Negative SEO: Detect, Protect & Recover From Attacks

Updated: October 5, 2021

Any digital marketer can tell you that one of the best ways to draw attention to your website is to make sure it’s optimized for search engines.

But as more websites come online, SEO is getting more complicated and it’s not as easy as it used to be to rank number 1 on Google.

While some people are putting in the work to get to number 1 the right way, some are resorting to attacking their competitors with something called negative SEO.

What is negative SEO? And how can you protect your website from it? Let’s talk about it.

What Is Negative SEO?

Let’s start by answering the obvious question: what is negative SEO?

It’s the practice of using black hat SEO tactics on a competitor’s website.

Those last four words are very important. People who practice negative SEO don’t do so to boost their own rankings. Instead, they try to demote sites that rank above theirs. These attacks are designed to hurt the other site’s credibility and ruin their high ranking

If you’ve got a website that ranks on Page 1 of the search results, it could be a candidate for negative SEO. That’s why you’ve got to watch for the signs.

How Does Negative SEO Work?

Negative SEO works by attacking your website’s credibility and search engine ranking to the point where your site is either removed or buried so far down the search page that no one can find it.

If people can’t find your site, they won’t visit it, right? This will boost the chances that they will visit your competitor’s site instead.

There are a few things that spammers can do when they launch a negative SEO attack, including:

• Link spamming
• Duplicating your content
• Hacking your website
• Using unrelated, and spammy, keywords in anchor text to target your website
• Creaking fake social media accounts that pretend to be you or your business
• Deleting the quality backlinks your website already has

The most popular way you could be attacked is through the use of link spam — when low-quality spam links will attach themselves to your site’s backlink profile. These bad links could lead your visitors to a malicious website or help those sites put malware on a user’s computer.

When this happens, it’s a big red flag to Google that your site is not producing high-quality content and it can’t be trusted.

If you are on the first search results page, you’re probably a prime target.

Luckily, there are ways that you can protect your site and keep yourself on that popular first search results page.

How To Detect Negative SEO Attacks In Linking

Links From Websites With a Penalty

One of the signs that your website might be subject to negative SEO is that it has backlinks from a site with a penalty.

Google often penalizes sites that violate its guidelines. Sometimes, black-hatters who’ve seen their sites get penalized just use them for negative SEO. That way, they still have some value.

That’s why you should check your backlink profile regularly. Use a tool like Majestic or Ahrefs to see if you’ve got backlinks from dubious sites.

If you find some bad backlinks, use the Disavow Tool to effectively tell Google that you don’t want those links to “count” for page rank.

It’s always best to try to get the links removed, though.

Links from PBNs

Another way to tell if your site is the target of negative SEO is that it receives an unusual number of backlinks from a private blog network (PBN).

What is a PBN? It’s a blog network that exists solely for the purpose of creating backlinks for websites. It’s really just a link farm.

You can tell if a backlink pointing to your site comes from a PBN because the article that contains the backlink is usually poorly written. In fact, it might be “spun.”

A spun article is content that’s rewritten by software instead of by a human being. As a result, the final product often looks like it was produced by someone who barely speaks English.

In fact, negative SEO gurus want to use spun content with a link to your site because that’s even more of a red flag that you’re the one who’s doing the cheating.

If you see backlinks from PBNs, use the Disavow Tool to tell Google you don’t want to have anything to do with them.

Over-optimized Keyword in the Anchor Text

Google doesn’t like it when every backlink pointing to your site uses an anchor text that just so happens to be the keyword you’re trying to rank for.

Blackhat SEOs know that, so they’ll intentionally point backlinks to your site with anchor text that’s filled with your keywords.

If you spot backlinks with over-optimized anchor text, it’s a good idea to make use of that Disavow Tool.

Remember, though: nothing beats getting rid of the links completely. If you can do so, reach out to the webmasters to have the links removed.

Links From Profiles and Forums

It’s not a bad idea to have some links from profiles and forums. However, if you have too many, you could lose rank.

Back in the day, SEOs (of the white hat and black hat variety) loved profiles and forums. That’s because they offered free link juice.

Nowadays, though, they’re considered more of a black hat tactic.

Also, lots of those sites now use nofollow linking policies. So even if you go that route, you might not get the SEO benefits that you expected.

If you see that you’re getting backlinks from URLs like forum.joomla.org, forums.cnet.org, and forums.mysql.com, then your site is probably the target of negative SEO.

Also, if you notice backlinks from sites like Digg, Flickr, Technorati, Bumpzee, and LinkaGoGo, you should disavow them.

