Slightly Shady SEO | Blackhat is Back, Baby.

Since I attended affiliate summit in Boston, I’ve come to truly appreciate how big this industry is. It’s an interesting beast, with many many more people in it than I would’ve expected(and from what I’ve heard ASE is one of the smaller conferences). The other thing that really changed is I started to take a look at the industry as a whole in regards to it’s sustainability and purpose of the various people in it.

So here’s what I’m going to cover today.
A Rant About Affiliate Networks: Trust Issues and their Purpose
Is True Regulation Coming to Our Industry?
Internet Explorer 8: Give me Back my Cookies!

A Rant About Affiliate Networks: Remembering their Purpose (and some trust issues)
Now I hate to write this section. Really I do. There’s some networks(and especially AMs) that I have tremendous loyalty towards. But it’s something that’s been in the back(and occasionally front) of my mind for awhile.
Networks can do 2 things that a lone affiliate can’t (or won’t due to substantial effort being required).

1. They can gather up the offers for us to promote easily (Biz Dev Department)
2. They have the legal teams and power to make sure we get paid. Essentially we trust the network so we don’t have to trust the merchant.

I definitely can’t speak for everyone in the industry, but the primary reason I run through affiliate networks is #2: so I don’t have to trust the merchants. I play largely in the online diet product space, and let me tell you guys, those are the dirtiest merchants on the planet. So essentially the I end up surrendering probably 10-25% of my total commission(depending on the product) to the network so that if that merchant runs away or refuses to pay or has tracking problems, the network can hopefully use their influence and legal teams to do that which I cannot.

Unfortunately at some point this concept completely disappeared. Most networks are nothing but slaves to the merchants. If there’s an issue, most will not pony up the cash even if you’re within the TOS. The question then arises “What do you want us to do about it? He didn’t pay.” This makes me beat my head against the wall. I give the compulsary ~20% of my commission to the network just in case this stuff ends up happening once or twice. What happened to the legal teams? The financial backing and stability? If I wanted to deal with the merchant and worry about trusting the merchant, I’d just be going direct.

I’m sorry networks, but this is your job. Give us a reason to not just go direct. You’re not protecting (or even acknowledging or reporting) us against scrubbing, the least you can do is make sure we get paid for our scrubbed leads. No, I really do not care about tracking issues. I do not care about credit card processing issues. I don’t care if the merchant gets stranded on a friggin desert island for months at a time. I’m putting my own money into these campaigns, and I fully expect to get paid come hell or high water.

Let’s Talk Law Suits and Government Regulation
The unregulated nature of affiliate marketing has always been a blessing and a curse. We have a lot more latitude in regards to promotion methods, but at the same time have to deal with payment issues that don’t really exist elsewhere (If Walmart buys 300,000 pens from Bic, they can’t say “Well, this wasn’t profitable. We’ll pay you for 100,000 of them though). It appears we’re getting cracked down on though.

• Ringtones - Going to hell in a handbasket. Not impossible to run, but getting more difficult. Once it was “don’t say free”. Now it’s pricing on the carrier select page, pricing on the page where you enter your phone number, and pricing in the text they recieve. And it has to be prominent everywhere. You can’t even survive a carrier audit if you don’t spell out “monthly subscription”. Apparently $9.99/month is too difficult to comprehend. In addition to the networks auditing landing pages, the carriers are now auditing. And Google is getting restrictive on the landing page as well. Ringtones aren’t dead, but let’s say that catastrophic killer meteor is flirting with the atmosphere.
• Crush Offers - Ok, nothing has happened here yet. But are we really pretending it won’t? These ones explicitly are targeted to those under 18. Considering the fate of flavored cigarettes (which was much less targetted to those under 18), I’d say it’s only a matter of time until the lawsuits start coming down here.
• A Certain Asshole Merchant - Is getting sued in the UK. Karma is a bitch isn’t it Jordan?
  More on this later. It’s a very interesting story, with a truly bulletproof business setup(to survive law suits). I can’t wait to see if he comes out on top, or if he successfully implemented the patented Scott Richter “getting sued is fine if it’s still profitable” business model.
  Either way, I’ve got some wicked documents on his business registration and various LLCs he runs that really paint a picture.
• Shaun Hogan of Digital Point Sued for Cookie Stuffing - No merchant likes cookie stuffing. Apparently EBay(by far one of the hardest hit) is doing something about it. Hogan apparently got millions from cookie stuffing eBay, and they want it back.
• MySpace Mania - CPAEmpire has emerged from the MySpace spam lawsuit(ok ok this is really old) and is not looking too shabby. They’re rebranding as Affiliate.com, ditching direct track, and I would put a heavy bet on the fact that they made more from the MySpace spam than they lost in the law suit.

