What is a negative SEO and how to defend yourself ? [Case studies and tips]

“Technology is nothing. What’s important is that you have faith in people, that they’re basically good and smart, and if you give them tools, they’ll do wonderful things with them. : Steve Jobs

By analogy, SEO is a tool that can be used to successfully optimize the visibility of websites. Which in itself is a wonderful thing, isn’t it?

Unfortunately, there are not only benevolent “souls”. While SEO should be used to improve performance, some people use it to harm the visibility of websites on the web: is ThisNegative SEO or NSEO

The websites that are generally victims have direct competitors in the same niche who do not want to deteriorate their visibility by any means.

If you’ve heard of this concept before, you might be wondering if this dark side of SEO really exists.

Less than a week ago, I noticed that my website was the victim of a small scale NSEO attack. It is for this reason that I hastened to write this article which was not part of my schedule initially.

You will have the opportunity to discover in the next lines: 

  • What is the NSEO; 
  • Google’s opinions on the NSEO;
  • The reasons and proofs of its existence; 
  • The different NSEO practices; 
  • Tips for fighting NSEO attacks.

Ready to start? Let’s go! 


1. What is negative SEO and why does it exist?

1.1. What is the NSEO?

According to the SEO Dictionary

“This practice is used by people who want to destroy the e-reputation of their competitors. It consists of breaking the guidelines of all search engines in general and Google in particular. Many techniques are used for this practice.

Le côté obscur de la force

you imagine, “negative” SEO is the opposite of “positive” SEO.

Rather than improving a website’s performance in the SERPs, Negative SEO is a malicious attempt taken against a site with the aim of hurting its rankings.

The goal is therefore to see the website lose positions or be completely removed from search results following a search engine penalty. 

This practice is generally used to harm the competition. The idea behind it is quite simple, if the competitors lose places, the website of the one who uses the NSEO will be all the more likely to emerge. 

Like positive SEO, Negative SEO includes several techniques, namely:  

  • The creation of hundreds or thousands of spammy links to the website; 
  • Sending false link removal requests; 
  • The creation of negative opinions for its competitors; 
  • Full republication of content; 
  • Website hacking.   

These are some of the methods used by unscrupulous SEOs, which I would personally classify as dishonest. 

Why use such practices? you would say.

1.2. Why does Negative SEO exist?

At this level, I would not attempt to give all the reasons that would motivate a person to use the NSEO. Instead, I’m going to focus on the level of competition which, in my opinion, explains most of these initiatives.

Indeed, it is important to note that the competition is very high on the web. 

There are more than 1.94 billion sites on the web and the amount of information posted every minute is impressive: 

60 secodes sur le WEB

Difficult to navigate, don’t you think?

Added to this is the fact that search engines highlight only a small portion of this content and therefore of these websites.

Take, for example, the query “garden haystack”:

Beaucoup de resultats dans les SERPs

As you can see, there are 26 million results or web pages. 

But Google only displays the 10 results per page by default: 

Google affiche 10 resultat par page

The 10 results on the first page are obviously those with the greatest visibility. Is it worth it to be present in these 10 results?

The statistics are clear on this subject: 

First, it is important to note that 93% of online experiences begin with a search engine.

93 des experiences en lignes commencent avec un moteur de recherche 2

Most of what we do on the web starts with search engines. Which means that occupying a good position is synonymous with great visibility on the web.

Second, 75% of users never make it past the first page of results: 

75 des utilistateurs preferent des publicites personnalises en fonction de la location


Without forgetting that more than 60% of clicks go to the first 3 results:

Taux de clics en fonction de la position dans la SERP

For a company, having more traffic or a high click rate allows for more conversion, as shown by Larry Kim in one of his articles.

Obviously, more conversion generally means more turnover for the company.

Conclusion: There is a real “war” of positioning in the SERPs

The advantages offered by the first positions encourage ” those who do not think they can dethrone other websites “, to use NSEO techniques. Thus, a decline in position for others could allow them to emerge. 

But rest assured, things don’t always go their way, luckily.

That being the case, how can a website be penalized for the actions of another person? Keep reading and you will know how such a thing can happen.

2. How does Negative SEO work? 

2.1 Google guidelines must be observed! 

We know that a site can be penalized or can be deleted by Google’s algorithms if it does not respect its guidelines

Consignes de Google

The firm clearly indicates that practices that go against its guidelines can: 

“result in the application a manual action due to spam, an algorithmic type sanction or the definitive removal of the site concerned from the Google index”.

Thus, when resorting, for example, to the construction of manipulative links , the search engine can penalize the site: 

  • By a manual action
  • By an unreported downgrade in the SERPs; 
  • By a removal from the Google website. 

We can deduce that if the backlinks you had to create could harm you, then it makes sense that the links someone else created to your site could have the same negative effect. 

After all, how can Google tell who built all those spammy links, or duplicate content across hundreds of domains?

If the attack is sophisticated enough, they can’t know. 

Let’s not just stop at these guesses and see what Google really thinks about Negative SEO or NSEO.

2.2. What does Google think of negative SEO?

Negative SEO or NSEO was really popularized in 2012 when Google launched its Penguin algorithm. 

Even so, I find it relevant to assume that this is a concept that has been around since the early days of SEO in reality. Indeed, it is above all a desire to harm a competing site by all means.

hackers SEO

However, interest in the concept became popular in 2012 when Penguin emerged to penalize websites that artificially link to each other in an attempt to gain top positions. 