Global Links From Large Websites

One warning sign to Google that a website is using black hat SEO is that it has lots of backlinks from foreign sites. That’s especially true if those links come from large websites.

Check your backlink profile for inexplicable links from large foreign sites. If you find them, take corrective action.

Off-Topic Links

Another way that some sneaky competitor might be trying to take away your rank is by publishing off-topic links to your site.

If Google sees that a link to one of your pages is part of an article that has nothing to do with the contents of that page, that will be a red flag. Bad boys in digital marketing are fully aware of that.

Keep an eye on your backlink profile for non-contextual backlinks.

Widgets With Keyword-Rich Links

Black hat SEOs love links on the home page. That’s why they used to create widgets and put keyword-rich links in them.

Widgets are usually “sticky.” That is, they appear on every page, including the home page.

In this day and age, though, widgets stuffed with outbound links are clearly an attempt to manipulate the search results. Google is well aware of the practice.

That’s why your enemies will sometimes create widgets with keyword-rich links to your site. They’re hoping you’ll get penalized.

Links From a Hacked Website

Yet another favorite tactic of the black hat brigade is that they’ll hack a website and publish a blog post with a link to one of their sites. Google will often notify the webmasters of the hacked sites when that happens.

Sometimes, though, websites run on “autopilot.” The webmasters have moved on to better things but left their websites up so that they’re susceptible to hacking.

Bad guys flock to those sites like flies to garbage.

If you notice that you have backlinks from a site that also has links pointing to movie sites or weight loss solutions, you’d better get those cleaned up.

Links With Red-Flag Keywords

There are some keywords that are frequently used by unethical marketers. They include words like “payday loan,” “viagra,” and “cialis.”

If you’ve got backlinks with some of those words in the anchor text, you’re on the receiving end of a negative SEO attack.

Malware

Sometimes, black hat practitioners will go straight to your site and infect it with malware. When that happens, you can expect your rank to suffer.

Of course, the best way to combat that is to do everything you can to ensure that it never happens. This is where an ounce of prevention is worth a pound of cure.

Make sure your WordPress site is secure. Don’t give hackers any opportunities to ruin your reputation.

Hacked Google Search Console

Another way that you might find yourself on the receiving end of negative SEO is when your competitor hacks into your Google Search Console account and removes your website.

Do yourself a favor: don’t use obvious passwords and change them regularly. Limit the possibility that somebody can get into your account.

Incorrect Location

Sometimes, the black hat folks get really sneaky.

Even if they manage to get access to your Google Search Console account, they won’t delete your website. That would be too obvious.

What they will do, though, is change the country associated with your site. They can do that with the International Targeting option under Search Traffic.

On the International Targeting page, they can just click on the Country tab and set your website to target users in another country.

That’s really evil because you might not even know that it happened.

Be sure to check that page regularly. If you find that your target country has changed, update your password.

Incorrect URL Parameters

Another not-so-noticeable way of messing with your rank is by updating your URL parameters in the Google Search Console.

You might use those parameters for SEO-specific detail. For example, a “country” parameter might be used to serve region-specific pages.

If black hat marketers gains access to your Search Console attack, they might update your URL parameters intentionally to completely mess up the site. That certainly won’t help with SEO.

Deleted Disavow File

How else can the bad guys mess with your Google Search Console account? They can delete your disavow file.

As we’ve seen, you should use your disavow file to distance your site from shady backlinks.

You can be sure that if unscrupulous competitors gain access to your Search Console account, they’ll go in there and remove your disavow file. When that happens, all of those bad links will likely jeopardize your rank.

Remember to check your disavow file regularly to make sure it’s still there.

Redirected Bad Domain

The black hatters don’t just use penalized sites for backlinks. Sometimes, they’ll redirect them to a competitor site.

What happens then? Some of the penalties associated with the bad domain are forwarded to the competitor’s site.

Check your analytics to see if people are getting to your site via a redirected penalized domain. You don’t want to get punished for somebody else’s mistakes.

Bad Rel Canonical

Another way that black hatters use their penalized sites: they point rel canonical links to a competitor’s site.

The rel canonical tag is designed to reduce duplicate content in Google’s search index. Webmasters who include the tag on their page are basically pointing to another page and saying “this other page is the original source of information.”

Google picks up on the relationship between the two pages. That’s a good thing if you’re trying to eliminate duplicate content. But it’s a bad thing if you’re on the receiving end of a rel canonical tag from a penalized site.

