UPDATE:
Please check the end of this post for some final notes, following communications with Google.
Rand Fishkin published a post yesterday saying:
“webmasters are forced to police their own links through webmaster tools, and be in constant fear of negative SEO“
(I’m paraphrasing, the full post is here).
Rand goes on to call on webmasters help to prove or disprove the theories:
1) Negative SEO is in fact possible.
2) It’s become much easier since the Google Penguin updates.
But Negative SEO doesn’t exist, says Matt Cutts
Just a few days ago at SMX Advanced in Seattle, Google’s Matt Cutts was asked outright about Negative SEO:
As you can hear for yourself in this short clip, he clearly says that Google are aware people are worried about it, but doesnt admit its something thats possible.
Having seen various cases – I can save everyone the time and effort of testing this statement:
Negative SEO history
So just how long has this been an issue? Turns out that’s pretty simple to work out.
Google used to do their best to discount spam links, by not passing PageRank through links it deemed to be manipulative. That system was far from perfect however, as enterprising SEO’s simply used to build 10,000’s or even millions of links – those that passed equity were great, whil the ones that didn’t never caused much of an issue, as they were for the most part devalued.
Then Google released their Penguin updates with much fanfare, proclaiming for the first time that they would be taking strong punitive action against sites with spam links.
With that, an industry was born – as you can see from Google Trends above.
But how can I be sure it exists?
About a year ago, a friend of mine got in touch as the rankings on his site had collapsed, and wanted me to do some consultancy to work out why.
The owner of the site isn’t an SEO, nor had previously engaged in any linkbuilding – he didn’t need to, as his primary domain was a perfect exact match domain for the keyword being targeted.
Qualitatively speaking, the site wasn’t exactly wikipedia, but nor is it a spam site either. It had also ranked somewhere in the top 3 positions for its primary keyword for many years.
Setting the scene
Lets say the keyword being targeted was “blue widgets”. The site targeted was called “bluewidgets.com”. It went from 3rd, down to 50th for that keyword, a position where it remains, over a year later.
Evidence
Around six weeks before the ignominious drop, some new exact match anchor text links appeared pointing at “bluewidgets.com”.
Quite a lot actually, according to MajesticSEO 264,849 total links to be exact:
The screenshot is sorted by the total number of matched links on each of the negative SEO domains. Every single domain was owned by the same person, WHOIS data was not obfuscated in any way, so at least I knew who the aggressor was.
By cross referencing the domain ownership data I narrowed down 170 total domains, across 6 unique class C IP ranges:
You can see by the subnets that the entire set of sites were all hosted on subnets owned by GoDaddy:
What did the sites & links look like?
Every one of the sites were identical, using the same “theme”, although were custom coded using ASPX – not wordpress which you would probably expect.
Each site also had between xx,xxx and xxx,xxx pages indexed in Google.com.
The links appeared in a random rotation on a large percentage of the pages, in two locations, either in the sidebar navigation or in the footer:
The links did not appear on every page, nor did they appear in the same place on every page. There were also a number of other external sites linked to, both within the spam network identified by the IP subnet footprint, and various other sites within the target vertical & authority sites.
How bad was the drop?
The site only ranked for a couple of queries, all related directly to the subject of its EMD, like “blue widgets”, or “buy blue widgets” etc. It dropped to 50th for its primary keywords – which are high volume, very commercial and expensive (CPC) terms.
It hasn’t recovered yet.
Why am I positive the negative SEO worked?
A random conversation with another SEO consultant a few weeks later provided the slam dunk evidence I needed:
Me: “I’ve seen what looks 100% like a negative SEO attack recently”
Other SEO: “Yep, I’ve seen one a few months back, certainly looked like it to me, what keywords were targeted?”
Me: “The keyword was Blue Widgets, and the site was bluewidgets.com”
Other SEO: “No WAY! My one was Blue Widgets as well, but the site was widgetsblue.org!”
We went on to compare notes in detail, some of the domains were indeed the same, but even the ones that were not shared the exact same WHOIS data as the ones I’d seen.
We knew the links shared the same anchor text, we knew the person was the same. We also knew that the impact had been the same thanks to the SearchMetrics data. I still have screenshots of all of the evidence, and these sites STILL exist (mostly).
We now had two confirmed cases, where one person/group had managed to remove two independent sites from the same search query.
Why have I obfuscated the data?
To be blunt, I’m very concerned about outing the perpetrator fully – for fear over suffering a similar attack myself.
I advise people to keep a close watch on their backlinks, and there are a number of good services that assist with this as well.
Will you share the data for independent review?
I’ve already reached out to Rand to share the data, and if your name is Matt Cutts, I would also be happy to provide you with all the analysis I did back then – in the hope that the affected site will finally be returned to its former position.
