If you have noticed your Google rankings begin to slide recently, you may be the victim of a negative SEO attack launched by one of your competitors.
It’s one of the most harmful things a company can do for your content marketing efforts since the underlying goal is to knock you out of your position in your hard-earned organic rankings.
So what is negative SEO and how does it affect your bottom line?
Simply put, it is any malicious attack launched by someone else to destroy your domain authority intentionally.
There are a variety of ways by which this can be accomplished, but Google and other search engines invest a lot of time and resources to detect such negative attacks.
For that reason, someone who deliberately launches a malicious attack on your rankings will use up a lot of time and money to do so.
Officially, Google disavows any existence of negative SEO, stating that it is impossible to execute and that any “supposed” attacks are simply the effects of doing business online.
Unfortunately, their very statement about SEO argues that they “work hard to prevent other webmasters from being able to harm your ranking” – which implies that it is possible for others to harm your rankings.
Search rankings requires organic growth. Negative SEO presents inorganic or abnormal anomalies.
I should also mention that negative search engine optimisation tactics are not technically black hat.
Black hat techniques are primarily identified by whether or not they’re effective without regard to a search engine’s terms of service.
Also black hat techniques are generally deployed by people that own the site.
For example, a “white hat” marketer would never encourage you to buy links to increase your organic rankings because it specifically goes against Google’s TOS.
A “black hat” marketer, on the other hand, doesn’t care about the TOS; the only thing they care about is whether or not it works.
Negative search engine attacks are also technically not the work of a hacker, whose primary goal is to gain unauthorised access to your website and destroy your information.
Since the user is not gaining entry into the backend of your site – merely destroying it from the outside – negative search engine attacks are also not strictly defined as hacking either.
So what is it? In a word, malicious.
Whether or not it’s illegal is still up for debate, but if you believe you’ve been the target of an attack, it can be difficult to fight back, mainly because a user would have to be highly motivated and incredibly resourceful to launch an attack like that in the first place.
Since there’s so much miscommunication regarding what is and isn’t a negative search engine attack, here are a few of the more common ones people experience.
Google frowns heavily upon using any duplicate content, and the latest Panda update is designed, in part, to protect against hundreds or even thousands of web pages that have the same type of information spread across them.
Doing so will dilute your primary authority for that content in the first place, which is why it’s one of the most favoured attacks for people with an axe to grind.
“Scraping” content off of your site involves taking all of your resources and copying it verbatim to other sites across the internet; since Google will only pick one version of this content to rank if it believes the competitors content is the primary source, it will rank that site and devalue your own.
There are a few tools you can use to keep this from happening.
One of the best is Copyscape, which allows you to enter the URL of any content you believe has been duplicated and find the offending websites.
You can also create alerts for your content through a service like Awario, which will allow you to know when other sites link to your material.
If you find content has been duplicated, contact the webmaster and ask them to remove it. If they won’t, report them to Google using an infringement report.
If someone wants to destroy your site without launching an all-out deliberate attack on it, they may try to slow it down to where the site will be inaccessible, or Google detects that there’s something wrong with it.
While the load times are frustrating at best, the real damage is in the devaluing that Google will do to your site; if they detect that it’s operating slower than usual, they might knock you down a few pegs in the SERPs.
Slow crawling is attained by causing a heavy server load on your site that eventually crashes it all together.
If your site is operating slower than usual, regardless of the reason, you should contact your hosting company.
They should be able to help you figure out the reason for the slow down in speed. It may be the work of a malicious user, or it could be something else entirely.
Either way, you’ll want to get it fixed.
Spammy Link Farms
Originally, link farms were designed to actually increase the ranking of a specific site by organising a bunch of high-profile sites together and then offering high-quality links to other people’s sites from their collective authority.
This network is called a private blog network, or PBN for short.
Eventually, Google discovered how effective link farms could be and actively took steps to stop them.
If Google detects that you have received a backlink to a so-called link farm, they will automatically assume that you’re involved in an ethically ambiguous plan to increase your search rankings outside the proper channels. This will be the case whether the backlink is by you or from someone else.
As a consequence, your site will be penalised in the process.
To attack your site, users may then submit your info to several PBN’s that they know of to try and penalise your site, knocking your SERP down several pages overnight.
It’s happened before: WP Bacon, a well-known and established website, fell 50 spots for some of their primary target keywords before they realised what was happening.
They were able to recover, but not without some hard work and a little patience.
How do you keep something like this from happening?
The easiest way is by monitoring your link progress through an app like SEO Spyglass, which detects how many backlinks you’re receiving and where you’re receiving them from.
If you recognise an unusual spike at a time when you’re not actively recruiting backlinks, they may be the result of a link farm attack.
Depending on the application, you should be able to go in and disavow the entire domain manually, but the specific instructions on how to do that will vary from site to site.
Negative Review Blitz
If you’re into local search engine optimisation, you will want to pay attention to this one.
As you most likely know, local search engine optimisation is key for developing a strong geographic ranking for your main keywords and one of the most critical factors in that ranking are your reviews.
If people have left a lot of good ones, it will only help your business, but if you receive several bad ones in a row, Google will penalise your rankings accordingly.
Negative review blitzes happen when one person or a group of your competitors bombard your reviews with one-star or negative reviews, saying things like “awful service” or “would never return here” in the process. Since it’s so easy to do something like this, negative review blitzes are usually the first form of attack from your competitors.