Internet Explorer 8: The only Real Benefit is Maybe it will Kill DirectTrack
So the next incarnation of the shiite that is Internet Explorer is currently in Beta 2. What does this mean? The entire affiliate industry is about to get a massive update. It has a “privacy mode” that opens up a new window, and removes ALL traces of you once that window is closed. Including cookies.
For those of you who aren’t much in the techie department, nearly every tracking system we have uses cookies to track our sales. So as soon as that browser window closes, so does any chance we had at getting credit for a sale.
So what are the implications/possible results for this?

1. Content Network Circle Jerk - Since no major PPC program has the ability to block by browser, we’re probably going to see a lot of people transforming a normal landing page into an MFA site if the user can’t accept cookies. Gotta make money off those clicks somehow, eh? If enough people start doing this, I think the quality of the content network is about to drop significantly.
2. Ads on Live Search Will Be Worthless - Advertising on MSN has always yielded clicks that are nearly 100% Internet Explorer users who couldn’t change their default search engine. So let’s imagine for a second even 10% can’t accept cookies. Wow, that’s a traffic quality drop.
3. New Tracking Systems - 95%+ of the networks I’ve used use cookie based tracking. The other 5% use click ID based tracking. Hopefully soon we can see a combination of those appearing to fill the void of DirectTrack(which is 100% cookie based).
4. Increase in Whitelabels - Whitelabels give us the ability to more or less brand an affiliate site, and to capture users coming back later to make the purchase. The best part? They don’t use cookies. This is a huge opening for sites that want to dominate the affiliate market to make an offer that converts much better than the standard offers that will be crippled by IE8.

-XMCP

PS: If anyone has anything in particular they’d like to hear about in the future, drop a comment here. I’m having trouble finding new entries because my reader demographic is split amongst professional SEOs, affiliate marketers, and some MMO people. So leave a comment about what you want, and I’ll try and find a way to work it into all those niches.

Alrighty. So when it all comes down to it for blackhat, one of the primary goals is simple. Not getting caught. Sounds simple, but it’s definitely not nowadays. The trick is to be able to trick a human. If you can trick the humans, you can trick the bots. And more than that, webspam complaints won’t come in. So some of this may be a repeat, but it’s a good basic overview of hiding you tracks.

Disclaimer: None of this is guaranteed. Many sites get caught no matter how careful they are. Don’t do this on your pride and joy until you are very, very good.

Overview
Combining multiple blackhat techniques increases your chances of getting caught exponentially. It’s relatively easy to hide cloaking. It’s relatively easy to hide intelligent link spam. It’s much harder to hide both simultaneously. This entry is not for the normal generated content+cloak+straight non-targetted link spam. This entry is for legitimate looking sites that are using blackhat to get a bump.

Let’s Talk Cloaking - Cloaking is one of those time honored blackhat tricks. Next to link spam, I’d say it’s actually a hallmark of a standard blackhat site. But it’s well known in the webmaster community. So how are we going to get around this?