Why? Because your site will be associated with the penalty.

Hacked Robots.txt

It goes without saying that if you’re into SEO, then you want your site to get indexed. Unfortunately, some of your competitors don’t want your site to get indexed.

To that end, they might hack into your site and mess with your robots.txt file. Take a look in that file for something like this:

User-agent: *
Disallow: /

That’s telling all robots (including the Googlebot) that they’re not allowed to crawl your site. That means the pages on your site won’t be indexed.

Be sure to check your robots.txt file every now and then for signs of tampering.

Meta Noindex Tag

Another way that black hatters can mess with your rank is by hacking into your site and adding a meta noindex tag to all your pages.

It looks like this:

<meta name=”robots” content=”noindex”>

If you see that, the page won’t be indexed.

Again, that is contrary to your SEO efforts. Remove the tag and harden your site so hackers can’t get into it.

Fake Traffic

Sometimes, unethical competitors will create fake search traffic that looks for something negative about your company.

For example: if your company is XYZ, the fake traffic will search for “XYZ class action lawsuit.” That might trigger an autocomplete for “XYZ class action lawsuit” when people just type in “XYZ” in the search bar.

Also, sometimes the black hatters will create and optimize a web page for that very search term. They’ll fill it with fake news about how your company is currently the target of a class action lawsuit.

Scam Trick

Another well-known tactic that reputation managers have to deal with regularly is when a competitor creates a web page with a title that includes your company name followed by “scam.”

Again, that could trigger an autocomplete that leads people to think that your business as a scam. It’s a nasty piece of work.

Reach out to webmasters who are hosting pages with false statements about your business and insist that they remove the fake news. Get your lawyer involved if necessary.

Spammy Pages

Another trick that a black hatter might pull on you is to hack into your site and fill it up with spammy pages. Those pages will be filled with garbled or duplicate content.

When that happens, Google will red-flag your site for sure. Make sure you stay on top of your content and be on the lookout for spam.

Copied Content

Finally, sometimes unethical competitors will try to sabotage your rank by duplicating your content and spamming it all over cyberspace. That tactic could earn you a duplicate content penalty.

Watch out for duplicate content from your own site. Whenever possible, reach out to webmasters and ask them to take it down.

How To Protect Your Website From Negative SEO: 6 Actionable Steps

In order to protect yourself from a negative SEO attack, you’ll need to be proactive. The following actions will keep you notified of any changes in your online presence.

1. Use Google Webmaster to Set Up Email Alerts

You’ll want to know when you have server connectivity problems, your pages are not being indexed, your website is being attacked by malware, or you get a manual penalty from Google. When instructed, Google Webmaster will send you an email whenever one of those four things is happening.

2. Stay on Top of Your Backlinks Profile

Backlinks are so important to building and maintaining a good, quality website. But it’s also important to make sure that your backlinks are quality ones. Check your backlink profile every day to stay on top of when you’re gaining or losing quality backlinks. A huge surge in bad backlinks is a good sign that you’re under a negative SEO attack.

3. Secure Your Site

No one wants the headache that comes with a hacked website! When setting up your site, use 2-step verifications and Google Authenticator whenever possible. Using strong passwords that are a mix of numbers, letters, and special characters will also help keep your site secure. If you store or upload user files, install antivirus software to combat malware.

4. Check the Web for Duplicate Content

It is very common for spammers to simply duplicate your content. Quality content is key to a high Google ranking and if spammers have posted your content in a ton of different places, Google will assume that your content isn’t original. Quality content is always original content.

You can use tools like Siteliner or Copyscape to make this task easier for you. Tools like these will crawl the internet to find if your content is being used anywhere without your permission.

5. Pay Attention to Your Website Speed

One way to ensure your ranking plummets is to simply take your site offline. If you are noticing that your site is loading more slowly than usual, it could be spammers trying to shut down your server.

6. Stay on Top of Your Social Media.

Social media is great but it can also be a haven for spammers. Especially if you’re a popular brand, they may try to impersonate you by creating fake profiles to grab your followers.

You can use tools like Sprout Social or Sprinklr to stay on top of your brand’s social listening. They will send you notifications whenever you are mentioned on a social media site. This is a great way to immediately notice if you are being impersonated with a fake profile.

Tools to Detect, Prevent, and Recover From Negative SEO Attacks

Negative SEO attacks are a very real threat. Especially if you’re running a popular site, you’ll want to become familiar with these tools that will help you detect, prevent, and recover from any attacks you become the target of.

