Any ideas on how to stop a massive spam link building attack?

Annapurna-Digital

I have a client that got penalized back in April, 2015, after doing a lot of research around what it might be, we finally narrowed it down to bad link building. It looks like the site started getting attacked by some sort of automated spam link building attack back in 2013. Examples of the bad links are listed below.

• Thousands of links coming from Pinterest - all different boards. The links come from pinterest.se and pinterest.com.
• Thousands from footer links from a website template. Some of the links make it looks like this client build the website (which they did not) and some of the links are in black lettering on a black background (hidden from the naked eye).

New links come in every day and range from 10 - 150 new spam links, and the majority of the pages the links are on are foreign. I know I can disvow some of the links (like the ones in the footer of the website template), but I wouldn't want to disvow Pinterest, right?

With all of this info, does anyone have any ideas on what action we should take next? Thanks ahead of time!

Carson-Ward

Penalties from third-party spam are rare, but it happens. Just to make sure we're on the right path, I'd first take some top pages and fetch/render them. Submit 4-5 of the top pages to the index. If everything looks fine in the render and submitting them to the index works, we eliminate 99% of technical issues.

If you're seeing spam links coming in you should definitely start with the disavow. Do you have a manual penalty notice in Webmaster tools? If so, I'd submit a reconsideration request explaining that your client is not doing this link building AFTER the disavow is in.

Beyond keeping the disavow updated and trying to get Google to care about your reconsideration request, there's not a lot you can do. In one case I was able to get an IP address from a legitimate site that had spam comments and trace that back to a competitor's office. In most cases you just have to try keeping up with the garbage.

Annapurna-Digital

Good answer. I didn't think about looking at top pages or fetch and render. Interesting finds there, for sure. The top 10 pages according to OSE are:

1. http://mywebsite.com/
2. http://mywebsite.com/?id=P8426&shouldPaginate=true&categoryId=3865
3. http://mywebsite.com/?cbg_tz=360
4. http://mywebsite.com/ISES-Wedding2008_Ritz/index.html
5. http://mywebsite.com/about/40_0_916.html
6. http://mywebsite.com/all-dolled-up/15_8_585.html
7. http://mywebsite.com/beautifully-human/21_17_487.html
8. http://mywebsite.com/belly-and-baby/20_13_371.html
9. http://mywebsite.com/belly-and-baby/20_15_373.html
10. http://mywebsite.com/belly-and-baby/20_28_409.html

#1 is the homepage, it's fine. #2-#4 are duplicates of the homepage... have no idea how/when those were created. The remainder are all very odd 404 URLs. When put into fetch and render, #1 and #5-#10 show what is expected. #2-#4 show as a redirect to the homepage (yet, I get a 404). When I check #2-#4 in a response header tool, like SEOBook, it shows redirects to some other odd page (http://www.mywebsite.com/xmlrpc.php).

That I know of, there hasn't been a penalty message in GWT. I say that because there is no message in GWT, and the client hasn't reported seeing any message prior to this happening.

Thanks for the feedback Carson, I appreciate it. I like the story about the IP address being tracked back to a competitor - sneaky!