Google actually took a giant step backwards a few years back when it decided to start counting poor quality links against websites they index. Negative SEO used to be a very big deal with people creating poor quality links from spammy websites to your own site in the hopes of knocking down your site (and as a result trying to get their own site elevated in the rankings).
Known as Google Bowling, the problem went away for a while when Google’s engineers noticed this and decided to start simply ignoring poor quality links. However, ever since the most recent changes, including Panda, Penguin and most infamously, Hummingbird, the problem seems to have re-emerged as Google once again is trying to weed out poor actors using cheap backlink packages.
Now to be fair, Matt Cutts recorded a video back in 2012 where he mentions that this has become possible and a little easier to do today than it once was. However, he also makes a point of saying that it’s not very easy for someone to actually accomplish this, even after the most recent updates to the Google algorithms.
Cutts explained there that the Google team does try to put in place safeguards to ensure that they are not unfairly penalizing a site which has been targeted. Then again, given that Google did create the disavow tool, it’s equally clear that they believe there is a possibility of there being some kind of effort at sabotage and as such, they do recommend that webmasters take the time to watch out and protect their sites.
The trouble of course with the disavow tool is that you need to actively check your link profile and see which ones may be a problem. This can be time consuming and difficult. In addition, there are other forms of negative SEO which can equally be a problem for your website.
For example, if your site gets hacked, this can cause your SEO profile to go down. DDOS attacks (distributed denial of service, where your site is massively hit up from thousands of IP addresses at once in order to clog it and keep anyone from accessing the site) attacks are also a serious issue.
In both of these cases, your SEO will be negatively affected because the Google bot can’t reach your site to index it and see what kind of content has been created on the site.
‘How Vulnerable Are You?
There is good news and bad news in this case. The good news is that negative SEO is still really hard to pull off and 99% of websites will not be affected by this kind of thing. I mean seriously, the number of bad links that need to be created in order to counteract good quality links that you have on your website is staggering in its numbers.
Of course, with a sophisticated tool such as Scrapebox or XRummer, it is possible to do exactly that and to create havoc for a website if you are determined enough and if the webmaster is not on his or her toes about keeping the problems at bay.
The other thing to consider is that it’s crazy easy to hire someone to do negative SEO for you. There are plenty of people on Fiverr for example who will happily build hundreds of thousands of poor quality links to a website that you want to target. Whether these guys are actually effective at getting sites kicked out of the rankings is questionable but the fact is that there’s no reason why any of us should take chances.
Other Sneaky Tricks
Of course, in addition to the most obvious forms of negative SEO, including things like Google Bowling and hacking/DDOS attacks, there are more devious methods of destroying your site which you need to watch out for.
One, which someone attempted to do with a site I link to from my personal finance site is to create a kind of phishing e-mail. Phishing as you likely know is where someone will try to pretend to be from a reputable site and try to get you to click a link and hope that you’ll reveal your password. These kinds of attacks often target things like your bank account or PayPal accounts.
However, one method which someone tried with me was a reverse of this where they pretended to be from a website I happen to have a link to. The e-mail purportedly was from the site own and demanded that I remove the link to their site. A telltale sign though was that the e-mail came from a generic Gmail account rather than an e-mail address associated with the actual site. Of course, many site owners won’t notice and will happily remove a link, which may hurt your SEO in the long run.
Fortunately for the site owner in question, I know enough about SEO to have ignored the request. At the time, I just figured that if the guy was that desperate not to have a link from my site (which is quite reputable and has a decent page rank) that he could use Google Disavow. It only occurred to me later to go back and glance at the e-mail to realize that this was an effort at negative SEO.
Of course again, this kind of attack (and by the way, if they really wanted to mess with you, they could spoof an e-mail and make it appear it came from your site though that’s more work than just using a generic Gmail account) is not terribly common. It requires a significant amount of time and effort to make it happen so you are unlikely to be targeted.
Other methods include creating fake accounts on social media sites such as Facebook and Twitter and then using them for spam and or copying content off of your site and making it widely available everywhere online (this is a problem because it dilutes your brand and Google’s bots may not rank your original post as highly if it’s too widely distributed).
