B
Broken SEO
← Back

What is Black Hat SEO

by Alexey BogomolovUpdated Jan 21, 2026

Hi, I’m Alex. Today I’ll explain why SEO is completely broken — and how that ties into black hat SEO.

Black Hat SEO (aka “black SEO”) is a bunch of SEO tactics that go against Google’s Webmaster Guidelines and/or Google’s (or any other search engine’s) terms of service.

In Google documentation, a lot of it is covered inside Spam Policies:

https://developers.google.com/search/docs/essentials/spam-policies 

  • Cloaking

  • Doorways

  • Expired domain abuse (drop abuse)

  • Hacked content (“pies”)

  • Hidden text and links

  • Keyword stuffing

  • Link spam

  • Bot-generated traffic

  • Malware

  • Deceptive functionality

  • Scraped (stolen) content

  • Sneaky redirects

  • Site reputation abuse (parasite SEO)

  • Thin affiliate pages

  • UGC spam (User-Generated Content spam)

This also usually includes:

  • PBNs (satellites)

  • Buying links

  • Structured data (schema) abuse

  • Auto-updating the “published” date

  • Site-level exploits / abuses

(list will be expanded).

Quick rundown of each Black Hat SEO category

Here I’ll briefly explain what each black hat method is about. For the most interesting ones, I’ll link deeper articles.

1. Cloaking

Cloaking is when you mask one piece/version of content with another.

Examples:

  1. Googlebot gets a kind of “SEO-optimized” page, while the user sees a clean, readable version (or anything a webmaster wants).

  2. Googlebot is served one version of the page, and the user gets a different one. For example: an article titled “How microloans impact your credit history” shows the original content to Googlebot, but users see something else entirely (like a “best microloan companies” list, etc.).

  3. Users from one country see one version of content, while other countries see a different one. You’ll often see this in the gambling niche: users getting relevant offers depending on their country.

Most of the time cloaking is used to trick the search engine: the SE gets one page version, the visitor gets another.

But it’s not a strict rule. Cloaking can also be used to mislead competitors, or to target very specific — sometimes even single — IPs.

2. Doorways

Doorways are pages or whole sites that funnel the user to the final destination (another site/page).

Doorways are usually “optimized” for low- and mid-volume queries (LV/MV) to get into top SERPs. The user clicks from search to a doorway, and then gets redirected to the money page.

“Optimized” is a big word here. A doorway can be a restored expired domain, stolen content, or else.

Doorway example: a blog post comparing microloans that redirects the user to a specific financial product.

3. Expired domain abuse (drop domain abuse)

One of the most popular and everyone’s favorite SEO methods is working with expired domains (drops).

A dropped domain is a domain/site that the owner “dropped” (let it expire).

Typical expired domain abuse flow:

  1. The owner doesn’t renew the domain (business closed, forgot to renew, etc.)

  2. The domain hits auctions

  3. A new owner buys it

The “abuse” part is that the site already has historical signals in the eyes of the SE: backlink profile, age, topical history, and so on.

From there, the new owner has a bunch of options:

  • Restore the content from the Wayback Machine — often it ranks pretty well (good for PBNs or later migrations)

  • Publish his own content on it

  • Move another site onto it

  • “Glue” it into another site (redirect, canonical, etc.)

There are more options in practice — I cover drops in details in a separate article.

Drops are valuable because buying one is often cheaper and faster than building a new site from scratch and “powering it up.” And the sweetest type of drop is an EMD that matches the new owner’s goals.

Drop pricing usually starts at around $10 and goes to infinity (20k, 40k+, depending mostly on the drop’s link profile strength).

4. Hacked sites (“pies”)

Pie = a hacked site.

Without the owner’s knowledge, links get placed to your targets — how exactly, read in the next section 🙂. Links can be anywhere, but the classic spots are: sitewide footer links, single links inside content, or even a dedicated page created by the hacker for a specific intent.

Most often hacked sites are sold; less often hackers use them for their own projects.

The most common reasons: weak passwords (bruteforced) and outdated CMS/plugins with known vulnerabilities.

5. Hidden text or links

Hidden text/links is content that users don’t see, but bots do (and it’s visible in the source code).

Usually used in:

  • Cloaking

  • Hacked sites

Common hiding methods:

  • White text on white background

  • Transparent text

  • Zero font size

  • JavaScript tricks (display: none, etc.)

  • CSS absolute positioning (off-screen)

  • Text placed behind an image

There are more methods — it’s limited only by the creativity of the webmaster/dev :)

6. Keyword stuffing

Keyword stuffing has existed as long as SEO has — 20+ years (and back in the day it was one of the most effective tactics… thankfully or not, that era is gone).

Stuffing / over-saturation is an excessive amount of keywords matching the intent of the page you’re pushing (or not pushing, hehe). It's often called “SEO text”, although you can stuff keywords not only in the main body text.

Example of stuffed text:

“In our sports store you can buy any sports goods. We offer a wide range of sports products useful for sports lovers, kids in school sports classes, for participating in sports events, and helpful for any of your sports activities or professional sports.”

As of now (2026), keyword stuffing in its literal “overstuffing” form isn’t an effective tactic anymore (in Google for sure). And it can be penalized: either you drop out of the index/serps, or you just lose rankings for a page (or sometimes the whole site, but that’s rarer).

7. Bot-generated traffic

This includes a bunch of bot traffic flavors. I’ll quickly run through the popular/obvious ones:

// to be continued