You can see that with Google Trends, interest in the term ” negative SEO ” peaked in April 2012: 

Tendance NSEO

This spike coincides with the exact launch date of Penguin : April 24, 2012. This is also when It was there that the question of whether or not you could negatively affect a competitor’s site by pointing bad links to it became a very common discussion.

form of NSEO attack:

thisRegarding the NSEO itself, a series of questions were posed to Googler John Mueller.

You can find all the discussions in this article by Marie Haynes

However, here is a series of 8 videos that will give you an idea of ​​Google’s point of view. 

Note that the following videos take you directly to the parts where the NSEO question was asked.









What emerges from these different pieces of information? There are basically 6 points that are important to remember: 

2.2.1. The NSEO does exist! 

The question of the existence of the NSEO finds its answer in these videos. 

Indeed, Google recognizes that it is possible for a website to be penalized following an NSEO attack. 

2.2.2. Google strives to limit damage 

Google continues to work hard to ensure that a competitor cannot harm another website by pointing bad links to it. 

This in particular thanks to the improvement of its algorithms, which leads us to the next point.

2.2.3. Google’s algorithms are getting smarter

Google’s algorithms are able to some extent to know whether links are being created either even or not. 

Indeed, Google relies on the backlink creation history of a site when its administrator denounces NSEO attacks.

But if the site owner had a habit of artificially linking to your website, there’s a slim chance that Google is blaming one of their competitors.

This is a situation that has happened repeatedly according to John Mueller. Which evokes the importance of always using White Hat SEO practices in order to see your potential future requests succeed.

2.2.4. Google often ignores spammy links 

If you notice a bunch of bad links pointing to your site, chances are they won’t do you any harm. In previous videos, the two googlers have indicated that the algorithms almost automatically ignore spammy links.

But, Google also admits that it’s not perfect all the time and it’s a good idea to disavow any link that you consider spammy.

We will come back to this in the next chapters. But for now keep in mind that the presence of spammy links to some extent does not automatically imply a penalty from Google.

2.2.5. Help Google learn about NSEO practices 

If you see a situation where you think negative SEO is actually being used, Google would like you to report

Signaler un abus a Google

Or mention it in webmaster forums :

Forum webmaster de Google

They will look into the situation to see if they can improve their algorithms.

2.2.6. Not all spammy links are from NSEO 

The vast majority of cases where people report NSEO attacks to Google end up not. 

It is therefore important to distinguish between NSEO attacks and those that are not.

These are the conclusions that can be drawn from the various interventions of Google on the subject. However, there are still a few pieces of information from one of my publications on LinkedIn that are useful to take into account.   

2.3. Should you fear the effects of an NSEO attack?

Many SEO experts believe that with the latest Penguin update, Google is simply ignoring spammy links, rather than penalizing websites for their presence.

This may be one of the reasons why the disavow file is not automatically taken into account by Google. 

This was confirmed by Olivier Andrieu, when I posted on LinkedIn about the attack on my website. 

Communication LinkedIn NSEO

I was privileged to have Olivier’s comment which states: 

“I confirm: the disavow file only works in case of manual action. The rest of the time, it’s ineffective. This was confirmed to me by several googlers… but it’s also true that Google’s communication on the subject is quite poor ☹️☹️☹️ » 

Communication LinkedIn NSEO 2

To go further, you can consult his video:

That said, it would be wise not to not wait for manual action before disavowing any poor quality links resulting from an NSEO, just to be on the safe side. 

You can check out this conversation between Gary Illyes of Google and Barry Schwarz of Search Engine Round Table

Soumettre fichier de desaveu

According to this Googler, it would be wise to submit a disavow file without necessarily waiting for manual action from Google. 

This is exactly what I advise you: Take automatic initiatives to reduce the possible effects of an NSEO attack.

As you have seen, discussions with Google are mostly about links. This is the most used method and I will come back to it in the next chapters.

But using spammy links isn’t the only tactic used to harm a website.

It is a good idea to know all the NSEO practices in order to make better decisions when you are a victim of them. 

Speaking of victims, here are concrete cases that show the impact that the NSEO can have. 

3. Some practical cases of Negative SEO!

3.1. My SEO Agency Twaino 

It’s a bit sad, but my website was the subject of an NSEO attack. 

It was the classic method which is the creation of spammy links whose objective was to see my website Twaino penalized with Google.

Google Search Console NSEO

You can see that there is a single domain with more than 5 hundred links and other websites with a few dozen links. 

The real problem lies in their spam score which is quite high:

Moz Linkexplorer NSEO

I haven’t even really started netlinking campaigns yet, as I explained in my article on how to go from 0 to 1000 visitors

With the spam score of these domains and the fact that they are really unpopular, this is obviously a malicious attack. Especially since using Moz, I found that one of the websites that linked to my website managed to set up a fake URL with the following address: 

“Twaino.com/blackhat-2019 -2020 »

Faux URL Attaque NSEO

Since the start, my positioning with my agency Twaino has been 100% White Hat, so identifying spammy links has been quite easy and quick for me. 

So, to the extent that I’ve managed to get traction and visibility on my website over the past six months of launch, it would be totally counterproductive to create these types of links to my website myself.

Since I would risk being penalized, while I had rather interesting results with my site so far:

De 1000 a 2000 visiteurs GA

I then submitted the list of links to be disavowed by Google:

Desaveu de liens

I will come back in the next chapters on the false parameterization of URLs as well as the disavowal of links:

Desaveu de liens NSEO

The NSEO is not a tactic that dates from today and other agencies or SEO experts have been victims of it. Some attacks are larger than that suffered by Twaino. 

In the next few sections, I will introduce you to several cases of NSEO, telling you about their magnitude and their effects.

Note that some of these examples are several years old, but their relevance still holds true.