When You Should Be Worried
Okay, before I get to how to protect yourself (and some of my suggestions are useful even if you don’t fall into this category), let’s look at who is likely to be a prime target:
- Sites in very competitive industries – if you run a site for example in the cutthroat gambling industry, you may be vulnerable.
- Sites which are the tops in their relatively competitive niche – for example, if you ran the top site in the SEO niche, you’d need to be concerned.
- Sites which take a political stance – Finally, sites which take a political stance, for example for or against gay marriage, for or against Israel, for or against gun control, for or against abortion – well you get the idea. These kinds of sites are unfortunately magnets for the people with too much time on their hands and too much hatred in their hearts.
What You Can Do to Protect Yourself
Get Alerts from Google – The first thing you should do (and this is something everyone ought to be doing regardless of whether or not you are worried about being attacked) is to set up Google Webmaster Alerts.
Since Google’s web spider is regularly sent out to index the Internet, it will know fairly quickly if there is a problem with your site. Google can tell you for example if your site is down or if it detects any kind of hacking effort on the site. Once you have your website set up with Google webmaster tools (and if you haven’t done it yet, you should), it’s a simple matter to just put in your e-mail address and get alerts from them whenever there’s a problem.
Set a Real Password and Change the Default Admin – If you use WordPress or Drupal as the vast majority of websites do, be sure to change the name of the admin user to something unique. Don’t just leave it as “admin.” This makes it harder for hackers to break in. Also, use a real password. Trust me, the word password or 1234 is never a good idea.
Ideally, your password should be a mix of numbers and characters, including upper and lower case characters and it should be completely random like this: uhh89Yg7ggGYGHJISA8g87$%*$. Of course, that’s really hard to remember so the next best thing is to use a passphrase: ForExampleThisisAGoodPassphrase987. The preceding is at least long and uses a mix of upper and lower case as well as numbers. It’s not perfect but much better than your kid’s name or “Password.”
Check Your Backlinks—I know it’s not free like the old Yahoo service was but the best choice for checking up on your backlinks is still OpenSiteExplorer from the people at Moz.Com. You can get three free basic reports a day so for many people, that’s all you’ll need. However, if you need more than that, be sure pony up for the extended version of the service.
Watch Social Media—This is a good idea even if you aren’t worried about your site getting hacked or being the victim of some negative SEO efforts. The fact is that your customers are going to mention you on social media all the time and the more often you take the time to respond to them and actually try to find out what’s bothering them, the more likely you are to keep them as customers.
A good tool to use for this Mention.net. These guys will actually let you know whenever your company name gets mentioned somewhere in open social media (obviously if someone mentions you on their Facebook wall and it’s set to private, this won’t pick it up but anything they allow to be public will be mentioned).
They offer a very basic free service or you can pay for advanced service which will monitor more than one keyword or brand name as well as provide you with more lists of mentions per month (the basic service offers just 100 mentions each month).
Make Sure You Site is Loading Fast—Another indicator that there may be a problem (either because of hacking or because of a myriad other factors is that your site may be loading rather slowly. You can easily monitor this by checking out Pingdom.com. Again, this is not a free service but the cost is fairly minimal and it can provide you with peace of mind to know your site is moving smoothly.
Use a Pro for Your SEO Efforts—Look, I know it’s tempting to pay some guy on Fiverr five bucks and have them blast thousands of links for you. The fact is that there’s a reason they charge just five bucks though. The links are junk and are worth even less than what you paid for it. Given that Google is once again counting junk links against you, don’t sabotage yourself. Make sure the SEO service you use is run by people who know what they’re doing.
Use the Disavow Tool – Finally, Google did create the disavow tool for a reason. They want you to be able to dump bad links and not have them count against you. So after monitoring your links, if you consistently see say some kind of a porn site creating links to your site, make sure to tell Google that these are not your own links.
Oh and don’t be afraid to contact webmasters of offending sites and ask them to remove the link to your website from their pages. Just make sure that you use an e-mail from your own domain as opposed to a generic Gmail account.
Look, in most cases, this is simply a matter of using some good common sense to make sure that your business is protected. As I said from the beginning, the actual odds of being targeted successfully are pretty small. Most hackers aren’t going after a little website with a relatively small amount of traffic anyway. However, if you are worried, the tools exist to help you to protect yourself from negative SEO.