ziv dascalu aggressive black hat seo - smx israel 2012
TRANSCRIPT
Aggressive Black Hat SEO
Ziv DascaluWise Impact
SMX Israel 2012
IntroductionWiseImpact – Consulting when SHIT
happens …
… Some background
Competitive Industries• Different type of animal• Competition landscape changed
over the years• Highly concentrated and
aggressive• It’s a war out there
Playing the bad guy• Sometime the best method to
move forward is to “eliminate” the sites above you
• When things go wrong – knowing what to check is crucial
• Exposures awareness helps solve problems faster
Disclaimer
Disclaimer• Get out NOW if you do not agree !
Blue ball?
Who’s GOT the
Blue ball ?
Links -> Incoming -> Old• Link target change requests• Complaints on linking
accountability• TM threats• Fake notices from Google
Links -> Incoming -> New Ones
• Link networks above the fold & farms• Banned / Hacked sites• Fake profiles with spam words• Blog / guestbook / chat / twitter spam• Link buy requests to M /Y/G employees• Push huge amount from same site +
sub domains on same IP
Links -> Outgoing -> Methods
• XSS• Hacks• Widgets and code injection• Links in posts, comments,
testimonials and other UGC
Links -> Outgoing -> Destinations
• Banned sites• Big banned link buyers• Malicious sites• Bad neighborhoods
On Page• Parameters spam for duplicate content• UGC sub domains• Un moderated forums spam on the target
domain• posts, comments, testimonials and UGC• Hacks and injecting Hidden spam content
(1 pixel fonts, DHTML tricks, cloaking)
Site Wide - Internal• Cloaking & .htaccess• Robots.txt• Hidden Noindex, nofollow• XSS for content• XSS for links injection• Many new domains with spam content
and same contact info linked to target
The 3 …
Sounds Familiar? …..
Web Master Tools• Get Access through social hacking• Location change• Geo targeting• Ignore pages• Address relocation• Stupid reconsideration requests
External• DMCA & TM wars: owner, hosting, DNS
providers, registrar, search engine• Take untaken brand TLDs• Change IP geo targeting requests• Influence search engines suggestions• Multiple proxy site duplication• Mobile / Email / Skype / IM spam• Abuse freshness to position push results
Presentation related• Video, Images (, Maps ?)• News & PR• Social, post bad titles on UGC forums,
blogs etc.• Mechanical Turk like and click bots hired
User feedback (remove from results, in and immediately out and such)
PPC• Click bots on other sites and on the
target site• Post public freelance project requests
for click fraud• Use PPC advertiser ID on abused sites• Abuse adsense account score using PPV• Use 3rd party remarketing tricks for
scaring potential clients away
Critics (G,Y,M….)• Hire people to tell on link buying that the
target site did (or was done for…)• Post in forum how the target site tricked
the SE and got away with it• Report click fraud done from target site• Report spyware injection from target site• Annoy SE stuff with spam from target site
Analytics• Change user behavior information
by using paid surfing services• Cloaked and fake queries and
search terms traffic• Buy botnet fake traffic trends
Hack• 302 hijack• Cross domain canonization • Cloaked 301 redirection• Cloaked java script redirection and
telling on it• Geo targeted DNS poisoning• Fake CC sales
Human Resources• Eliminate SEO stuff by hiring• Distribute SEO team members
resume online as job seekers• Trash SEO team results in
management eyes• Get your own person inside
Social Media• Trash reputation on all social media
sites and push with links• Follow all brand conversations and
engage to give bad feedback
Affiliates network• Position an affiliate link instead of
homepage• Trash affiliate program in UGC• Contact all affiliates as a fellow
affiliate and tell them about a bad experience you had with the affiliate program
Denial Of Service (DDOS)• Target site• Same IP site• Resources yank