Also, with Google Penguin running since 2016 in real time, recovery from any NSEO based spam link should be much faster.

Indeed, a site penalized by the algorithm had to wait several months before being released, even if the necessary corrections had been quickly made. 

Google says of the algorithm update: 

“With this change, Penguin’s data is refreshed in real time, so changes will be visible much faster, typically taking effect soon after removal and reindexing a page. “.

Thus, recovering from an NSEO attack should no longer take too long. Which means that among the cases that I will list, some have taken longer than they would need today to recover from a penalty. 

3.2. The Eskimoz SEO agency 

In its article on negative SEO, the Eskimoz explains that it has suffered an attack from ill-intentioned competitors. 

Eskimoz NSEO

Indeed, the attacker basically spammed comments from various irrelevant sites with the same: 

  • Text; 
  • Link ; 
  • Anchor text.
Spam attaque Eskimoz

Source : Eskimoz

Spam attaque Eskimoz 2

Source : Eskimoz

The agency reveals that these are thousands of comments and that their identity has been usurped.  

The consequences: Many people believed that it was the work of Eskimoz:

Attaque NSEO Eskimoz

Source : Eskimoz

Fortunately, the agency took the necessary measures to fight against this attack and the perpetrator was also found. 

A story that ends well!

3.3. Jacob King

Jacob King is an SEO expert who was also a victim of NSEO. In his article on negative SEO, he recounts his misadventure as well as that of one of his friends.

Blog Jacok king

For his own website, Jacob noticed an anomaly in the profile of his anchor texts:

Attaque negative seo jacob king

After taking the necessary measures, he estimates that the attack had no visible negative effect on his website:

Attaque negative seo jacob king 2

The site friend Robert Neu’s web site was similarly attacked with a spammy anchor text profile:

Attaque NSEO jacob king 3

But this time the story was much more dramatic:

Recuperation apres une attaque nseo

Luckily it didn’t end there as Robert provided a great effort to disavow the thousands of spammy links. 

The result: There was a noticeable return of its traffic:

Recuperation apres une attaque nseo 2

Similarly its ranking on one of its main keywords improved following a fall:

Recuperation apres une attaque nseo 3

3.4. The Jellyfish Agency

article Cognitiveseo.com describing how jellyfish was attacked using the NSEO.

You may see a drop in traffic: 

Coinciding with a large number of artificial links: 

Hausse de liens artificiels Jellyfish 2

“As an established digital agency with reputable competitors, we don’t usually receive such attacks, but when our SEO team pointed out our recent drop in organic visibility, we quickly established that it was caused by deliberate and negative SEO tactics. “.

Jonathan Verrall, Jellyfish.

3.5. Bartosz Góralewicz’s Clients

In his article describing cases of NSEO, Bartosz Góralewicz states: 

“Something was seriously wrong with the sites of two of my clients. They didn’t suffer from panda or penguin issues. Their sites were healthier than most of their competitors. Still, I spent 2 months fixing every issue I could think of and still no rankings had changed. Something else, something new was taking away their search visibility. I explored everything I could. Their backlinks were clean, their citations were accurate, and their page elements were also properly optimized. “.

This case shows how badly the problem can affect a website. 

If the right measures are not taken, you risk putting your efforts in vain.  

This is why it is important to know quickly whether you are suffering from an NSEO attack or not.

4. Don’t confuse NSEO with these situations…

There are many situations that look like NSEO, but aren’t. 

I took care to take, here and there, some data from the experiences of several SEO experts.

4.1. Weird Links Are Not Necessarily Bad Links

There are certain websites that link to most websites on the web. 

Indeed, this question has been the subject of a discussion on the Google forum.

It is recognized that there are certain links which are self-generated and found on most websites. 

These are usually links from sites that analyze and provide information about domains. 

In addition, they are often more numerous than the naturally created links:

Les liens spammeurs ne sont pas toujours mauvais

As you can see through this comment, some platforms such as directories can share the domains of their directory with other websites.

These will then link to the websites and as is common practice, Google ignores most of these links. 

However, it is recommended to remove links from domains such as: 

  • Askives; 
  • Yellowbot; 
  • Mrwhatis; 
  • Etc…

The idea is to let you know that finding weird links on a website doesn’t necessarily mean you’re under attack.

4.2. Sitewide links aren’t always bad links

If you see an image that looks like the following, it’s not always a bad sign:

Nombre de backlinks exorbitant

Source : Moz

If you notice that there are popular sites linking to your website with a high volume of links, it is almost obvious that these are not artificial links or spammers. 

In the previous image, it is yellowpages.com, the English version of PagesJaunes.fr:

Analyse de domaine Moz

Its authority and spam scores are excellent! 

If you have a large number of links from such domains, you can be reassured. 

But if you are in the same situation with a not very well-known site, you can check with your relatives. This is to help you determine if a friend is trying to help your website by placing your link in their website menu. 

Although the intention is good, sometimes it can harm your website

If you notice such a thing, it would be helpful to request that they simply remove those links so you don’t get penalized.

4.3. A link purchase that continues to replicate 

Personally, I have never experienced a problem like this for one of my clients, insofar as I do not recommend the purchase of links. But some SEO experts have had situations where the link purchases they made come back to haunt them years later.

This is Marie Haynes who explains in her article

Apparition de liens artificiels

She makes it clear that she bought a citation creation package to be listed in directories. 

Although she took care to delete them, they continue to replicate themselves years later. 

Therefore, check if it is not the links that you had the opportunity to buy (I hope not) that come back to bother you. 

And here are three different cases that may look like NSEO, but aren’t. 

That being the case, how do you spot an NSEO attack?