At the time I also shared some intel with a group of trusted other SEO’s I often communicate with in circumstances like these, so there are a few others that can verify the data – but Im not going to mention the guys name right here on the blog.
I’m worried: can you take a look at my site?
Sorry, I don’t offer 1:1 consultancy, but if you post a thread on the SEO forum here on this site, I’d be more than happy to have a quick look & suggest who you should speak to to get assistance, or what steps you can take to resolve the issue.
Postscript:
After several weeks of communication with the webspam team at Google – I am content that other underlying historic reasons may have been to blame for the catastrophic loss of traffic to the site in question.
I would like to thank the webspam team and Matt Cutts personally, for reacting and spending the time and energy required to look into this case specifically.
It’s actually that part of the search industry that seems to be expanding the merriest atm: lots of enquiries by potential clients and tons of money in it.
Nice documentation you’ve put up!
I cannot understand how Matt Cutts thinks anyone is silly enough to believe him on this one. Having been in the industry for 15 or so years I have seen the different types of link building that has gone on. Moreover I spent 12 months working specifically on penalty removals for a large agency in the UK, the problems causing the penalties was simple crappy link building which is still perfectly easy to replicate and point at someones site you didn’t like the look of.
After I left Google I have seen some impactful cases of negative SEO, although it is very rare. On the other hand, I have seen way more cases where people were under the impression that a negative SEO attack had happened but once you looked deeper into the case it was clearly not a negative SEO attack. A second set of eyes may be helpful.
Google has created two new highly profitable business strands: Link auditing and removal & negative link building – just because they still can’t tell a ‘good’ link from a ‘bad’ one. What we now have is chaos based on utter confusion inside and outside of the SEO industry. This is affecting PR, digital content marketing, blogging and all other sorts of related disciplines. Yes, Google has to some extend success in cracking down on paid / non-earned link building, but the collateral damage is done and things only get worse. Lots of people who have sold links via networks before are now offering link removal services or even link attack services. I don’t even blame them, because they just move with the market. Google is to blame for creating this new environment of uncertainty that is still so easily to exploit.
Since you obscured the full dotted quads in one graphic, I wonder if you meant to show the un-obscured IP in the graphic below “owned by GoDaddy”?
no – I left that in on purpose, they own the whole class C (possibly the class B actually), but the sites were registered on other IPs in this class C. There’s about 1400 per IP so its not revealing the sites.
Have seen it happen before, and this case study just confirms it. Most SEO experts do not even consider it but my opinion still stands and is reassured day by day. Hope Google or Matt makes a public statement about it so people can start believing it….
Thanks again for your great post it will be an eye opener for many guys out there.
Well I think negative seo worked for a while and just as you said the Google updates only made it more simple. I woke up last year with over 20k links from a competitor from random websites in random languages with over 2k inbound links each. Long story short all my ranks decreased.
After working with the disavow tool ranks got better about 20% but nowhere close to the positions that we had initially.
Here’s a suggestion –
Google should allow one to use webmaster tools to ‘flag’ potentially spammy inlinks to one’s domain – in general this could be a lot of work, but at least it would give the Knowledgable Site Owner some level of control to defend themselves against negative SEO without having to fully rely on Google – much like ‘marking as spam’ in gmail. If enough site owners marked inlinks as spam, this information could be used in the pagerank calculation for those domains.
Thats pretty much how their disavow links tool is meant to work – problem is they refuse to accept its an issue, despite providing tools to avoid it. Also they are very slow in updating things once you have disavowed, so you never know if it worked really.
This certainly reads as compelling evidence. I’m interested to know, though, if there’s a way you’re establishing that this is a result of the spam links, and not the EMD update. Both of the domains you mention are EMDs, and the timings don’t look too far off for it to be a possibility.
Of course, if Google routinely penalises sites for their links, then negative SEO is obviously possible, unless Google have a perfect mechanism for discerning negative SEO from attempts to actually rank. I’m just not sure if this is the data set that makes it irrefutable.
Thats a fair point, but the contrary evidence is that they continued to rank for terms not targeted by the specific anchor text, and they both had a -50 hit, which feels like penguin/negative SEO.
I’d love some more Googlers or Xooglers to chip in here 🙂
Ultimately there are very, very few case studies of this actually happening in the wild. It’s clear you’re trying to change that, and that’s admirable, but one case study is unlikely to change Google’s public stance on the issue, irrespective of its individual merits. I think that this is unlikely to change unless someone starts doing it at effectively and at scale.
Last year I worked with a team of five to clear up a negative SEO attack. This company was making millions of dollars in their niche and had tons of traffic. They did not spam and did not purchase links.
One day they noticed a large amount of backlinks to poor quality sites, including porn. They tried to clear those up and more followed.
