The top-ranking HTML editor on Google is an SEO scam

This is the story of how I accidentally discovered what appears to be a sizable SEO scam.

Summary

Some highly-ranked online tools for editing or “cleaning” HTML seem to be secretly injecting links into their output to push themselves and affiliated sites up the search engine rankings. This scam is highly successful and appears to have gone undetected so far.

Tools which appear to be doing this are all made by the same people:

• html-cleaner.com
• html-online.com/editor/
• html5-editor.net
• htmlg.com
• … and others

Sites that have fallen victim to this include BoingBoing, the official German Football Association and Kaspersky. The delicious irony here is that the affected Kaspersky article is about “staying safe from hackers”.

Finding something fishy

So here’s a blow-by-blow account of how I made this discovery, along with the evidence I uncovered.

It all began with a mystery concerning a product that I’m building. The product is an online scoreboard, and despite having (what I think) is a solid SEO strategy, I have been unable to conquer that coveted top spot in the search engine results page. For the last 12 months, a competitor called “Scorecounter” has always been ahead of me.

Now, due to the nature of my product, people are sharing links to it and embedding it in their websites, which means that over time I am accumulating a lot of inbound links. Over time my SEO ranking should become unbeatable. The competitor does not have a significant virality like me, yet is consistently better at me than SEO. What trick are they using? 🤔

So last night I drank 2 glasses of red wine and instead of deleting the production database (like last time) I decided to get to the bottom of it. I paid for an Ahrefs subscription and had a look at the “backlink profile” of Scorecounter. This is what I found:

Scorecounter had 3600 incoming links which it had accumulated in a very short time. Impressive!

Then I began to look at the pages that contained the links and this is where I grew suspicious.

For instance, I saw a blog post from the German Football Association containing a link to Scorecounter. The word that was linked was “score” – yet having a link here made absolutely no sense in the context of the article. What was going on? 🤔

Here are some more examples of links I found on random domains (you need to search for “score” on the page).

There are pages and pages of these (take a look for yourself if you have an Ahrefs account).

So I wrote some emails to a 1-2 of these sites and asked them why they had these links in their pages. Were all of these sites selling links?

I received the following reply from an online news portal:

Thanks for reaching out. No, we do not sell links at any cost.

I was actually using an HTML cleaner (html-online.com/editor/) since last year, which was working fine as intended in the initial months but a few weeks back I realised that the tool has suddenly started secretly injecting links to the HTML content.

For a few posts, I was not able to spot it, but when I learnt about it, whatever post I could have recall, were cleaned manually. It appears, unfortunately, some of them are still there, as you pointed out. I will today simply find-replace this link from the entire database for safer side.

Bingo 💡

Aha! So that was what was the secret: The creators of Scorecounter also made an online HTML editor which injects links for certain keywords. The beauty of this scam is that by injecting links to their own HTML editor, they have created a wonderful positive feedback loop: the higher it rises in the search rankings, the more people use it and the more secret links they can inject.

Now if you are feeling very magnanimous, you could argue that the editor is a freemium tool, and that added links are how you pay for the free version. Well, I’m not feeling magnanimous and neither will Google, I suspect.

Apart from boosting the HTML Editor itself and Scorecounter, I found a third product that was enjoying the limelight:

Rubik’s cube

Ruwix.com is made by the same people and is all about the famous puzzle cube. Again it’s very easy to find a large number of backlinks to Ruwix.com on random sites using Ahrefs.com. Each of these is a non-sequitur in the text into which it’s jammed, which shows me that the authors of these articles had no idea what was going on. Take a look (you need to search for “Rubiks” on the page):

UPDATE: Kaspersky has removed the link (props for the quick reaction), but of course I got a screenshot

To see how prevalent this injection is, try this Google search; “Learn how to solve a Rubix Cube with the beginner method”. There are over 600 hits on a wide range of sites. Amazingly, the link even made it into a research paper (It’s on page 24, at the bottom of the References section)!

A whole network of tools

Digging around in the backlinks I discovered that there is a whole network of tools which are all part of the same operation. All have similar backlink profiles. They include:

• htmltidy.net
• html-css-js.com
• divtable.com
• html-cleaner.com
• html5-editor.net
• htmlg.com

Doing a Google search for “HTML Editor” reveals that these tools occupy the top three positions of the search results. This demonstrates how immensely successful this scam has been.

Link injection is mentioned in the terms of these tools

It’s true that the terms of at least one tool contain the following:

We show ads and might place randomly a link to the end of the cleaned documents.

I sincerely doubt that this disclaimer is enough to prevent a massive Google penalty. We’ll know soon enough.

That’s all for now. Follow me on Twitter to keep updated.