To fix it, go directly to Google maps and identify your business from a list of search results.
Navigate over to review summary and search through the individual reviews until you find the ones that are questionable and flag them.
Be sure you’re choosing to flag spammy reviews and not just reviews you disagree with, or else Google won’t consider taking them down, believing you to be hiding the truth about your business instead.
While the previous four negative search engine attacks are the result of off-page search engine optimisation, there are many different ways that competitors can affect your on-page content too.
Contrarily to off-page, someone who is engaged in this type of manipulation can be regarded as a hacker, since this involves going into the backend of your site and manipulating the HTML, among other things.
Indexing your site is one of the most important things you can do to help your website’s rankings, which means that de-indexing your website can be one of the most destructive.
The technique is straightforward to implement as well.
All a hacker needs to do is go into the robots.txt part of your website and put a “Disallow:/” in front of your domains, de-indexing their site and causing your site to plummet in the process.
By monitoring your rankings regularly, you will be able to tell when you lose authority for some of your primary keywords. If you notice a sudden drop, there’s usually a reason for it, so investigate quickly.
If you’ve got a site that enjoys a hefty amount of domain authority, one of the things a user may choose to do is redirect your website to either their own or a malicious site that Google deems as unsavoury.
Whether the goal is to increase their rankings or decrease yours, the response from Google is the same: a swift and immediate penalty.
Be sure to audit your website regularly to monitor any changes that may have been made to your site, including any potential redirects.
You’ll want to do this often to uncover them before Google does, or else you could see a hit that will be hard to recover from.
Altering your content is one of the most intrusive and destructive ways a user can nuke your website, and it is usually one of the hardest to catch as well.
Contrary to popular belief, changing the content on your site is not the same as merely altering a few words here and there; typically, a user will replace your existing links with spammy ones, so that you’ll be unable to tell the difference unless you go word by word through your site.
Again, the key tactic in limiting the effect of a user who is trying to alter your content is to audit the site regularly. By doing so, you’ll be able to tell a lot faster if someone has been wreaking havoc with your domain and be able to fix it before Google notices.
Beyond these seven on-page and off-page search engine optimisation attack tactics, there is always the possibility that someone may, in fact, choose to hack your site for no specific reason.
It’s not incredibly common, but when it does happen, the user may attempt to link your site to a malware-rich spam site or post a “This site may be hacked” warning note to your metadata.
If that’s the case, the chances of a random user clicking on your site are next to nothing and will result in your SERP plummeting.
If you feel like your site has been hacked, there are more far-ranging repercussions than your rankings taking a nose dive.
Your personal and financial information could also be at risk – not to mention your reputation – so it’s important to take steps to beef up your website’s security.
My Site Has Been Compromised By Negative SEO. What Do I Do Now?
Once you’ve gotten over the initial panic at noticing your SERPs begin to go down, the first thing you have to do is determine whether or not the change is the result of an external force or your own actions, whether intentional or otherwise.
If you’ve gone through your site’s history and can’t make out what’s causing the change, the next step is to do a full audit over your site and check to see how the search engines treat it.
Negative SEO recovery Checklist
- Check Both Bing and Google. Go to both search engines and type in site:domain.tld (replace domain.tld with your actual domain) and see what each engine returns your site (use both search engines since Bing and Google have different algorithms). Look over the listings – which are ranked in order of importance – and see if any pages are missing, specifically high-ranking pages being demoted or even pages that appear that you’ve never seen before.
- Parse Your Raw Weblogs. This method is a little bit harder to achieve in light of the General Data Protection Regulation that went into effect in May of 2018, but it’s important to try and find what IPs are recorded on your site. Look for similar (but suspicious) IP access, scrapers, and certain server response issues that are affecting your site. This process may take a while, but the information you will uncover should be gold.
- Examine Your Google Analytics. The raw data you get back about your site visits can be a good indicator of your site’s performance as well as what type of interactions your readers are having. Among the things to check when examining for nefarious intruders are your bounce rate, loading speed, referral traffic, session duration, and landing pages. If you see anomalies in those areas, something is off.
- Read Your Google Search Console (GSC). If Google notices a change to your site, they will usually let you know, so check to see if there’s any correspondence. Check to see what links are being blocked, crawl errors, and whether or not any manual actions need to take place. For Bing, head over to their webmaster tools and look for site activity and inbound links. It should tell you what links and analytics have changed recently.
- Check Your Links. Monitor the activity for your organic keyword rankings, verify any backlinks and fix the broken ones (while looking for backlinks that have been removed for some reason), and check your outgoing links as well. If a hacker has changed your links to redirect to spam, that will be one of the first signs something is wrong.
- Verify Content is Unique. A favourite attack of most people on search engine ranking is to copy content and paste it across various sites, hoping to reduce your site’s authority. Use Copyscape to crawl your site and check it against any other sites or even your own. Don’t forget to double-check your site’s loading speed, indexation status, and on-page technical factors.
Although an attack by a competitor (or disgruntled associate) is not incredibly common, it can still be devastating to both your reputation and your business.
However, don’t automatically assume that any change in rankings is the result of a deliberate attack; check your own actions to see if there are any explanations first.
Once you’ve discovered that foul play has been intentional, react swiftly and thoroughly to restore your systems to usual operational status.