seo

The Dangers of Cloaking Revealed at SMX Sydney

Today at SMX Sydney (which I’ll have a more detailed post about this weekend), Danny Sullivan and I sat together on a site review panel in the late afternoon. One of the sites we were asked to review was DiscoverTasmania.com. During our investigations, we stumbled across some remarkable cloaking from one of Australia’s top travel websites – Flightcentre.com.

We started by reviewing this page about Hobart, and grabbed a short snippet of text to analyze whether the page had any duplicate content issues. Here’s the page below:

We ran a search at Google to check the phrase and came up with this result:

Clearly, you can see a page from Flightcentre.com outranking DiscoverTasmania.com’s page about Hobart, yet something looked fishy. The lack of a cached version indicates that they’re trying to hide something, so we decided to investigate further. Clicking on the Flightcentre.com link, you’re brought to this page:

And yet, reviewing the source code shows no mention of the phrase in question… Which instantly led us to the hypothesis that the domain is cloaking. Sure enough, turning off Javascript and changing our user-agent to Googlebot, we saw a completely different version of the page:

Of course, this site review was in front of a live audience, so there was no putting the cat back in the bag (and if that wasn’t enough, Google’s Adam Lasnik was also in attendance as a panelist). From talking to attendees after the show, it appears that Flightcentre is actually one of the largest travel companies in Australia, and folks here seemed to feel this was as significant as the BMW Germany spam case from several years back.
Lessons to learn here:

  • Cloaking with User Agent isn’t wise – if you’re going to cloak in a gray/blackhat way, use IP addresses (however, even in that scenario, we still could have used Google Translate to see the original version of the page).
  • Noarchive is a clear giveaway that something shady is going on – it’s like whistling and twirling your thumbs outside a bank that’s just been robbed.
  • No matter who you are or where you are, there’s a good chance that someone with some SEO knowledge is going to stumble across your clever (or, in this case, not so clever) spam.

How egregious is this particular case? Not that bad, actually. While they’re technically violating the guidelines (and Adam certainly didn’t seem particularly pleased), the content in the cloaked text-only version actually does match up to the text in the image version. The content from the DiscoverTasmania.com website may have been taken with legitimate permission as well (we were unable to verify this at the conference). All in all, my guess is that Google won’t ban the entire site, though they may remove some of these pages from the listings. The bigger issue is how fragile cloaking really is, and how close you are to being called out for it at the most inopportune moments. 🙂

p.s. Looks like Neerav from the conference has already posted on the subject (and has a great photo of Danny, Adam, and me in our SMX Sydney Site Review labcoats, to boot).

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button