Posted On : 14 February 2019
If you already know how to identify, prevent, stop and recover from a Negative SEO attack, this post will enlighten you of the possible threats in the future and how you can fight them off.
Let's make a deep sense about Negative SEO series but prior to that, it is essential to keep in mind that this post is based upon a lot of speculation.
Regarding the future of SEO agencies, the initial point of my assumptions is based on search trends which are at their early stage. Hence, one cannot predict if they will carry on the same path. In addition to that, few of these new attack vectors might be technically presented that I admit however they have not been checked by my group or else other reliable researchers whom I know.
The intention behind including these near-future attack vectors is to offer sufficient actionable data in all the best possible ways without depending on 'too-far-out' predictions. The very first thing I would like to clear is that the work which has been done yesterday is probably to be repeated tomorrow and the next day, and it will go on. As long as Google ranks a website based on data, the data can be taken either positively or negatively.
Therefore, Google will find difficult to nullify the effects of an attempt to attack to manipulate the data by a bad actor as long as the Google depends on a signal. Give your most attention to the work which we have been done in the previous articles and my following expectations might appear in the next year or three to come. By focusing on classifying SEO into the categories such as links, content, and user signals, we are in the way to address the future negative SEO attack vectors in a similar way.
Links
Social links from low-quality accounts: Most importantly, social links do not have a direct effect on rankings rather they are used for the purpose of link discovery. However, Google might begin to charge an amount on those who shares a link with verified accounts in the future. Under this situation, the links which have been shared to your site by familiar bot networks might end up with previous link penalties associated with bad web neighborhoods.
Searching for toxicity: Sometimes bad actors utilize the strategy of placing outbound links on harmful websites with a view to connecting their objectives with these non-reputed gamers.
As the link tools including Majestic/SEMrush/LinkResearchTools and many others form disclaimed files as well as other harmful information available via their APIs, attackers can make sure that bad links will result into a penalty of higher probability. It is just a case of time that bad actor will directly link this information to their link spam tools for a greater effect.
Fake press releases: Being a strategy, press release links yet operates for positive SEO. Even though I have not seen in the wild but still expecting to see is a piece of false news thrown out by the press. It would be easy for an attacker to either point out negative news or form up a damaging tale if he has bought placement through cryptocurrencies and submitted a press release in an unknown way and similarly, he uses rich anchor text to get back to the target domain.
That type of strategy can be harmful in two ways: firstly, it would possibly end up with poor press ranking for important terminologies and secondly, the targeted anchor text might cause an algorithmic link penalty.
Doing bad things with the help of Google Assistant: Now, this one's my favorite. Google Assistant can be utilized for some unpleasant things too. As we have mentioned in this example, it is already an easy procedure to discover most of the competitor's links through one's favorite link research tool. As we have stated in the previous post, these links could be analyzed via WHOIS service.
Ultimately, the future portion: The Duplex feature called Google Assistant will be releasing next month in some Pixel smartphones which can be used to imitate a human being, requesting removal of links, and calling to the webmaster contacts frequently. When this strategy actually begins, it will be equally successful as well as deteriorating. (Google states that Duplex will recognize itself as non-human, but it would be taken care whether that can be disallowed in any of the ways.
Content
Use of proxies to serve duplicate content: It is a fact that I have a fear of returning to this old strategy undoubtedly. The work includes in this strategy is to set a proxy gateway to link and run a website effectively along with formation and exhibition of its copy. Why I fear of this strategy's returning back is because Google is found to be making a huge effort to concentrate more on entities rather than URLs.
URLs are the one which assists us to make a difference between real and fake on the internet, assist us to perceive fundamental technologies that have been used, a structure of the site, and so on. Recently, Google has been suggested that they would like to drop URLs and if it finally continues in such a way, this tactic can be expected to be the most effective in stealing a site of its traffic with the help of duplicate content that has set up by an attacker.