My first question was did they purchase the links. Their manager said they do not purchase links and that the team was monitored. He was a little concerned that a former employee may have tried to get back at them for firing him.
We went through by hand to get rid of all unwanted backlinks. And then again. Eventually, their rank continued to suffer until we came to the conclusion that there was no hope. They lost 95% of traffic.
In total, we disavowed links from over 2,500 domains and around 20,000+ backlinks.
It is common sense that negative SEO is real. Google’s people, or their algorithm, penalizes for certain things. If you can penalize your own website (by ignorance), then why would someone not be able to replicate it on purpose and direct it to another site?
Negative SEO destroyed a top industry website right before my eyes.
By day I work for a large agency in Kansas City. I can confirm with 100% certainty that Negative SEO is completely doable and unfortunately we experienced it enough to lose almost 70% of our traffic on the longtail and 30% on the head terms.
Our site was compromised and 3 spam pages were put up. At the same time nearly 150,000 links were generated to these pages containing anchor text that referenced the spam pages but not our head terms or long tail phrases. It started in September and by October 4th, 2013 when Penguin launched with 2.1 we were completely decimated and it destroyed that specific website.
Google Webmaster Tools listed the spam links, but they’re gone now. Majestic SEO still has thousands in there. There is no going back for us so far. Disavow is a joke.
A few important points:
1. Not everything that appears to be negative SEO is necessarily negative SEO – e.g. how would you classify the cases of “unintentional” negative SEO? One of such cases, to make things easier to visualise, I believe to be the recent drop of many press release sites in Google – as detailed in this post of mine: http://www.irishwonder.com/blog/2014/06/01/what-happened-to-press-release-sites/ (TLDR version: no, I’m not saying they dropped because of negative SEO – but one of the reasons that could cause their drop was similar in its mechanism to one of typical negative SEO approaches)
2. If there are negative signals in the algorithm it is not possible for negative SEO to NOT exist – as our online actions are not signed for Google to be able to reliably attribute them
3. Negative SEO is really just a newer term for something that’s been going on for ages in different forms and shapes – to expand on this, let me just refer you to my presentation from a year ago http://www.slideshare.net/irishwonder/negative-seo-past-present-and-future-my-thinkvis-talk
This is about as good as it gets for evidence. You will never get perfect evidence because any number of factors could effect a site. And of course, to some level you want to protect identify of your sites and clients for the reasons Martin stated above. More than anything, I’ve always argued that it’s just logical. If millions of people will engage in blackhat techniques then thousands will try Negative SEO.
I also have a problem with the lack of frequency of Penguin updates. Obviously anyone hit with Penguin has to suffer a fairly long time even if they clean their link profile. At the same, you give Negative SEO incentive to engage in this practice as they can feel some level of confidence that their tactics will last long enough to make it worth the small investment to submit sites to thousands of spammy links.
The only way to truly believe in negative seo is to try it our for yourself on a site you no longer care about. Plenty of people have done this and it works.
Logically this makes alot of sense if you think about. Bad links = drop in rankings. Bad links does not = Google ignoring those links. That’s just rubbish and everyone knows it.
I had a site, co.za (south African site) brand new, 3 months old, did loads of links, but the easy, spammy stuff, directories, social media, PR sites…
Within 3 months was doing 80 visitors a day. Within 1 day after that I was dropped to 2 clicks a day.
Now i’ve disavowed all the links from webmaster tools and i’m going to see if it comes back.
That may not be the kind of links we’re talking about, but then how can Google not say that links = negative rankings = negative SEO.
I got hit by penguin pretty hard way back–site didn’t actually come back to life until I got some positive backlinks recently. phew!
Regarding negative SEO, I put it in a cartoon back in 2007 already (using my handle “saloonix”): http://stripgenerator.com/strip/55794/pay-me-or-ill-link-to-you/
Nothing much has changed since then…
Of course, the funny aspect aside, once you’ve become a victim of a professionally conducted neg SEO attack, there’s preciously little you can do about it. More often than not, rebranding is the more viable solution.
I really think that the guys who are reporting these negative SEO attacks were the ones who built the links themselves or perhaps subscribed to a shitty service back in the day that actually worked – and now that this has been exposed – they do a full audit and find the links that they claim not to know about. I have never seen a case of a penalty where negative SEO can conclusively be blamed. I admit I only have visibility of about 190 million unique organic visits a month collectively and in amongst that traffic which is probably a drop in the ocean have not seen one instance of negative SEO. My industries are competitive.
Yeah, so you’re wrong. Thats all.
I would agree with Google that if they see a site that has no history of acquiring spammy links and in the time frame of a couple of weeks or even a couple of months all of a sudden thousands of spammy link show up, they could protect the domain from a probable negative seo attack. In an instance like this perhaps the algorithm does not punish the domain?