5. How to spot a negative SEO attack?

At this level, I show you the signs that can alert you to a possible NSEO attack.

5.1. Sudden drop in organic traffic

The purpose of negative SEO is to reduce your position in search engines. It is completely normal for a sudden change in traffic to result in an attack.

Penalite de Google

Source : SEOpressor

If you notice a major drop in your traffic overnight then (assuming you haven’t done anything shady yourself) it could be a sign of Negative SEO.

5.2. Google Penalty Notification

There are two types of Google Penalties: 

5.2.1. Algorithmic  

penalty An algorithmic penalty is a penalty that is automatically applied by Google without any human intervention.

Most link spam algorithmic penalties are triggered by the Penguin.

With an algorithmic penalty, you will not receive a notification from Google.

You will usually only be able to spot an algorithmic penalty by noticing a drop in traffic and rankings.

Baisse de trafic soudaine

5.2.2. Manual action: 

A manual action occurs when a member of Google’s web spam team reviews your link profile and applies a manual penalty.

There are several things that can trigger a review of your website. 

These include: 

  • An anti-spam report from a competitor;
  • Something in your algorithmically detected link profile that triggered a manual review; 
  • Because you are in a competitive niche that Google actively monitors and will not hesitate to sanction at the slightest alert; 
  • Etc.

You will receive a message from Google telling you that they have taken action against your site along with some guidelines to fix the problem.

Action manuelle de Google

Source : Abondance

There are SEO practices that can trigger a penalization of your website. 

Most are techniques that go against Google’s guidelines, but they can also be badly executed best practices. 

I will soon write an article on the subject in order to show you the practices to be carried out with great care.  

If you haven’t used any Black Hat SEO practices, then receiving a manual action can result in a negative SEO attack.

5.3. Declining Rankings for Certain Keywords 

If your traffic from search engines is declining, chances are your website’s ranking for certain keywords is also declining.

You can use SEO tools like Ahrefs and Moz to track the rankings of your most important keywords.

If you prefer the free options, Ubersuggest is a great alternative. You can check out my guide on the tool to see how it works. 

The principle is simple, you register on Ubersuggest with your email:

Inscription Ubersuggest

Then you create a new project:

Creation de projet sur Ubersuggest

At one stage of the process, you can select up to 25 keywords to follow closely:

Choix de mots-clés sur Ubersuggest

Then you have an interface like this one:

Tableau de bord Ubersuggest

By clicking on Tracked Keywords, you have a fairly complete summary of the trends:

Suivi de position

In this case, our position in the SERPs is quite static. But if there was a sudden drop, it could be a sign of NSEO.

Paid tools can email you a weekly report showing position changes for all the keywords you track.

Thus, you will not have to go through SEO tools every time to carry out checks. So be sure to track your positions against your most important keywords.

Now let’s take a look at the different negative SEO strategies and ways to defend yourself.

What are the different Negative SEO strategies & how to fight against them?

A competitor can use different kinds of NSEO tactics to try to harm your website.

These methods are sometimes completely illegal and can therefore be punished by law.

So I’m going to expand on the different types of NSEO attacks and the ways you can use to spot and defend against them.

6.1. Creating spammy links 

This is probably the most common method used in the NSEO. The result is usually a sudden spike in spammy links pointing to your website. 

These links are generally created thanks to: 

  • A networks of links; 
  • Has a great feedback campaign; 
  • To anonymous service providers; 
  • Etc…

The goal of this method is obviously to see your website penalized algorithmically or through a manual action by Google. 

There are basically two approaches to this tactic: 

Approach 1: Link Volume 

This generally involves bombarding the website with thousands of low quality links. The domain names of the sites from which they come can have extensions such as: 

  • .ru; 
  • .cz;
  • .com.br; 
  • .ro; 
  • .bg; 
  • .biz; 
  • .info;
  • .cn; 
  • .pl; 
  • .com.ar; 
  • Etc…

Links can also come from blogs that are irrelevant to your business and have absolutely nothing to do with your theme. 

In the same logic, having backlinks from sites with a bad reputation can be a sign of attack. These include, for example: 

  • Pornographic sites; 
  • Gambling sites; 
  • Etc…

The amount of links varies and ranges from a few hundred to several thousand. 

It is important to note that the use of nofollow attribution can influence the impact of links.

Indeed, the nofollow makes it possible to signal to the search engines that the links should not be taken into account in the evaluations. 

Thus, spammy links with this attribute are not as “dangerous” as dofollow links or normal links. 

However, a study by Moz reveals that nofollow links are sometimes taken into account: 

Les liens nofollow ne sont pas suivis, mais ils peuventn avoir une certaine valeur à ne pas négliger

Nevertheless, it is important to determine the type of backlinks you have if you have a spike in artificial links. 

Prioritize dofollow links rather than nofollow links which are not likely to have a big impact. What is confirmed by Eskimoz when they tried to remove spammy links: 

A large number of artificial dofollow links can indeed induce a penalty. Especially since Google believes that its algorithms are not perfect for automatically ignoring spammy links. 

Approach 2: Over-optimized anchor text 

At this level, the author uses the same anchor text for his links in order to harm the ratio of a particular page. The links can come from a multitude of websites, but the anchor text remains the same.

Les ancres de texte

But to what extent can these text anchors impact your website? Let’s review a few concepts that I find important.

The text anchors allow Google to better understand the theme treated on the page to which their links point. 

The firm states in one of its patents

“Google uses a number of techniques to improve search quality, including page ranking, anchor text, and proximity information […] First, anchors often provide more accurate descriptions of web pages than the pages themselves. “.

