What is a Negative SEO Attack?

By Daclaud Lee, Project Manager / SEO Consultant at Archmore Business Web

A Negative SEO attack is when an enemy; business competitor, pissed off customer, disgruntled ex-employee, malicious hacker, rogue SEO professional, or just a random douche bag on the internet (intentionally or unintentionally) tries to derank your website through the use of Black Hat SEO tactics or website hacking. Keep in mind that "Black Hat SEO" is not the synonymous with Negative SEO, but the two are related. Black Hat SEO is usually described as an unorthodox (and often outdated) SEO tactic used to manipulate page rankings, which can be used in a Negative SEO attack.

The reason why Black Hat SEO tactics are often used in an attack is because Google's algorithms know how to identify and supress this (and they have been doing it for decades). As a matter of fact, Google has entire support documentations describing "what not to do". A rogue SEO professional or unethical hacker can use these banned tactics to derank a competitor's website by making it go against Google's rules. I have seen many different types of Negative SEO attacks in my lifetime and many of them can be fixed. What they are and the solutions are documented below.

10 Different Types of Negative SEO Attacks

Listed below are 10 different types of negative SEO attacks, how it can affect your website or business as well as how to mitigate the damages.

1. Hacking and Redirection

This can happen to a website at any moment and out of nowhere, a malicious bug has infected your website. When a hacker breaks into your website via unsecured means, they can easily redirect the site. Often times this is done by a backdoor injection. These cyber attacks can do anything from create new pages on your website that will intentionally de-rank your website to redirecting your entire website to a different URL altogether. Most of the time, these redirections will lead to websites containing porn or a page to buy viagra pills (or something else your customer may not want to see).

How to prevent hacking and redirection? If you are using Wordpress, then make sure your Wordpress software and plugins are all updated to the latest version. Additional measures you can take are installing security software or plugins such as Sucuri or Wordfence. These free plugins will add an extra layer of defense to your Wordpress website. Also make sure all of your host files are up to date. Consult with an IT professional that specializes in website security if you need to implement additional security measures.

2. Link Spam

Bots (and sometimes humans) will target websites with blogs or forums in order to do link spam. Link Spam is basically a barrage of spammy links that are pointing to either external websites or to pages within your own website.

How to prevent link spam? There are many integrations and even plugins you can use to prevent this. A third party plugin such as Disqus is managed entirely by Disqus, which implements its own security measures that prevent link spam. This is usually the best course of action if you have a Wordpress site. There is also a Facebook comment integration HTML code and accompanying Javascript code that forces users to log into Facebook in order to make a comment on your website. Otherwise, you may have to custom develop a comments section and unless you are a web developer, this may not be a feasible solution, so just use software that someone else created and you will have no problems. Otherwise, for those webmasters who are less tech savvy, having a moderator that constantly monitors your website for link spam is the old fashioned way to remedy link spam.

3. Keyword Spam

This can be done through spamming the comments section with too many keywords. Did you know? Over optimizing a keyword is actually bad for SEO and can lead to rank loss. Unscrupulous Black Hat SEO practitioners can potentially de-rank a competitor by commenting with a wall of text in the comments section of a web page or blog and over stuffing keywords that the site is ranking for. One of the more difficult keyword spam attacks to spot would be a repetition of hidden keywords that are the same color as the background on your website. You would have to highlight the area using your mouse or click on view source code in order to spot these.

How to prevent keyword spam? You would prevent this almost exactly the same way as a link spam attack (see above). This is probably the easiest negative SEO attack to fix. All you have to do is delete the offending user's comments. This is why it is important to monitor your website for suspicious activity like keyword spam.

4. DDOS Attack

A DDOS (Distributed Denial of Service) attack is a higher level negative SEO tactic that hackers can use. Relatively speaking, even low level hackers can pull off a basic DDoS attack, so imagine the damage that a more experienced hacker could do. A DDoS attack will slow a website's load speed or even bring it down for a period of time. This can result in a loss of sales, abandoned shopping carts, reputation loss and even unhappy customers.

How to prevent a DDOS attack? The best way to prevent a DDOS attack is to know your network's traffic and make sure your IT team is on top of things. Making your network tougher means more firewalls because DDOS attacks target these. Avoid phishing attacks and always change your passwords and have good authentication practices. Scaling up your bandwidth can also help your network absorb a larger volume of traffic. Installing anti-DDOS software is also essential to mitigating these types of attacks. However, not everyone is an IT professional, so many companies will often outsource their IT services to a managed IT services provider.