Misapplied AMP: To cause confusion between webmasters and users alike, AMP can be misused in a number of ways. However, with respect to negative SEO, the easy approach is to form an AMP site with poor content and utilize the rel=canonical tag to link it to a target website. Under this case, poor content can simply mean content with an 80% of a textual match to the target page's content by avoiding extensive keyword stuffing and adult phrases built to activate Safe Search.
Injected canonicals: A bad actor might apply a PWA (progressive web app) and connect the PWA with a target domain through a hack in the same way as an attacker can insert content onto a website by hacking or technical misconfiguration.
If appropriately hid to the website owner, the PWA could come into a view as a normal branded PWA, but it will just happen to rob customer's information or else create reputational issues. In the same way of PWA-injected content problems, a poor actor can also pull AMP and hreflang settings in a try to generate incorrect indexing problems.
GDPR objections as a service: Most probably, it will definitely be a problem in Europe. The attack would operate by searching out ranking pages with a person's name and then GDPR complaints would be filed in bulk in a fictitious way as a try to access the pages removed.
This is an addendum of similar attacks that have taken place for years in the US with DMCA (Digital Millennium Copyright Act) which were extremely successful until recent times.
User signals
Reviews, rich snippets, knowledge graph, and other Google property lists: Currently, it is already feasible to overwhelm Google hosted attributes with incorrect data and bad reviews which develop in a time wastage for a webmaster. Nevertheless, I can predict a future where this is undertaken far more in a forceful way by leasing the utilization of senior Google reviewer accounts to carry out various things:
Outlining business lists repeatedly.
Upgrading addresses to familiar spam addresses.
Upgrading website lists to focus on a competitor.
Upgrading existing links to correct fault pages.
Google has faith in its seniority process for making alterations, and as the Wikipedia editor community, once it is extremely invaded with poor actors, it becomes hard to believe.
Third party evaluation websites [serchen, G2 crowd, etc]: This attack vector undertakes works in two distinct ways. Firstly, it is problematic to have a significant number of negative reviews as it presently declines the amount of traffic that would initially come from those websites. Besides, the next thing we will notice that the worst reviews are ranked with hostile link spam.
People will not only pre-judge the quality of a product or service by depending on the reviews of the third party but will also pre-judge the first-page rankings consisted of negative reviews as well as most probably, the target domain will be disregarded and thereby gain hardly any clicks.
Mass marking in Chrome: As Google depends more on its own products for the trust of the user signal, attackers will also begin to put more importance on those products to operate the signal. Reporting malware takes place in such a way.
The target domain will not be mentioned in the list of malware warning even if sufficient malware websites are 301 redirected into a domain and are announced by Google's general feedback form. Chrome has the higher potential to flag both the recipient and target domains of the malware redirect as an attacker.
According to me, this would be uniquely effective and will tend to the flagged and attacked domain and not visible to the 80% of the internet that uses Chrome browser by default. Strictly, as this concept uses links, we can involve it in the previous portion.
Useless traffic via AMP: Majority of the useless traffics are pushed through the faster mobile pages (AMP) version of the website which is already undertaken to deceive webmasters by tailoring a perspective of fake user intent which ultimately results in time wastage for wrong needs, terms, and pages.
Some may have an assumption about AMP having a good solution which is wrong as it might also have various other bad impacts if repeatedly scaled with a view to sending bounce traffic via non-AMP version and persisting traffic via AMP.
Most advanced DDoS attacks: This is obviously a definite strategy which should be used and is based on prompting server-side local JavaScript and generally decelerate pages because of costlier questions.
It has been given that hosts have better-improving CPU performance and the capability to auto-scale when the traffic is higher as a proxy for regulating server load. It will evolve more effective attack whereas solving traffic-related DDoS does not matter even if the vector moves towards the database and attacking slow server-side scripts with the repeated loading of specific URLs which constitute uncached SQL queries which further results in hung SQL queries and the website will get slow, if not incapacitated.
Conclusion
The conclusion of our series on negative SEO is that as we have started in the beginning, I hope that now you have got a deep understanding of what exactly it is, how it operates, how to prevent an attack, how to safeguard yourself, how to get overcome from it, and also you can predict the future on what negative SEO has kept for you in the years to come.