Therefore, if you link to a page with the anchor text “garden plant”, Google considers that the page in question relates to this expression.

If a significant number of websites link to said page web with almost the same anchor text, Google considers that the page should be positioned for “garden plant”

Indeed, the chances are very small that several websites use similar anchor texts, if the page in question does not address the topic.

If so, how can the anchor text that is so valuable to Google be the cause of a penalty?

If the author of the NSEO uses the same anchor text to create thousands links to your site, the latter could see its position improved on the targeted keyword. Even if this is not always the case!

Nevertheless, this is the situation that the Eskimoz agency has experienced. It has seen its position improve for the query “SEO Agency” which is the anchor used by the author of the attack: 

Eskimoz occupe les deux premières positions

Source : Eskimoz

An extreme case of this type of attack is Google Bombing

“Google bomb is a method of referencing which aims to manipulate the results of the search engine by displaying in the SERP a person or an organization unrelated to the query keyword. This practice is generally used for humorous purposes and we distinguish, for example, the query “idiot” which refers to images of Donald Trump or “miserable failure” referring to George W. Bush in the results.case

Google bombing Donald Trump


Google Bombing George Bush

, the risk of being penalized for a lot of exact anchor text is high when it comes to a particular website. 

Eskimoz confirms this elsewhere in his article: 

Risque penalite pengouin

Indeed, when Google finds a large numberof exact text anchors, it considers that you are trying to manipulate its algorithms. 

Besides, isn’t there a slim chance that several websites will use the exact same anchor text to link to your website?

These are usually Black Hat SEO tactics that use automatic solutions to create hundreds or even thousands of artificial links. 

Google usually decides to ignore them as this conversation on Twitter between Olivier Andrieu and Vincent Corson, a googler, shows: 

Google ignore les liens spammeurs

But this is not always the case, as I had occasion to mention in previous chapters. There is a risk that the website will be penalized!

That’s why it’s important that your link and anchor text profile is as natural as possible. 

The two approaches are usually combined, leading to a high number of spammy backlinks with over-optimized anchor texts. 

Let’s see how you can spot such an NSEO attack.

6.1.1. How to quickly detect spammy backlinks?


You can use 3 different methods to do this: 

Method 1: Find spammy links with SEO tools

This is probably the easiest method to use. 

Indeed, you will simply create an alert that will allow you to be aware of the creation of new links to your website.

When the tool discovers a new link, you receive alerts by email. 

If you notice an influx of poor quality links, it may be an NSEO attack. You can then take the appropriate measures.

Method 2: Track the number of referring domains of the website

Referring domain statistics can help you quickly spot spikes in your backlink profile.

If I take the Jellyfish example from earlier, you might have a pattern like this:

Hausse de liens artificiels Jellyfish

Of course, a sudden increase in the number of domains listed could be a good thing in case one of your posts went viral . 

But it is possible that it is also a sign of an NSEO attack.

So whenever you notice a spike, it’s a good idea to take a look at exactly where the links are coming from to make sure everything looks right.

Method 3: Track the Anchor Text Report

As a final option, you can use backlink anchor texts to determine if you are a victim of an NSEO attack. 

That said, it’s not as effective as evaluating the number of links or referring domains.

SEO tools can also allow you to have accurate data on the anchor texts that point to your website. 

You will be able to know: 

  • The proportion of each anchor text compared to the others; 
  • The number of referring domains and pages using the anchor; 
  • The proportion of dofollow;
  • Etc…

These different elements can allow you to determine the state of your link profile. 

If, for example, you come under attack, you might end up with a diagram like that of Jacob King’s friend, quoted earlier: 

Attaque NSEO jacob king 3

In this image, which depicted the anchor text ratio of his website, you’ll find that “porn movie” has the highest percentage. 

In this case, there should be no doubt that there is an NSEO attack.

6.1.2. How to fight a spammy link attack

There will probably be no way to automatically remove spammy links.

So your best bet is to request their removal or disavow them.

Disavowing links involves uploading a list of links to Google in a specific format that basically tells them, ” I don’t vouch for these links – please ignore them .” 

So follow these steps: 

Step 1: Identify spammy links 

Your first step will be to identify the links that are harmful to your site. 

If you are attacked, chances are there are hundreds or even thousands of links pointing to your site.

There are many link audit tools you can use to perform this step. 

First, you have the Search Console which allows you to see: 

  • The destination pages, i.e. those with backlinks:
Nombre de liens Google search console
  • The destination pages, i.e. those with backlinks:
Principales pages de destinations des backlinks
  • The referring domains and the anchor texts :
Sites referents et textes d_ancres

You can use paid tools such as Moz and Ahrefs to have a full audit of your link profile. 

There is also Ubersuggest which is a free solution that you can use. The tool allows you to know your backlinks profile. 

Enter your website and click on “Backlinks” in the “SEO Analyzer” section.

Liens retours twaino

You will have the list of your backlinks and the pages to which they point. 

That way, you’ll know exactly which links to add to your disavow list.

Step 2: Directly request the deletion of the links

In the case of an NSEO attack, there is a chance of having the links removed by simply asking the administrators of the websites.

Send polite emails to the sites where you found these links, asking that the links be removed. Or where possible change them to nofollow.

Your email should contain information such as:

  • Your name, position and contact details;
  • The page(s) where you found the link(s) you wish to remove;
  • A deadline by which you will take action for any links that have not been manually removed.

It’s a good idea to keep a spreadsheet or use an automatic email management system so you know: 

  • Who you contacted; 
  • When and what type of response you received. 

This spreadsheet will also help you create a disavow file.

