Back in 2007, we had a client who needed a simple static website for her local small business. “Shelly” was thrilled with the design we created for her. The website was basic with location and service details, while the back-end was fully SEO’d.
In 2015, we caught up with Shelly to chat about her website. She told us that over the last year, she hired a SEO company who promised her the moon. Shelly was frustrated because customers were no longer coming to the website and she was looking for solutions. If only half of the promises came true, this would have been a win for Shelly and her business.
Unfortunately, not a single sale came from those services. Thousands of dollars later, Shelly fired the vendor, but that didn’t end her SEO troubles.
A Negative SEO Mess
We took on Shelly’s website and found a lot of targeted attacks. Static websites are very vulnerable in today’s world, even though they were once the gold standard. We suspected that the site may have been hacked before the SEO vendor was brought on and the hacking simply went unnoticed, maybe ignored. The SEO vendor’s black-hat tactics just made matters worse. After 15 years of web design, I have never seen a single website buried so far under negative SEO.
“Simply put, Negative SEO is the act of using Black Hat SEO on other websites in order to get them penalized by Google. Negative SEO can also include reducing the effectiveness of a website’s SEO properties by disabling or altering them.” – SEOpressor
It was obvious why customers had stopped using Shelly’s website. Web development had changed drastically since 2007, however there hadn’t been a substantial update to Shelly’s site in almost a decade. In fact, no one from her office visited the website. Everyone assumed since they hadn’t added an update, the site was untouched.
XXX – Porn Redirect
Right off the bat, we noticed that a redirect was uploaded to the homepage of Shelly’s website. We compared the “live” website to our back-up (yes, SonFisher is serious about back-ups!) and found the odd bit of code. A SEO hacker was able to upload a simple script to the server, likely through a weak FTP password that had remained unchanged for years. Removing that file and changing passwords fixed the redirect, but it wasn’t Shelly’s only problem.
To make the most of the redirect, the SEO added this little gem to Shelly’s meta-tags:
Meta Name="Robots" Content="Index, NoFollow"
This prevented Google and other search engines from crawling Shelly’s website beyond the index and causing traffic to disappear. To make matters worse, they removed the “description” meta-tag and alt tags, preventing her from ranking on valid keywords.
Altered Google Map Coordinates
I also noticed a subtle change in the Geo.Position meta-tag. This tag is great for GPS systems, Siri directions and other location services, so we love using it to help our customers have good Localization. However, for Shelly, her Negative SEO hacker changed this tag to point to one of her competitors down the street. It may even have been the competitor who hired the the hacker in the first place, but who’s to say? Shelly had received many calls over the years from upset clients who simply couldn’t find her offices. After this fix, those complaints stopped.
Bad Review Blast
Shelly had countless fake reviews. In fact she had four bad reviews for every good review we could find. These reviews were scattered across various websites, but clearly had the same source. Copy and pasted from Yelp to Google and to obscure industry websites. We reported each one as abuse, defamation or spam. One by one, the fake reviews fell off the search engines results.
Landing Pages with Bad Links
There was also an issue with landing pages created by the SEO vendor. These “doorway” pages had Shelly’s branding on them, but with the SEO’s phone number that redirected to Shelly’s office. Sound confusing? Without Shelly’s knowledge, the SEO company was placing themselves in the Google rankings (where Shelly’s website once was) to control the flow of phone calls from her potential customers. Once she fired them, they stopped redirecting her calls.
Again, she paid this “SEO” company to virtually cripple her web presence. I let their accounts manager deal with this one. After a short call, these pages slowly disappeared from Google.
How to Prevent Negative SEO
There are several things to look for if you’re worried about your website becoming the victim of SEO hacking, spam or competitor interference.
- Check on your site. It’s good to revisit your website from time to time. If you don’t have many changes over the year, it’s still good to monitor your website and look for suspicious activity.
- Add a Google Alert. It’s easy to let Google keep tabs on you. Set a Google alert for your company name or variations. Google will send you an email if something pops up.
- Search like you’re a customer. You know how to get to your site and social media, but your potential customers don’t. Use the search engines like it’s your first time finding your company. You’ll be surprised what pops up. (The big surprise for Shelly was seeing who was buying ad space with her company name as their keyword.)
- Use trusted developers and SEOs. This goes without saying, but ask your colleagues or network if they have a good recommendation for web developers or SEOs. Look for reviews online, your local chamber of commerce or the Better Business Bureau are great resources too.