removal. Once you get this systemized and super simple to follow, hire out a VA for a couple of hundred dollars to go and do it for you while you focus on continuing to grow your business and serve your customers.

-Greg Elfrink, Content Manager – Empire Flippers

Pro-tip #7 – Have faith in Google’s Penguin 4.0 algorithm update

I believemost attempts at negative SEO via link building will fail. It took Google a really long time to come out with its new version of the Penguin algorithm in late 2016. I think that one of the reasons why it took so long for them to do this is because they were working hard to produce an algorithm that would not reward spammy link building but, rather, would just ignore those links so that innocent sites would not get hurt. I think that prior to the release of Penguin 4.0, the ability for someone to effectively get a site demoted by building spammy links was small. After Penguin 4.0, it’s even harder to accomplish this.

In most cases, if a site owner contacts me because they suddenly notice an influx of spammy links to their site, I advise them to keep an eye on traffic and do nothing. This is even true if you are seeing ultra-spammy porn and pharmacy links. I really do feel that Google is good at ignoring these.

However, this is not a popular opinion. Usually, when I say that I feel that negative SEO via links is close to impossible, I’ll have blackhats argue with me and tell me how they were able to take a site down by pointing bad links at it. However, I’ve yet to see a case where I felt that negative SEO had worked.

I think there is no harm in using Google’s disavow tool to ask them not to count these links. However, I also think that time could be better spent working on other things.

-Marie Haynes, Owner – Marie Haynes Consulting Inc.
(You can find more insights from Marie in her SEO newsletter)

9. Report webspam in Google

Now it is time to double down on your efforts. The defense doesn’t end with just simply disavowing bad backlinks. Now it’s time to report those domains to Google for spamming. This may take some time upfront, but this should help Google take action quickly if you also take this step to report the offending websites.

Try to be as specific as possible when submitting a SPAM Report. You will have several options to choose from.

Excellent!

We have neutralized the external websites that are pointing to our site. Now, what about our website itself? It is time to take the fight to internal pages that have been compromised.

10. How to identify compromised internal SPAM pages

Now Let’s look in the mirror (at our website) and begin the process of cleaning the house of any junk spam that could be living there. So let’s take a look at our website and see if any of our internal pages are compromised.

Pro-tip #8 – Response to getting spammed with fake parameters

Protecting yourself from fake parameters
This negative SEO technique is used when attackers use fake parameters pointing to URLs on your site. For example, they can create irrelevant keywords as parameters, such as “marijuana.” These instances would prompt Google Panda to penalize your site and hurt your site’s credibility, relevance, and search rankings.

How to protect yourself?
The best way to protect yourself is to prevent this instance from happening. You can do this by using a canonical URL to specify a preferred version of your web page. A canonical URL points search engines to the preferred URL and, therefore, will be ranked that way by Google. This ensures that no other URL versions will be indexed and ranked. Another way to prevent this attack is to configure your server to “no index” unknown parameters.

Blake Hooser, CEO – Ilfusion Creative

Pro-tip #9 – WordPress hacking defense checklist 101

wordpress

SQL injection or FTP brute-forcing is the most common way of hacking websites, especially WordPress websites. Since most of the developers use standard folder & file structures, database layouts & names, and FTP ports, as well as easy-to-hack passwords, one of the easiest solutions for preventing spam-generating websites hacks is to:

  1. Use long, secure passwords;
  2. Rename/change standard admin folders or paths;
  3. Rename/change standards database table names and layouts;
  4. Change FTP access port;
  5. Limit access to FTP to known hosts/computers.

Dmitrii Kustov, Founder – Regexseo

Pro-tip #10 – Watch out for email SPAM & plagiarism

Unfortunately, it can be fairly difficult to identify if your website has fallen victim to a malicious negative SEO attack if you don’t know what to look for. There are, however, a few actions you can take in order to increase your chances of avoiding a negative SEO attack.

When looking to avoid negative SEO, you should first analyze your search traffic (via Google Analytics and Google Search Console). By constantly being up to date with your traffic data, you can pinpoint the time if something goes wrong (i.e., a sudden drop in your traffic).

Another action you can take is to check all the content on your website for plagiarism. If you have really amazing and engaging content, someone else might want it for their own website. Sometimes other websites will simply just copy and paste entire pieces of content. If you find another website has copied your content, make sure you report them to Google.

Also, it is important to check from time to time if someone uses an email spam campaign with your email address (or something very similar). This doesn’t happen very often, but it is still important to check as this can see you receive a penalty from Google as well as doing untold damage to your business’s reputation.

Lucas Bikowski, CEO – SEO Shark

Remember the step in Ahrefs where we compiled a list of anchor text and bad, spammy domains? Now we will do internal searches to see if any of these terms can be seen within the site itself. We will do this by using a series of Google operators.

First, let’s use the search operator “site:” on our example website to see if any spam is indexing.

Search operator example: site:example.com (put “site:example.com” in the Google search engine to see if any spam is indexed. Go through all of the indexed pages by Google to see if there is any spam.