Also, if you face a denial or are asked to pay for removal, there is always the option to disavow. 

Step 3: Disavow the links 

If the links have not been removed by the deadline you set, you will need to move on to creating a disavow file.  

Google allows webmasters or website administrators to disavow links. In other words, to effectively remove the bonds of their power.

Desavouer des liens entrants

However, the search engine warns that disavowal can be harmful to websites if used inappropriately:

Le desaveu de liens est risqué

You can check out its link disavow guidelines.

Only select links that you are absolutely sure are harmful to your website. 

A thousand links from a spammy gambling site is a good example of links to disavow. However, a link or two backlinks from a blog with a different theme to yours will not necessarily harm you, even if they look strange. 

You should focus on those that are clearly suspicious or placed with malicious intent. 

Once you have selected the links, you will need to create a text file containing the list of links or domains you wish to disavow.

Then, go to the disavow page in Search Console: 

Desaveu des liens avec Google Search Console

Download file:

Soumission de liens a desavouer

Validate and voila! You have just disavowed spammy links from the NSEO attack.

But there remains another step which is particularly aimed at sites that have been the subject of a manual action.

Step 4: Submit a request for reconsideration

If you have suffered a manual action in relation to spammy links, this is the last step to take. 

Once you’ve submitted the disavow file, you’ll need to submit a reconsideration request to get back into the search engine results:

Demande de réexamen

You can watch this video by Matt Cutts that shows what to include in a disavow file:

This action is also performed in the Search Console:

Verifier si vous faites l_objet d_une action manuelle

Et voilà! You have just completed all the actions you were required to take. Only Google remains in relation to your submissions. 

Now the NSEO has more than one trick up its sleeve and creating spammy links is not the only one. 

6.2. Fake Link Removal Requests

In an effort to hurt a website’s rankings, some SEOs may use this tactic.

This involves sending letters requesting the removal of links which may look like this: 

“Dear webmaster, Our client’s site x has links on your page y. Due to recent changes in Google’s algorithm, we no longer need these links and ask that you remove them. We thank you, SEO Agency »

These kinds of requests are often strange since they relate to links placed in an editorial way and therefore do not constitute any risk for the sites.

Such requests are usually fake and do not come from the websites to which the links point.

Keep in mind that backlinks are very important ranking factors.

Position dans Google en fonction du nombre de backlinks

When you lose it, there is a risk that the positioning of your web pages will be affected.

6.2.1. How to detect a link removal attack?

It is not possible to stop a campaign of fake link removal requests.

But you can look for signs of an active link removal attack and take the necessary precautions to protect your backlinks.

At this level, you can also place an alert on SEO tools such as Ahrefs in order to be notified when you lose links.

Alerts Ahrefs

When you see a significant drop in your backlinks over a short period of time, you can investigate to determine what is going on.

It would be a good idea to send friendly emails to old referring websites and ask them why the link to your website was removed when: 

  • Pages on other websites that have your links have not been removed; 
  • You cannot find, on your side, any cause for this situation.

As with any request, the email should be short and straight to the point.

You can use this mail template: 

“Hi xxxxx, We noticed that you recently removed a link to our article {xxxx} from your post or article {yyy}. We wonder if there was a particular reason why you removed the link? We’d love to feature on your site again, so let us know if there’s anything we can do to get the link back on. Thank you, {your name} {your site}”

And of course, if the removal stems from a fake link removal request, chances are they will let you know.

If your suspicions are confirmed, all that remains is to take the appropriate measures. 

6.2.2. Approaches to defending against false requests

Approach 1: Links have been removed

If you find that your backlinks have been removed, it is important to let websites know that the request did not come from you.

You can also ask them to re-link where possible.

Approach 2: Links are still active 

For links that are still active, it is important to contact the referring sites to ask them to ignore any request to remove links.

Try to get in touch with as many websites as possible and of course, as soon as possible allows you to minimize any loss of links.

Google Search Console lets you know which websites have backlinked to yours. 

But to be more specific, you can use SEO tools to accurately determine which pages each website has linked to.

This allows you to be as specific as possible in your messages. 

If you find that it is the links to a given article or page that are the object of the attack, the task becomes easier. 

It will only be necessary to contact the websites that have made links to the page in question. 

However, try to be as quick as possible in your approach to defend yourself against this form of attack.

6.3. Content Scraping

Among its more than 200 ranking factors, Google doesn’t particularly like duplicate content, whether on the same or on different websites.

Google advises that: 

The site’s ranking may suffer, or the site may be removed from the Google index entirely, in which case it will no longer appear in search results. “. 

However, this is not an automatic action, since the search engine:

will choose a URL as the canonical version and crawl it, and all other URLs will be considered duplicate URLs and crawled less often. “.

In the event that someone decides to publish your content on a large scale, this can become a real problem.

You hope that Google will be smart enough to recognize your site as the original source of the content. They do most of the time, but not always. 

There is a series of questions that makes sense: 

  • What if your content is automatically “scraped”, published and Google indexes it before yours? 
  • And what if your content gets scraped and published on authority sites like Amazon? Will you be able to outrank such websites?

Or, what if the competitor reposts your content and submits a DMCA against your content? 

As is the case with this example: 

Le scraping content

Source : Ahrefs

It seems obvious that under these conditions, you will incur losses, especially if it is authority content that is several thousand words long. 

6.3.1. How to detect content scraping?

The easiest way to tell if your content has been scraped is to copy a paragraph and paste it into Google with the quotes syntax:

Detecter les contenus scraper

This is a fairly easy task when it comes to a handful of content. 

But when you have many items, it can consume a lot of time.