Google Alerts

The first step to protecting against negative SEO attacks is to stay on top of what is happening with your site.

One of the easiest ways to do this is to utilize the free tool, Google Alerts. Once you set this up, Google will send you an email anytime another site mentions your brand name.

While it’s important to stay on top of your online reputation from a public relations standpoint, it’s also very important when it comes to how to protect your website from negative SEO.

Whenever an attack happens, you’ll notice a flood of brand name mentions. Most of these mentions will be from weird, unrelated sites.

If you’re getting a lot of emails from your Google Alerts tag, you’ll know to check the sites that are linking back to your website. Be careful when doing your research, though. Most of these odd links will have malware associated with them.

This is part of the negative SEO tactic. If your website is associated with malware, it will be flagged by Google and negatively affect your search result page ranking. The malware will also harm your visitor’s device, which could lead to a public relations problem for your brand name as well.

If you are a SemRush user, you can also use their SEMRush Sensor tool to track these same types of alerts.

Google Search Console

If you are a digital marketer and you haven’t set up your website’s Google Search Console yet, run! Do it now!

This cool tool from Google provides you with a ton of valuable information to help you boost traffic to your site. It also will help you in your fight against negative SEO.

Once you’re in the Google Search Console, check out the reports that show your site’s backlink profile.

Look for links that you go to your most important and highly-ranked pages. These pages will be your biggest target for negative SEO attacks so it’s important for you to stay on top of who is linking back to them.

Take note of recent links from bad sites. When someone targets your site for an attack, they will often hack other sites, buy bad links, and backlink these malicious links to your site.

They can also purchase bad links that copy your anchor text. They will use these links to point that exact anchor text to your site over and over. Eventually, this will trigger Google to mark your site as a spam site and it will get it taken down.

Pay Attention to Your Notifications

When you log into your site’s Google Search Console, you’ll notice a place for messages or notifications. Be sure to check this often.

This is where Google will tell you that a manual action has been placed on your website. Manual actions will affect your SERP ranking as well as your organic traffic so you’ll want to know as soon as possible if one has been placed on your site.

You could receive a manual action for a variety of reasons: link spam, site hack, bad redirects, or keyword stuffing, to name a few.

Once you notice that you received a manual action, do your best to clear it up right away so it doesn’t have too much of a negative impact on your ranking.

Make Use of the Google Disavow Tool

If you are noticing a lot of unusual backlinks, check out the pages or domains that they’re coming from. If they look malicious, you’ll want to use the Google disavow tool.

This tool will give you the ability to restrict single pages or whole domains that are spamming your site.

This tool is especially important if you receive a manual action for link spam or if you think you’re going to get a manual action for paid links or other negative link schemes.

Normally, Google will know which links to trust and which ones to block but, in the case of a negative SEO attack, you’ll want to move quickly. The disavow tool can help Google to recognize that these sites are malicious more quickly.

Make it a habit to review this disavowed list on a bi-weekly or monthly basis.

Learn How to Use Semrush’s Backlink Audit Tool

Semrush has a lot of really cool tools that will help any website owner. One of them, the Backlink Audit tool, will help you notice harmful links right away and avoid being penalized by Google.

This tool will check all of your backlinks and let you know which ones are malicious. Go through all of the links marked toxic to manually review them and decide if you need to add them to your disavowed list.

This tool will also run regular recrawls of your site and backlink profile to keep you up-to-date on your toxic links. The sooner you catch the toxic links from a negative SEO attack, the sooner you can take action against them so they don’t affect your site’s credibility.

One of the best functions of Semrush is that you can connect your account to your Google Search Console. This helps Google to know which links are being marked as toxic by Semrush

Wrapping Up How To Detect, Protect & Recover from Negative SEO Attacks

The more Google rankings depend on actual quality content, instead of keyword-stuffed spammy websites, the more we’re going to see spammers try their hands at negative SEO attacks.

The only thing you can do is to remain proactive and protect your sites. The more you know about your sites and who interacts with them, the better.

Continue putting out quality content, ensure that you have quality backlinks, and catch any malicious attempts to spam your site to keep yourself armed and prepared for any negative SEO attacks that may come your way.

I do have some good news though! Google recently announced a new algorithm update that they’re calling the “link spam update”. This new algorithm is designed to be more effective at identifying link spam and should, hopefully, help nullify some negative SEO effects.

Hopefully, this algorithm, when utilized along with the tips and tools I shared above, will keep your site secure from any link spam or negative SEO attacks so you can keep climbing to that number 1 search page spot!