•  What are the Cloaking Giveaways and How to Avoid them
  
  • Redirecting to a new URL. Redirecting to a new domain=even worse.
    • Importing the Landing Page - file_get_contents(); is your friend. Nearly whatever you can show on an offsite domain or on a new page you can show on the page they were trying to access with file_get_contents, curl, or require_once (in PHP). Just output what WOULD’VE shown.
  • Lack of the proper keywords on the page.
    • The 404 Trick - Many sites have pages disappear due to crappy architecture. Showing a “this page could not be found” and doing a 3-4 second redirect to the homepage can work wonders in terms of plausible deniability. On the downside, it also creates a high bounce rate. (it also helps to invalidate bullet point #1). If you’re really paranoid, restrict Google from whatever directory has the “this page could not be found” cloaked/keyword stuffed pages. With proper amounts of keywords Yahoo and MSN can provide some good traffic.
    • Keyword Combos - Don’t stuff keywords in your cloaked page, stuff keyword combinations. Most people are going to start thinking cloaking when they search for a word not on your site and it shows up in the search results. Now what can work as an alternative is shuffling up a small amount of legitimate content(think 50-100 words) to include numerous different combinations of the same words. It does wonders for phrase matching the user’s search. Though I will point out this is still a risk, and whether or not the risk is worth it for a low level gain is up to you.
  • No ability to view a cached version.
    • Not much of a way around this one. The only way(I know of) to obscure the cached version is with javascript. Doing that not only increases chances of detection by someone turning JS off, but it also increases chances of getting caught by a lucky bot go up (since you essentially would have to cloak twice; once to trick the bot, once to trick the human)

Let’s Talk Backlinks - I’ve gone over some of this section before, but this entry would not be complete without these tricks.