This is why you can use solutions such as Copyscape :

Copyscape pour les contenus scraper

To use Copyscape, all you have to do is enter the URL of the page you want to analyze. 

You can then have this result: 

Detecter du contenu scraper 1

There is no result, which reassures me that my content has not been “scraped”. 

That said, you can have a similar result if you had the opportunity to cite sources in your content:

Detecter du contenu scraper 2

For long content, I often quote the assertions of certain SEO blogs and particularly Google. 

To search multiple pages at once, you will need a Copyscape Premium account:

You can watch this video to see how Copyscape actually works:


6.3.2. What to do if you find that your content has been scraped?

When you find that your content has been scraped, you can first ask the author to remove the content in question.

It will suffice to send an email to the website that scraped the content without attribution.

Although a positive result is not guaranteed, you can always try to contact the website that appears to be attacking you.

This is the solution recommended by Google on its content removal help page: 

“Even if we remove the site or image from search results, the site still exists and can be accessed using the URL, if shared on social networks or via other search engines.

The best solution is therefore to contact the webmaster who can delete the entire page. »

In the event that you do not have a positive response, you will submit a DMCA or Digital Millennium Copyright Act complaint against each page. 

This is a solution that Google has implemented that can help you remove duplicate content.

A DMCA takedown request should be your last resort to protect your copyrighted content online. 

This should only be used when a site grossly violates your copyright without attribution and does not respond to any of your removal or attribution requests.

To do this, go to the DMCA and log in:

DCMA Suppression de contenu sur Google

Unlike submitting links to disavow, DMCA removal of content is not a quick process.

You will need to submit each of the pages that scraped your content at a time. 

Therefore, if there are 10 pages on which your copyrights have been violated, you will have to submit 10 different requests. 

Also, it is very important to provide as much detail as possible in your submission to increase your chances of being accepted.

If you are successful in removing duplicate content from Google, your search traffic should recover.

Most interestingly, you can use the WordPress DMCA plugin to try to deter potential content thieves: 

DCMA Plugin

To go further on the DMCA, you can consult this article from Copyrightalliance

6.4. Fake URL Parameters

I had occasion to describe in my SEO article how URLs can cause trouble if they are not set up correctly. 

For example http://www.example.com is different from: 

While these three addresses lead to the same page.

If you don’t use the correct settings, Google may index the same webpage multiple times. And thePanda algorithm may penalize your website since there will be no variation in content.

The NSEO can use this to their advantage by linking to pages on your site using fake URL parameters.

Google will follow these links and if the site is not configured correctly, will index the same page several times. Which gives rise to duplicate content and Google makes it known in its guide on duplicate content : 

Indexation et affichage

So there are risks of being penalized in this way and my website has been a victim of it, as I have already mentioned:

Faux URL Attaque NSEO

In the image above, the attacker created the fake URL “twaino.com/blackhat-2019-2020” which redirects to my homepage. Then he made links from his website to mine.

6.4.1. How to detect fake URL parameters?

To detect such a problem, you must audit your link profile. 

This way you can determine if there are URLs that you did not create yourself that redirect to some of your pages.

I have already had occasion to mention several tools that you can use to analyze your link profile.

6.4.2. How to Defend Against Fake Parameter Attacks

Unlike other tactics, protecting your site against this type of attack is easy. 

Consider the following example:

The same page loads with the two different URLs.

For this, it is necessary to set up a canonical URL tag, which allows Google to know which is the main version of the page.

This tag can look like this: 

<link rel=”canonical” href=”https://example.com/blog/seo/” />

The canonical tag allows you to tell Google that it should only index the Root URL and ignore all additional parameters.

Adding a canonical URL should be all you need to do to combat this kind of attack. 

But you can also use the noindex to URLs that shouldn’t be indexed.

6.5. Website hacking 

Did you know? There’s a hacker attack every 39 seconds and 66% of businesses attacked by hackers weren’t sure they could recover.

This latest NSEO method crosses the line into crime. 

However, it is not necessarily a competitor who will consider hacking your website. Thus, it is not always NSEO.

But if he does, I don’t want you to find yourself in the same situation as the 66% of companies mentioned above.

It’s important to note that Google wants to protect its users and will take a dim view of any site that hosts malware or links to sites that do.

The search engine risks adding in the SERPs the mention ” It is possible that this site has been hacked ” to all the results of the site: 

Message de Google site pirate

In general, the authors take advantage of the vulnerability of a plugin which has not been updated

They will then hack the site by creating new pages which they will try to rank by creating numerous spammy links. 

The pages are obviously redirected to pages on their website or platforms they use.

There is a good chance that your site will be hacked if you see a high number of redirects and strange keyword anchors such as:  

  • Viagra; 
  • Cialis; 
  • Casinos; 
  • Payday loans; 
  • Etc.

6.5.1. How to recover a website that has been hacked?

In most cases, these links can be removed by finding and deleting the pages the hacker has created on your site. It only works if you are in the situation described above.

However, you will have to follow Google’s guidelines to know what action to take: 

Assistance Google pour site web pirate

Through its content, Google shows the different steps:

Assistance Google pour site web pirate 2

If you are not good at it, it is a good idea to use someone who is familiar with this kind of problem. He will know how the hacker got in and how you can close the issues.

6.5.2. Some tips to keep your website safe from hackers: 

Se protéger contre les attaques NSEO

Why wait to be hacked before taking precautions? 

There are certain actions that you should put on the to-do list in order to guarantee the security of your website. 

Going through these steps once a month or so should be enough: 

Tip 1: Update WordPress Regularly WordPress

continually improves through updates. For each of them, bugs and security vulnerabilities are fixed. 

