Often when people talk about negative SEO tactics, they’re talking about using extremely spammy links pointing to a competitor in an attempt to get the competitor’s page or site penalized. And yes, this actually happens…I have 2 clients in fact whose competitors apparently hired the same person to build spammy links to their sites (I could tell because both sites were getting links from the same set of link farms and crappy blogs, during the same month, despite being in different countries and different industries).

Here’s the Twist

But my client, InstallAware, is seeing something a little more devious being done by their competitor. In their case, the competitor has found a post on a very strong, trusted forum (owned by Dell) where the post title questions whether their product is approved by Microsoft.

Here’s how it appears in the SERPs when you search for “InstallAware”:

Parasitic SEO: using spammy backlinks to a page on a trusted site to cast FUD


The actual post, if you read it all, isn’t really so bad–a reasonable discussion follows and the net of the discussion is positive. Where the damage is done is in the SERPs themselves, where the title of the post becomes the page title and hence the headline that shows in the SERPs when you search for the product name, “InstallAware”. I’m not going to link to that post because that would just make our problem worse, of course.

Spam, or Coincidence?

So how do we know this is an attack, and not simply an example of a post in a really strong, trusted site ranking as it should given the domain authority, PageRank, etc.?

We take a look at the backlinks to that particular page, using something like Open Site Explorer. We find a bunch of links from nasty porn and online casino profiles, fake social media accounts with nothing other than the company name and a link to this page, and blog comment spam (over 300 instances of the exact same typo-filled comment with the link).

Here’s a small excerpt from the backlinks…I’ve fuzzed out some of the more explicit words in the domains and titles:

Spammy backlinks from questionable sources


And here’s the blog comment spam, which conveniently has a typo in it, making it easier to find all instances of it via a Google search. Note that they’re using the target term (“installaware”) as the anchor text on the link to the post:

Blog comment spam


A large number of the comments trace back to a Google+ profile from India belonging to “Marie”, who apparently works at BlockBuster (yeah right).

Why does this work?

If you just created a new site to put a negative post on, or did the blog post on some other small site, it would be extremely hard to get that page to rank at all, let alone high on page one for the company’s own name. And, building a pile of spammy links like this wouldn’t really help, as those links would quickly get the page and/or site penalized.

But, starting with a page on a super strong trusted domain, with a ton of legitimate links to the domain, the additional spammy links to this particular page registers as such a low percentage of the overall link profile that the penalty isn’t likely to happen. So, those links work pretty much as well as they would have worked on any site 5 or so years ago, before the advent of manual and algorithmic penalties.

This is a bit of a perversion of a well-known positive SEO technique known as Barnacle SEO (a term coined by Will Scott), where you can point a bunch of links at your page on a site like Yelp to get that page to show on page 1.

The perpetrator in this case actually has an advantage over the positive Barnacle SEO practitioner, as he/she really has no risk of damage to themselves from using aggressive and nasty spammy link sources. Their OWN website is not involved at all, and it’s really impossible to trace the links back to the person who’s creating this.

So how do you combat this?

Removing the links from all the spammy sites is going to be pretty much impossible, as they’re on sites that are overwhelmed with other comment spam etc. Those webmasters already have a cleanup problem on a galactic scale–if they’re not cleaning spam comments and profiles up already, they’re unlikely to do all that work just because you asked nicely. In the case of the Google+ profile, you can report that to Google, but that’s not going to remove the links on all the blogs posted by them.

Before we proceed, it’s important to realize that while a super strong, trusted site like the one in question isn’t really likely to get penalized because of a few hundred crappy links to one page, where the risk really DOES lie is in having parasitic SEO practitioners discover that this particular site will not take action on this kind of tactic, and hence those people will start using the site as a host for similar attacks for their other clients. This COULD cause the overall percentage of backlinks from spammy sites to grow to where it does get the site penalized, especially if the parasitic SEO folks start using some of the more aggressive comment spam engines.

So, it’s really in the best interest of the webmaster of the trusted forum to nip this in the bud, save a possible penalty, and lessen the amount of IP address banning, cleanup, etc. they have to do going forwards.

Let’s look at your options for getting this off of page 1 of the SERPs, along with the issues and effort involved with each approach.

Get the Post Removed

The simplest answer of course would be to see if you could get the post taken down. In this case, though, the actual post is a reasonable and semi-useful discussion that the forum administrator isn’t likely to want to just delete.

Move the Post to a New URL

We can ask the webmaster to move the post to a new URL, updating links to the post within the forum, and NOT doing a 301 redirect from the old URL to the new URL. Now, all of those spammy links will point to a page that 404s, which eventually will cause Google to drop it from the index (although this can sometimes take a month or two). A better approach is to make that old URL return a 410 (HTTP response code meaning it’s gone permanently, vs. 404 which means it’s gone but possibly only temporarily).

Keep in mind, when you’re approaching a webmaster with a request like this, you’re asking a favor which is going to require some work on their part. Work that they’re not getting paid for, and that’s going to be getting in the way of whatever other projects are also on their plate. It behooves you to not only be respectful and non-accusatory in your request (after all, THEY didn’t cause the problem, it’s someone else abusing their site that’s the cause), but also do what you can to help them mitigate the effects of the spam on their site as well.

A CMS like WordPress makes this approach very simple. But others (like the one in question) make this sort of change very difficult and time-consuming.

Disavow the Spammy Links

In this example, we’ve done all the analysis to find all the spammy backlinks, so we can easily provide the IT Ninja webmaster with a disavow file excerpt that includes all the nasty porn etc. domains so that any further attempts by the same spammer to build links to the moved page (or other pages in the future) are derailed in advance, with no extra work for this webmaster.

If the webmaster uploads this disavow file (or adds it to their existing disavow file), that will accomplish the same goal–but it won’t have an effect until the next time Google reads the disavow file, which most likely means not until the next Penguin data update.

This approach is probably the least effort for the webmaster, and there’s the benefit to them of removing the effects of the potentially toxic links as well.

3 thoughts on “Parasitic SEO: InstallAware’s Competitor Attacks Using Negative SEO Tricks

  1. Hi Dave, thanks for your comment. Building links to discussions on places like Stack Overflow or GitHub is a good idea (either by manually building the links, or engaging in ongoing discussions, so people will link to those pages there, as you suggest).

  2. Same tactic is also be employed by Governments; They invent a dumb law or policy to coverup failures – then they employ or submit content for news services that promote related keywords. Idiots follow the news services story and the rest is history so to say.
    If the rules of engagement and society are used then any reply that debunks myths will be attacked by the uneducated (because you cant compete with someone who will always do the wrong thing when your always forced to be doing the right thing).
    I would suggest submitting articles that point to the fact the initial Dell site is flawed and anyone that thinks there is any kind of security in Microsoft products is simply uneducated or on some kind of substance of which even the Mob cant acquire because its that good. (The email notification of issue is a good start – for too long these things have been hidden away; I do feel for you because I have had the exact same experience and its not very nice)

Leave a Reply

Your email address will not be published. Required fields are marked *