Black hat SEO spam is the plague of the internet, and the big search engines take it seriously.
One of the worst spam tactics on the internet is becoming more common every day – innocent websites hacked, and their best pages begin linking to spam. These black hat SEO spam tactics are fighting for expensive, high-competition keywords like: viagra, payday loans, casino, and lately a lot of high fashion spam.
This is a topic we write about often – it is rampant, after all, but why does it happens, what makes your site such an attractive target, and what are the SEO tools that can help you?
Good SEO Takes Time and Generates Long-term Traffic.
Many website owners invest significant time and resources creating great content and optimizing it for search engines. It can take months or years to build a page to the top of the Search Engine Result Pages (SERP). By the time you get there, search engines will assume that your website has authority and value, and will then pass along some of your rank to the sites you link to, like a vote of confidence.
Therein lies the danger.
Targeting and Infecting Sites For Quick, Cheap SEO.
Attackers build tools specifically targeted to finding vulnerable websites – those with common platforms – which is why it’s so important to update when developers release security patches. Hacker tools can identify which pages have strong rankings (regardless of keywords), or ping Google with the “link” search operator on a site in order to find out which pages have fewer outbound links, allowing the cracker to target the most potent pages. Most of the process is automated, ending with your website, and hundreds like it, unknowingly participating in a link farm that the attacker can sell.
Black Hat SEO Spam Can Be Almost Invisible
Spam backlinks are usually placed in hidden iframes where no one, including the site owner, can see them via a browser. SEO spam looks to abuse the audience you have worked so hard for by generating precious link juice for their respective clients. In some cases, a rule is defined to only show spam links to search engine crawlers!
If you think that your website may be infected, you have a couple of options:
- Look at your website the way Google sees it by emulating the Googlebot user-agent.
- Leverage the ‘Fetch as Google’ option (found in your Google Search Console).
- Try the free SiteCheck website scanner.
- Try the free Unmask Parasites website scanner.
Search Engine Results Are What Google Sees
Sometimes, the hack goes a step further. To make the spam links seem relevant, they add keywords in Title and Description tags. This exposes the spam to users who search for your website:
In this case, new tags were added to posts that included the target keyword:
This one even created entire posts stuffed with keywords. Note that the top-level domain is .co.uk, and yet the keywords used have references to Canada.
In the examples above, site owners found out they were hacked only when customers complained. Not only is that embarrassing, but it can harm your website’s online reputation, and if you sell anything on-site, your users might question the security of your checkout process.
Additionally, webspam teams don’t take kindly to pages serving irrelevant links. Remember, blacklist authorities like Google or Bing have built entire companies on serving relevant links, so they have a vested interest in rooting out any site that is accepting payment for backlinks. Right now, your hacked website looks like it fits the bill.
The implications of this could lead to loss in SEO ranking, public notice of possible compromise in the SERP, and can include a blacklisting page when clients visit your website. Each of these contribute to loss in audience, traffic, and / or revenue.
Monitoring and Cleaning Black Hat SEO SPAM Infections
You should have a Google WebMaster Tools account for your site. The Security Issues section will give you a lot of insight if you’ve been hacked. However, since blacklisted sites can lose up to 95% of their organic traffic, most website owners will not want to wait for Google to blacklist them.
In addition, it’s incredibly important to mind your security posture. If you use WordPress, we’ve written extensively about security plugins that can help manage your security, including our own. Alternatively, our paid clients benefit from every day server-side and remote monitoring, plus alerts about SEO poisoning before Google’s blacklists does.
1. Cleaning Infected Tags, Posts, Comments…
You will often find the tags in your CMS appear to be unchanged. Usually your database is infected, making it more difficult for the average user to clean up on their own.
So what can you do?
If you are comfortable modifying your database, you can use PHPMyAdmin or Adminer to search for the spam. At the end of the day, you’ll still need to patch the hole that allowed your database to get infected in the first place. Sometimes updating your CMS, auditing your plugins, and scanning your database will do the trick.
2. Cleaning Up the Search Engine Result Pages
Once you’ve removed the infection, the original Title and Description tags will reappear, but the search results will be cached. Normally it can take days or weeks for Google to recrawl your site. We’ve prepared an exhaustive cheat sheet to help you through the process of clearing that cache and getting your SERPs clean.
To force Google to crawl your site immediately, log into Google Search Console and go to Crawl > Fetch as Google. From here, type the location of your sitemap or individual affected URLs, then click the Reindex button.
If you submit your sitemap, choose the option to Crawl this URL and its direct links – a nice trick to get your whole site done at once.
Just note that you get a 10-per month quota for crawling the URL and its direct links, and a 500-per month quota for crawling individual URLs.
You can also use the “site” Google Search Operator Guide to show your entire website in Google’s results pages at any time. It’s handy to verify the cleanup.
Accounting for Black Hat SEO SPAM
Websites that require frequent cleaning are usually suffering from SEO Poisoning (SEP) attacks, and have been identified for their high-value pages.
If the site often hosts out-of-date plugins and CMS installations or if the attacker has injected a backdoor, attackers can keep it on their radar for reinfection. With the amount of updating that often needs to be done to a website, from plugins to the CMS, it can be difficult to patch quickly.
A website needs credibility and security to make customers comfortable. Spam can be devastating in that respect. A hacker doesn’t care about the size of your website, so whether you’re just starting out or you’ve got lots of traffic, your site is always at risk.
Learn more about Dirty SEO and Blackhat SEO tactics and their impact to your website.