• Hiding Sketchy Links - There’s a LOT more to this I can’t mention because it could be fixed too easily. Use your imagination.
  • Ranking by Not Ranking - If you’re doing the pyramid structure of links (shitty links at the bottom of the pyramid, funneling into better dummy sites funneling into real money sites) remember you may not want your crap bottom tier to rank anything. Take everything about SEO that you know and do the opposite(so long as you can do so without damaging the site’s linking power). Sites that rank get found. Sites that get found get reported. If your bottom level has no hope of surviving a few hundred real visitors, don’t subject them to that.
  • Hiding in the Back of your Backlinks- Yahoo is the only real backlink tool out there anymore that consistantly updates inbound links. So get yourself some legitimate and powerful links before allowing some of the sketchier ones in. Your powerful links will take up the first several pages of backlinks, and create a solid foundation. Every site on the net(for the most part) has links from a few scrapers. Some have 1-2, some have thousands. Most of the time a site isn’t judged by other SEOs so much by it’s crappy links at the end(since every site has these) but rather by the powerful ones at the front. A site with a few scrapers linking to it is generally fine if it has some solid, legitimate links holding it up. (Yes, it is my opinion yahoo’s linkdomain: command displays links sorted by relative power)
  • Contextual Power - If you’re buying links and need to hide it, go for the contextual linkage vs. the sitewide. Most sites never get blogrolled by anyone. Also I’m beginning to be of the opinion it’s bes to stay away from blogs for contextual links(not 100%, but if there’s any choice get a normal static site and add in the content). There is very little difference between a pay-per-post splog and an article directory that doesn’t disclose itself as an article directory aside from how the articles themselves are presented.
• Straight Up Link Spam - These tricks are best applied in unison
  • Linkbait Spam - No one believes all these messageboards are linking to your ringtone site voluntarily. Sorry, but it’s true. Now, if you create a proper piece of linkbait then spam out links to that? You’re a little bit higher on the plausible deniability scale.
  • Targetted Link Spam - Most link spammers I’ve seen have the ability to pick topics that gain preference for spamming. In most cases, they can be set to only spam certain board titles. If you have a big list of forums and a truly powerful link spammer, try and hit your niche with the spam. Not only are you not getting spam reports, but you’re gaining access to the communities most likely to legitimately link to your site. So let’s say you have a piece of generic linkbait, not targeted tightly to a particular commercial niche. How many messageboards do you think have sections including the words “funny” “general [chat]”, “offtopic”,”off-topic”,”interesting”,”random”, “miscellaneous”? There’s a lot. And they’re the perfect places to link spam because they’re where your links may legitimately show up.
    The primary difference between automation and manual link building is that manual link building can include judgment calls(especially in terms of relevance). Make your bot able to master that, and you’re sitting on a gold mine.
    Also consider the idea of making a first run on your forums looking for introduction threads
  • Finding Underspammed Forums - Now that you’ve got your levels of protection listed above so that your spam doesn’t appear spammy at all, it’s all about making sure you don’t post to the same forums as every other link spammer out there. If it’s important enough to you, code up a scraper that runs through your forum list. There’s a lot of traits you can use to eliminate spammy boards. Average number of posts for a user posting a new topic, average number of links per post or per category, even certain keywords(pharmacy/sex related) can be a giveaway.
  • Varying Your Text - As many of you know, I’m a moderator over at wickedfire(don’t go there unless you’ve got some thick skin). Certain posts(especially a first post containing a link) set off a kind of “this might be spam” mindset. Now, the first thing I(and I believe most) do is copy a line of it and search on Google. If the same comment has been posted elsewhere, it’s an instaban. Make sure to vary your text. If not to dodge savvy forum admins, then do it to make your sites look more legitimate to any snooping SEO/competitor. Also vary your name.
• The One Universal Way to Create that Seed of doubt
  • As much as it pains me to say this, it comes down to the content sometimes. A site with proper content is almost never suspected of anything. I’ve seen many sites recently that had awesome content and were very well known. And at the same time looking at their SEO it looks like I could actually have a fair amount to learn from whatever sketchball did their SEO. Looking at the internet archive, it’s been like that for a long time. Why are they not reported? Well, first off because there is and always will be a double standard at Google. But secondly the blackhat is selectively applied, and done so intelligently, and has content to back up the doubters. Does anyone notice the stream of social bookmarks+news submissions+fake fanboy blogs+press releases every single time the corporate blog is updated? Not many. It survives based on that content, and has gained thousands upon thousands of links as a result of blackhat combined with it.

Conclusion
The most powerful sites out there are ones that can properly ride the line. They can conceal their own motivations and tactics even to the prying eye. For every webmaster violation, there’s a level of obscurity protecting them. For every blackhat link that may get busted, there’s enough that are (and others that just appear) whitehat to call into question their truly blackhat motivations. For all the bickering in the SEO world over blackhat vs. whitehat, it would appear the best are truly a combination.

-XMCP

PS: Apologies for the lack of posts. I’m really going to try to get back into posting. Personal stuff this summer stacked up, then I went to Boston, then I moved back to East Lansing(not as a student),  then I was without internet for 4 days. So it’s been a bit rough. Tune in next time for some affiliate marketing related rant.

Hey all.

I’m going to be out for a few days. Today I leave for Boston for affiliate summit. Whether I’ll be able to get into the exhibit hall is anyone’s guess(I may not even try) but either way I’ll be in boston until around noon on the 12th.

My schedule is looking a little cramped, but anyone who wants to get in touch…you know where to find me.

Also, I’ll at least be temporarily resurrecting my Twitter account at http://twitter.com/SlightlyShady if anyone wants to get in touch. I can’t promise anything(I suck at responding to messages) but if you don’t have my cell that will most likely be the best way to get ahold of me. I’ll be staying at the Westin as well(and I’m too young to rent a car) so if anyone out there is at the Westin, feel free to give it a go.

Oh yeah, and tomorrow I’ll be at the Advaliant fishing trip, so it will be a bit tricky to get ahold of me.

-XMCP