Competition in search marketing can be tough. Regardless of number of businesses/products/services relevant to a specific keyword there is only one top position and unless it’s your site at the top you miss out on the hefty share of the search traffic generated by that keyword. The lower the result is displayed the less attention it gets.
Even if you are in “business” of black hat SEO and can use whatever dirty tricks you like, you still can’t guarantee the top position for the most popular keywords since there are already many established reputable sites and other black hats competing for the same keywords. But if you can’t always get the top position, you can still try to make your results look more attractive than the rest and increase their click through rate, right? Right! And this post will be about one of such tricks
Take a look at this screenshot. Which result does stand out of the rest?
I guess you all noticed result #5.
Of course, #1 will still get most of the clicks, but if searchers want to check some more results #5 will definitely catch their attention:
If you make a quick screenshot analysis you will notice that results #1, #2, #3 and #6 are most likely legitimate web pages with some information about the topic (articles, discussions) while results #4 and #5 are spammy doorways that lead to online stores selling counterfeit drugs.
If there were no “rating” snippet then results #4 and #5 would most likely be ignored by people who only search for some information. However, with this yellow hot spot, some of them will probably click on the result #5, whether out of curiosity or just because they don’t have a knack of result snippet analysis and the result with “rating” seems more credible to them.
On the other hand, if there were no rating snippet and someone was really interested in buying some generic pills then they would probably first click on the result #4 and then (if not satisfied) on #5. But the rating snippet makes result #5 much more attractive: despite of being displayed lower, it is more prominent and has some “social proof”, which may influence your decision a lot when you are going to purchase and consume something from an “unofficial source”.
These prominent yellow stars are one example of rich snippets. This is something that Google may display in search results in addition to normal snippets (title, URL, description) when it finds some structured data that it understands and that can help searchers with their specific queries. You might have seen various rich snippets in Google search results: prices of items for e-commerce pages, recipe details for cooking pages, author’s pictures next to posts of known authors, etc.
The result #5 is displayed with a “review” rich snippet. The idea of such review snippets is they can help users better identify pages with good content. Unfortunately, they can be easily abused.
In this particular case, I want to describe a massive black hat SEO campain that involves hundreds of hacked legitimate websites where hackers used “cloaking” to make search engines see spammy content on thousands (if not millions) web pages instead of their legitimate content. On this blog, you can find articles about many other similar attacks, but this one has a new feature — it uses microformats to have Google display rating rich snippets for the spammy search results.
The attackers hack websites (at this point I mainly see WordPress and Joomla sites) and install some PHP code that detects search engine crawlers and either replaces legitimate content inside of certain tags (headers, lists, links ets.) with spammy keywords or replace the whole web pages. In addition, every such a cloaked page contain some specifically formatted rating data (microformat) which Google considers as legit and converts it to rating snippets in search results.
Examples of the HTML code for reviews used by spammers:
<span class="fn">Viagra from india is the <b style="color:black;background-color:#ffff66">best</b></span>
<span class="votes">5102</span> votes.
<div xmlns:v="http://rdf.data-vocabulary.org/#" typeof="v:Review-aggregate">
<b><span property="v:itemreviewed">Levitra kullanimi</span></b>
<span rel="v:rating"><span typeof="v:Rating"><b>
<span property="v:average">9.1</span></b> from <b>
<span property="v:votes">494</span></b> votes. Total <b>
<span property="v:count">494</span></b> votes.
At this point these spammers promote three types of sites:
The spammy pages usually have two main functions:
When Google users click on the doorway results, the malicious script on hacked sites detects it and, instead of the legitimate page (which is for direct visits only) and the cloaked page (which is for search engines only), it either shows the third variant (the spammy offer page) or simply redirects to third-party sites that pay for this targeted traffic.
Right now the doorway pages redirect to:
From webmasters’ perspective this hack is no different from the rest similar hacks except for one thing that makes detection easier.
In Google Webmaster Tools, there is a Structured Data Dashboard (Optimization->Structured Data) that should display information about all the structured data that Google has picked up on your site. If you don’t have any structured data (most sites still don’t) or you don’t use structured data for reviews/ratings you should notice that something is wrong if you see such data listed there.
That’s one of the reasons why you want to register all your sites with Google Webmaster Tools and regularly check all its reports — you can spot surprising things there if your site is hacked.
Some other Webmaster Tools reports that proved to be very useful for security problems detection:
In addition to Google Webmaster Tools, you should monitor your site for unauthorized changes. Think about integrity or version control and regular backups.
Do you have other examples of malicious use of Google’s rish snippets?