How One Website Exploited Amazon S3 to Outrank Everyone on Google
So, something is obviously off here. I naturally had to dig a little bit deeper.
First off, the site seems completely bare. For something ranking so high for massively competitive keywords, there is practically no information on the page, no links to things like Categories, About, Blog, Contact, Privacy Policy, Terms of Use, etc… That’s practically unheard of for a site in this type of position.
Second, I notice the company logo links to the root domain of (https://s3.amazonaws.com) and I find a About link buried in the footer that I’m guessing is supposed to the appear like it’s the real AWS about page https://s3.amazonaws.com/pages/about-us.html (now a 404 error). Both of those are immediate red flags that something is really off here.
Third, I notice all the links are routing through (promocodefor.org via 301 and 302 redirects) and upon looking at into it, the domain has experienced quite the traffic spike recently. Looking into its Google rankings, that website doesn’t rank for anything other than a few obscure terms. So, that traffic isn’t coming organically. It’s all coming via direct visitors or referrals (which in this case would be people clicking these links from these thousands of coupon pages).
Most likely, that massive traffic spike is all people clicking links on these Amazon S3 uploaded coupon pages. Meaning, whoever this person is, they are getting hundreds of thousands of clicks on their affiliate links, appending hundreds of thousands of their tracking cookies onto people’s web browsers, and making serious $$$$.
There is no way to estimate how much they are earning, but let me put it this way. I have a friend who runs a review site, that ranks for various web hosting related search queries like “web hosting reviews” and “godaddy hosting review” etc… He’s not the #1 result and he’s one of many sites that rank for the same terms, so it’s not like he is getting 100% of the traffic. He still pulled in over $140,000 in affiliate commissions in 2017. PS — Don’t quit your day job. It took him years to get those rankings and it’s only last year it finally started to pay off.
Fourth, I jump over to the source code of the site to find some super bare code. It’s nothing more than simple pure html, using only locally uploaded resources (css, js, etc…) and it doesn’t appear to have a single externally loaded resource (including Google Analytics which is practically a default for most websites).
Fifth, almost all the info on the page is faked. The counters, visitors, rating are all hard coded onto the page and haven’t changed in days. The search doesn’t work, the filtering is broken on most of the, and various elements like Load More are broken. They are static elements, made to look like real activity is going on, so the visitor believes these pages are on an active and useful website.
Sixth, I can see that there are thousands of these pages. Each one is sitting in its own Amazon S3 bucket, one page per bucket. Each bucket dedicated to a different retailer.
There is a lot more going on here, so before I jump to any final conclusions, I’m going to continue talking to some SEO experts I’ve known for years to get their ideas on how they got all of these indexed and why Google seems to be ranking them as if they were a part of the main amazonaws.com website.
“Thanks For the Sweet Advice, I’ll Go Do This Now”
Hold off on those world domination plans. This is the definition of what is called Black Hat SEO. There is a zero percent chance that this doesn’t both violate the Terms of Use for Amazon AWS and that the Google SPAM team wouldn’t consider this to be a blatant violation of their Webmaster Guidelines. Meaning, these amazing Google rankings are soon to go “poof!” into the ether.
Let’s go back to that sprinting analogy. You ran your heart out, you took the silver medal, you get to stand on the podium, and return to your country a hero. Black Hat SEO is that, but the only thing is… you get called out for doping, stripped of your medals, and all your work was for nothing. Black-hat SEO, like this coupon site, only last for temporary periods of time, they get caught, it all becomes worthless, and you are forced to try to find the next scheme. It’s always better to stick with White Hat, put in the work, and reap the long term benefits.