Also, if a particularly malicious bug is found, the WordPress team will immediately fix it and quickly release a new, more secure version. 

Under these conditions, you risk being hacked if you do not update early.

The same goes for plugins and themes. 

You need to update your theme and the plugins you have installed on your site. 

This keeps you safe from bugs and potential security breaches.

This is the case, for example, of WooCommerce , which experienced a security breach in 2015. 

An update was quickly launched to resolve the situation: 

Mise a jour woocommerce suite a un bug

To update your plugins, simply go to the “Extensions” section : 

Then, just click on the “Update Now” button.

There are however some precautions to be taken and you can consult my article on updating themes and plugins

Tip 2: Back up your site regularly

Backing up your site involves creating a copy of all site data and storing it in a safe place. 

This way you can restore the site from this backup copy in case something bad happens.

For all the steps and tools needed, check out this resource from Wpmarmite.

Tip 3: Limit login attempts and change your password often

Hackers usually only find account credentials after many login attempts. 

If your login form can be used an unlimited number of times, a hacker will have a certain ease in discovering your login data. 

Limiting login attempts is the first thing you should do to avoid this.

You can use some specialized plugins to limit login attempts.

These are for example: 

Login Lockdown
WP Limit Login Attempts

You can also try to change your password often to make it almost impossible for anyone trying to attack you.

A frequency of about 3 months would be more than enough for most websites.

In addition, you should try to have fairly complex passwords with a personalized username instead of “Admin”.

Tip 4: Limit user access to your site

If you’re not the only user with access to your site, be careful when creating new user accounts

It is important that you retain full control of the website. To do this, do not give access to certain functions of the website to those who do not necessarily need them to do their job.

Also choose a strong password for each of your website users. It’s your only way to make sure they’re using strong passwords, just like you are.

Tip 5: Rename your login link 

By default, WordPress websites have this form of URL to login to the admin console 


:This is the link that hackers will use to try to enter your configuration interface. 

Changing this URL is also a great way to reduce the risk of being attacked. 

To successfully have a personalized link, you can use the iThemes Security.

iThemes security

In this case, your connection link may look like this:

  • Example.com/que_du_bonheur
  • Example.com/…….

It will therefore be up to you to define what follows the “/” symbol.

Tip 6: Protect your wp-config.php

file The wp-config.php file is one of the most important on your website. 

It hosts crucial information and data about your entire WordPress installation, making it the heart of your site. 

If a hacker manages to find it, the damage can be significant. 

This is why you can move your wp-config.php file, and place it in a parent folder. 

Your site will not be affected by this move, but hackers will have a hard time finding it.

Tip 7: Use the SSL certificate

For some years now, some browsers have displayed the following message for certain websites: 

Site web non securise

These are websites under the http protocol which does not guarantee the security of user information. 

There is no doubt that many users will immediately leave such websites and those who decide to use it will do so with great caution.

Additionally, Google has made it known that it is a ranking factor. 

The firm has also devoted a section to guide webmasters on the interest of having the SSL certificate: 

Securiser un site web avec https

If you are still using http, it is important to switch to https with the SSL certificate. Especially since your website is more vulnerable to hacking attacks.

Usually you can get it for free with your hosting service. But otherwise it is also possible to have it from other structures like RapidSSL.

Tip 8: Install a firewall or firewall

You can try to install a firewall on your computer and on your website.

You can install security tools directly on your WordPress site. 

This type of firewall protects your site against: 

  • Viruses; 
  • Malware; 
  • attacks, 
  • etc.

You can use paid solutions like Sucuri


iThemes Security is a free option that you can use:

iThemes security

Installing a firewall on your computer has no direct relation to the security of your website. 

In effect, you use your computer to log in to the administration area of ​​your website. So if your own computer has been compromised, your connection to the website may also be at risk.

Some options can help you like:

Norton Internet Security


These are some of the tricks you can use to secure your website. 

And There you go ! These are the strategies I was able to list when it comes to the NSEO and ways to defend yourself.

Conclusion: NSEO Attack – Be Vigilant!

Finding a place on the web is a real “combat course”. 

Indeed, having visibility is essential whatever the stage of development of a business. But it is a difficult task that requires the implementation of effective strategies and constant efforts.

One of the most effective solutions is SEO, which aims to optimize websites in search engines. These are the most important pillars of the web since a simple failure at their level has a impact

Une baisse de 40% du trafic internet a été constaté lorsque Google est tombé en panne 5 minutes en 2013

In addition, they allow to have more visibility than social networks which can be considered as the second pillars of the web:

Les moteurs de recherches generent 300 plus de trafic que les reseaux sociaux 2

These figures highlight the importance of using natural referencing to improve the visibility of a website in the SERPs.  

But like any tool, SEO can be used to work wonders or harm. This last aspect is known as Negative SEO or NSEO

The goal: To destroy or reduce the visibility of a website in the SERPs.

In this article, I had the opportunity to show you: 

  • The reasons for its existence;
  • Evidence of its existence; 
  • Its operation; 
  • Google’s opinion on the subject;
  • The different tactics used and the means of defence.

You therefore have all the information you need to take the appropriate measures in the event that you suffer an NSEO attack (which I do not wish you).

In my opinion, it is important to react quickly if you are the victim of such a practice.

It is for this reason that it is necessary to carry out a regular audit in order to make sure that everything is working properly. 

In case you do not have the possibility to do it yourself, let yourself be assisted by SEO professionals.

That said, most NSEO attack stories have a relatively happy ending. 

Mine is since I haven’t seen any impact on my stats.

I wish you a much happier ending than mine!


Categories SEO

Leave a comment