See what we find in our example:

This is bad. Why would a physical therapy office in Auburndale be indexing Chinese language pages in Google? The answer? This website has been hacked, and these pages need to be removed. We’ll cover that in the last step.

Want to be double or even triple sure you got everything? Do a Google site search in Google using the spam terms that you were able to pick out in your earlier Ahrefs spreadsheet you put together. For instance…

Try using a Google operator along with a spam term, like so:

Site:example.com escorts
And let’s see what we find…

Detect spam on your website with Google search operators

Let’s click through the specific page to see where the hack occurred.

Comment section SPAM showing those classic spammy backlinks.

In this case, the hackers took over the comments section and posted many spammy links to escort services in India! Yikes – not what we are about at all. These are pure spam backlinks. So the next question is… How do we remove this kind of junk from the Google index?

11. Google URL removal tool (Spam Removal Tool)

To remove content permanently, you must remove or update the source page. That means you need to log into your CMS or FTP and remove these pages manually so that they return a 404 error or a 410.

Once this is the case, you can have a better chance that these pages will be removed using the temporary removal tool. After you have deleted the page, put the link into the removal tool.

This is a manual process that may take a while, but it is the only way to remove these bad pages from the search engine. Once complete, this process will remove negative search engine results.

Pro-tip #11 – Be aware of your brand with Google Alerts

Competition is common in every industry, and blogging/SEO is not an exception, but not everyone follows the same ethics.

Negative SEO is a shame, and I wish people should stop doing it. Frankly, taking the time to fix it can be a handful once you’re a victim. The good news is that Google is getting smarter every day and can ignore negative SEO. From your side, you should keep track of any newly created backlinks and brand mentions. If you find any suspicious in your backlink profile, immediately make a list of spammy backlinks and Disavow them using Google webmaster tools.

I recommend webmaster tools to keep track of backlinks, and if you can afford some money, consider Ahrefs too. Further, Google Alerts is a service that generates a SERP based on the criteria you provide – which sends this data right to your email. This service is used for many reasons, such as monitoring your company’s web brand mentions, keywords, and competition. It will show you the list of newly generated links to your site, along with anchor texts. So you are able to discern whether they are normal links or just SPAM. Also, you can create an alert in Google Alerts to find which website is talking about your site.

-Amar Ilindra, CEO – Geek Dashboard

12. Reconsideration request

Once your website has been fully cleaned, all spam is disavowed and removed. Now it is time to go back to Google and get back into their good graces. Suppose a manual action or security alert had been set off during this procedure. After you have made the proper adjustments in this action plan, send Google a ‘reconsideration request’. This means you are notifying Google that you have taken action against the offending action and that the problem no longer exists.

Moeugene from Webcarpenter adds, “When submitting a reconsideration request, It is highly recommended to provide a detailed explanation and well-documented report on what you changed and why. This will help Googlers conduct their investigation effectively and possibly reduce the processing time for the reconsideration request (which usually takes weeks). For example, if your website got hit by a spam link, include the link (ensure that it is accessible), post date, anchor texts, and every other information that will assist Googlers in their investigation.” Once you submit this request, Google will crawl your website and send you a notification that your site is clear. You should see your rankings improve in turn over the next few weeks.

Once you submit this request, Google will crawl your website and send you a notification that your site is clear. You should see your rankings improve in turn over the next few weeks.

From there, use an anchor text percentage monitoring tool like Linkio to get a jump on anyone trying to spam your website again. Otherwise, you can have an SEO agency handle your Google reconsideration requests for you.

-Moeugene, Founder – Webcarpenter

Take Action

Learn more about our marketing services and options available to you, or contact our specialists to discuss how we can realize your vision.

Final thoughts on spamming and black hat SEO

Spammers and Hackers aren’t going anywhere. As we move into the future, we can expect this sort of activity to continue and adapt to anti-spam techniques. Google is an online real estate, and businesses will do what it takes to gain visibility from potential customers. The better real estate you have and the more properties you own on the SERPs, the more traffic and, ultimately, the business you can build. As long as there is competition for placement at the top, competitors will do whatever it takes to get an edge.

If you are a large corporation or have a lot of capital, negative SEO may not affect you so much. On the other hand, if you are a new business trying to be competitive, an expertly crafted negative SEO campaign can completely torpedo your business to the point your website gets flagged and removed from Google to the point you need to start over with a new domain completely. If this process is too involved, it is sometimes best to have an SEO company do this to make life easier.

Don’t let that happen to you. A negative SEO attack can destroy your business.

The best solution to thwart hackers and spammers is to remain vigilant, monitor your backlinks and traffic, and be aware of your website. Always be on the lookout to defend against negative SEO! If you see anything weird happening to your website, dive right in, follow this quick guide, and protect your website.

We at OWDT (web design Houston Company) take SEO (positive and negative) very seriously. Our team of marketing experts and network engineers can help your company maintain a strong online presence to minimize the effects of an attack. Or we can help restore your raking and reputation if you have already been victimized.


Sources

[1] https://search.google.com/search-console/about
[2] https://analytics.google.com/analytics/web/
[3] https://ahrefs.com/
[4] https://support.google.com/webmasters/answer/2648487?hl=en.