“Before you continue reading this post you need to be aware that the case study presents actual data and results from Google. We do not endorse using these kind of black hat practices. We only present them as they are being used and abused. Maybe Google will fix these faster. All for the sake of search transparency … “





High rankings for highly competitive keywords are still being obtainable, post “Penguin”, with black hat practices.

How do I dare to say that you might ask? Well because I have a case study that tells me so (plus I see them in the rankings day by day). It works the same way it worked 5 years ago. Well, Google did fix a few bugs here and there, but the black hat concepts are still the same and they still work.

Get a bunch of links and throw them at your target site.

Wait a minute. Don’t do it yet. Why? Well because here stuff starts to get different than it was 5 years ago. 5 years ago if you had a new domain and you would throw 1000 links at it, from 300 domains ( random example) your site would have been ranking in the top 5 for the following 2 weeks to a month , with a steady position … rarely you would have seen fluctuations.

Since then, Google has changed a lot. Some of the major changes that would stop such a black hat technique from working today are:

The Google Index is being updated almost instantly (not weekly or daily)

Google evaluates links with more in-depth knowledge of the link graph.

Google takes in consideration Link velocity from a naturalness point of view.

Google has human site reviewers that police the SERPs.

and many more …

Let’s take our example and see how it still works today.

First we need to get our objectives straight:

One of the Top 3 positions on the keyword “payday loans” in Google (global) – this snapshot show us our site that was abused and ranked No.1 on this keyword.

Like with any cake you (your mommy, wife or girlfriend) cooks, you need to have some ingredients before you begin the actual cooking process. This is what it was used in our case:

Black Hat Ingredients

One “aged”, well ranking site (you can choose any niche whatsoever – does not have to be related to the keyword you target) – cedarlakedance.com registered in August 2005

(you can choose any niche whatsoever – does not have to be related to the keyword you target) – cedarlakedance.com registered in August 2005 A really good backlink analysis tool to check your competitors & identify how their link profile is constructed (by site type/link type/ link position/ metrics etc)

to check your competitors & identify how their link profile is constructed (by site type/link type/ link position/ metrics etc) A mix of high & low quality hacked sites where you will put links on.

where you will put links on. A Hacker.

A cloacking script to detect Google Referrers.

A Landing Page to convert visitors into Money.

These are the ingredients. Like with any other recipe … if you mix something wrong, the end result will be a failure (or an unexpected success 🙂 ).

Black Hat Directions

Ask Hacker to check the site and find potential vulnerabilities. After this he will need to actually hack it and be able to put a html page on the server. (totally illegal – “DON’T TRY THIS AT HOME”) Don’t modify anything yet. Leave the site as it is. Use a top link analysis tool to analyze the top ranking sites (top 5) and get the number of referring domains they have.

Analyze even more and classify by Dofollow /nofollow deep links /deep backlinks Profile backlinks by site type/ link type Profile backlinks by Authority Metrics

After profiling their backlinks you will have a number of referring domains that you would target to achieve the No. 1-3 ranking. In our case the site settled to have approximately 600 referring domains in the end.

4. Apply the Google Bombing technique with a Link Velocity twist.

Use the same anchor text (“payday loans”) everywhere. – no mix needed because of the Google trust that is applied to the victim site.

(“payday loans”) everywhere. – no mix needed because of the Google trust that is applied to the victim site. Use the set of hacked sites to get your links live. This could be a private network of hacked sites or a set of link networks that would allow you to get blog posts or server side widgets posted.

to get your links live. This could be a private network of hacked sites or a set of link networks that would allow you to get blog posts or server side widgets posted. Important: All this needs to be done dispersed over a 1-2 week period of time ( in this case it was done starting with the approximative date of 14-May-2012 and it goes until 11-June-2012

5. Monitor the targeted keyword in Google until the victim site shows up (if you do not … watch the mix you did & retry)

6. Switch the original page with the Landing Page that you will use to convert the visitors into Money. Install the cloacking script also, so only people coming from Google will see the landing page and not anyone visiting the targeted page. Show Google the same page the Google visitors will see.

7. Monitor your targeted keyword. When you go down. Delete all the links that you have pointed to that target page so that you keep the link network secret to your competitors.

Ok. So let me exemplify with this site that got the No.1 ranking in Google … even after “Penguin” (sign that Google still has a lot of things to fix in their spam algorithm). First of all Google detects that the site might have been hacked. They do put a lot of effort in detecting this type of things. Google Alerts you about this in the SERPS.

Here is how the anchor text distribution profile looked before being abused.

Here it is how it looks after being Google Bombed.

Here is the link velocity used to get the links on while Google Bombing the site.

And here are the thinks that are unnatural … still Google things they are.

~ 40% of the link profile is made of abused new links over 2 weeks. Big proportion of different referring domain links acquired.

Only “payday loans” anchor text was used.

Only Dofollow Links.

Only Text Links.

The majority of links come from Russian sites ( totally unrelated to the previous link profile)

All links point only to the main page of cedarlakedance.

In case you want to dig more into this, here is the CSV files to download with the entire link profile.

All this worked because the victim site was a trusted site, and Google considered this to be a spike in the sites authoritativeness. They did figured something out about the site being hacked, but they could not figure out the whole story. Until they do these kind of abuses will still work.

Practically these are techniques that are as old as the search engines are. The only thing that changes is just how these techniques are applied to make them work.

UPDATE

After a set of tweet exchanges with Ian @portentint & Ralph @fantomaster, I think it should be best noted that techniques that are using illegal practices (that are said to be illegal by the law) should be called “Crap Hat“ (evil search spam) and those that are only using SEO methods that are against the TOS of the particular search engine should be referred as “Black Hat”.