Two things come to mind for me however.
1. Black Hat SEO’s could spam the crap out of their sites like to in an effort for some fast traffic and count on Google assuming negative seo and not penalizing them.
2. A true negative SEO attack would be done more subtle. Perhaps just 5-15 spammy links the first week. Then maybe 50-100 the next. Then over the next few weeks start upping the number of crap links to the competitor. You have time after all. Likely the targeted site won’t get slammed until the next Penguin update. So put in the time. Slowly build the crap links. How on earth is Google through an algorithm going to know it wasn’t the sites real webmaster going after spam links?
So one and a half years later, the site hasn’t recovered yet…
1. You must have disavowed the negative links and there must have been updates since. To what extent is this working/not working?
2. Was the negative link building a one-time activity or do you still see new bad links being built to bluewidgets.com?
3. What quality and quantity of positive link building did you do to counter this?
4. You probably know a Googler or two. Did you try reaching out with evidence to see if a manual exception (recovery) could be made in this case?
Reality – Negative seo exists and there are dedicated agencies who do this job well. It’s high time that google should accept this as a practice that prevails. It would be silly for a finance minister of a country to say – that there is no black money in his economy. If google accepts this and talks about it then perhaps they can work towards coming out with possible solutions, which can prevent genuine companies to loose out.
Thanks for this helpful post but more importantly thanks for introducing me to the word “obfuscated.” It’s awesome and will tried my hardest to inject it into my vernacular.
Martin, I’ve had a similar case against one of my own ecommerce sites. Link profile was about 400 links and it ranked for top three terms I was after. Within three months a massive growth of 40k+ exact match links focusing on two of the target keywords saw a manual penalty imposed. It took me three months of reconsideration requests to get the manual penalty removed. Three weeks after it was lifted Penguin kicked in and algorithmically kicked the site out again. The competitor just kept piling on comment spam and no amount of disavows have helped. I made the call to rebuild on a new domain quietly and try to build a stronger more resistant link profile on this new site as my gut was telling me that the old domain probably had too much against it to invest in acquiring more solid links to overcome the bad ones. So it’s doable all right. Not sure why Rand is struggling to find a case study.
If the whole point of introducing the Penguin was to reduce the number of spammy links, isn’t the disavow tool pretty well an indication that Google accepts that negative SEO will happen?
Right now, you article suggests that if I want to rank ahead of my competition, all I have to do is buy a spam tool and there’s nothing anyone can do about it.
Telling a web master to spend the day disavowing 1 million links through their platform is really a horrendous suggestion. How are you to do that manually and against a competitor who is very determined? The moment you disavow some he adds more.
If the idea is that they can spot negative SEO, then it simply means that the clever spammers will then spam their own sites and claim that they are being spammed.
I just never found the sense for this system. I’d rather they stick to the issue of low value links. Otherwise clean webmasters are at the mercy of spammers.
Great post. Thanks. I too believe that negative seo does not exists. Its just fabricated nonsense. Its like Link Building is Dead or SEO is Dead.
Another SEO ploy as far as I am concerned. It sounds like another marketing ploy to get people worried. A bit like Google and their latest algorithms. Just focus on great content, links and helping the visitor on your website.
I think the people that don’t believe that Negative SEO exists would soon become believers if their own sites were targeted. Cases are rare and sporadic but to categorically rule out it’s existence is naive at best!
Negative SEO is one of the curse in internet marketing and its very hard to track that from where we are getting this negative SEO activities. Black hat or negative SEO can also provide you the good results soon but they are not long lasting. Some firms implement these techniques to get quick results for these activities but once they get tracked there all implementations can be get down. This can also be tracked by IP address, an IP address can be become spam if someone continuously do the negative SEO or black hat SEO. So always try to avoid negative SEO because it does not belongs to a ethical methods of internet marketing.
This was an awesome article. I worked for a developer for 2 years before I found out about his use of SENuke XCR to build thousands of spammy backlinks. I sold back my stake in the company and walked away with my share of the company tee-shirts. I also found out about his Micro-Site strategy combined with article spinning and comment spinning. I still kick myself for not realizing it early but I was simply a content writer and I mostly did initial on-page optimization and social media only as well as some AdWords for the E-Commerce clients.
I have concrete, irrefutable evidence of Negative SEO. I actually wrote an article about my experience with Negative Link-Building Campaigns. http://www.salesandorders.com/history-negative-link-building-campaigns/ I still feel awkward leaving links in comments even to this day. I’m a content guy though so I can’t help but share relevance.
In your postscript update, you mentioned that it could be other underlying reasons but haven’t really gone into any details. Did you get any more information as to what other factors could have resulted in the penalty. It would be really useful to know more about the communication that you had with the webmaster team and if there were any other useful insights you got from that conversation.