5. Fake Reviews

This may not directly reflect the way your website ranks, but it can indirectly effect your rankings if there are too many fake reviews. Fake reviews and negative reviews can cause a potential customer to think twice about your website and could result in a loss or sale or even an increased bounce rate. Imagine a potential customer Google searching your business and finding a bunch of fake 1 star reviews on your GMB listing. If your

How to prevent fake reviews? The only way to mitigate fake reviews is to be in total control of all of your local search citations such as Google My Business (Yelp, Facebook, Angi, etc.). Take control of your local search citations and you will have the ability to request a fake review for removal. Some websites will allow you to comment directly to the reviewer, which allows for direct communication and it also gives potential customers your perspective. If you have trouble doing this yourself, then hire a reputation manager to help you remove negative reviews. If that can't done because the website is being uncooperative, then a reputation manager can help you get more positive reviews to supress the negative reviews.

6. Scraped Content

Duplicate content is technically not a Negative SEO ranking factor. I have seen websites with scraped content rank higher than the original source as long as the website adds more value to the scraped content. So if a competitor website straight up copy and pastes your content to pass off as its own, but they rank higher than you, then there is a problemm and your SEO efforts have just been suppressed.

How to prevent scraped content? The best course of action is to do your own research about copyrighting content and take action. Since I am not a lawyer, I am unable to offer legal advice, so I would recommend that you contact a copyright lawyer if the need be. If you are a copyright owner whose work is being infringing online, you can send a DMCA takedown notice to the website where the infringement is taking place requesting that the infringing material, activity or link be taken down. You can also submit a copyright removal request on Google. If Google refuses to work with you, then send out a DMCA takedown notice to the offending website and have a lawyer follow up with the webmaster if they refuse.

7. Backlink Removal

An underhanded negative SEO tactic is removing the best backlinks your website has. High quality backlinks make up a small portion of your website rankings, but losing important ones can hurt your SEO and website traffic. By removing a high quality backlink, you could potentially lose out on much needed referral traffic to your webstie.

How to prevent backlink removal? The best way to prevent backlink removal is to keep track of your backlink portfolio. If you see a good backlink removed, then be sure to contact the webmaster of the site where your backlink was and have them add it again. Be sure to create a relationship with other webmasters who have backlinked to your website so you can get this done in a timely manner.

8. Fake Social Media Accounts

A fake social media account can do one of two things: 1. It could damage your reputation if negative posts are made under your business name. 2. The fake social media account could actuall outrank yours in organic search.

How to prevent a fake social media account? There's really no way to prevent someone from creating a fake social media account using your business name, but what you can do is flag that offending profile. Many social media sites may have a way to do this, but some won't. If you are unable to remove a fake social media site, then the best thing to do is to hire a social media manager.

9. Inexperienced SEO Professionals

There is an old saying: "sometimes the worst enemy is yourself". An inexperienced SEO professional might mean well, but he or she may end up accidentally doing something wrong that could be detrimental to your website rankings. Someone who just watched a few videos about SEO on YouTube thinking they know it all could end up making some costly SEO mistakes if they have never done it before. These can be minor mistakes such as accidentally forgetting to index a website, or not knowing the difference between White Hat SEO and Black Hat SEO tactics among many others. For example, an SEO professional who has been out of practice might recommend an outdated strategy that worked 5-10 years ago, but was recently corrected by Google's algorithm changes.

How to prevent this? This is why you should hire an experienced SEO consultant. Know who you are working with and have realistic expectations based on your budget. While it may be a lot cheaper to hire an inexperienced SEO professional, the old saying goes: "you get what you pay for" (that's why the starting salary for entry level jobs are usually much lower than senior level jobs). Therefore, you need to make sure to vett your SEO professional properly. Make sure their resume and Linkedin profile checks out. Potential red flags could be huge gaps in their resume, no reviews of their business or only negative reviews.

10. SEO Scam Artists

An SEO scammer will target small business owners and websites by preying on their fears. Most of them will take your money and do absolutely nothing. The worst of them will use Black Hat SEO tactics to get your site ranked for keywords fast, but the results are only temporary. They do this to quickly show you positive results that will eventually bite you in the ass. They will take your money and run without ever responding back to your messages. These SEO scammers are the ones that give the entire SEO community a bad name. Therefore, you should be careful as to who you work with when it comes to an SEO Agency.

How to prevent this? Make sure you vett the SEO professional before you work with him or her. Most of the SEO scam artists operate out of India and they will often use a fake American sounding name. More than likely, they will send you an unsolicited email through the contact form on your website telling you there is "a problem with with your current SEO work" or "your website is not getting enough traffic". Like any scammer, they prey on your fears and suspicions by telling you your current service has problems.

SEO Pro Tip: If you see an unsolicited message where the "marketing professional" uses a gmail instead of an email with a business name attached to it (EXAMPLE: jane-doe-seo-marketing@gmail.com as opposed to daclaud@archmorebusinessweb.com), then there is a 100% chance that it's a scam.


By Daclaud Lee,
Project Manager / SEO Consultant at Archmore Business Web

FB.getLoginStatus(function(response) { statusChangeCallback(response); }); { status: 'connected', authResponse: { accessToken: '...', expiresIn:'...', signedRequest:'...', userID:'...' } }