Business Negative SEO Extortion Scam
A criminal contacts a small business claiming they will flood the company's website with spammy backlinks, fake reviews, or search-engine penalties unless the owner pays a recurring 'protection' fee.
Last reviewed: 5 July 2026
What this scam is
The business negative SEO extortion scam targets small and medium business owners who rely heavily on search engine visibility for customers. The scammer claims the ability to sabotage the target's search ranking through 'negative SEO' techniques — building low-quality or spam backlinks to trigger search engine penalties, reporting the site as unsafe, or generating a wave of fake reviews — and offers to withhold the attack, or reverse an attack already supposedly underway, in exchange for payment.
In most cases the technical threat is exaggerated or entirely bluffed: modern search engines are generally resilient to externally built spam links damaging a legitimate site's ranking, and platforms have review-fraud detection systems. However, business owners without technical SEO knowledge often cannot easily verify this, which is exactly what the extortionist relies on.
How it works
The scammer typically scrapes publicly available contact details from a business's website or directory listing, then sends a mass email to many businesses simultaneously using a templated threat with the business name inserted.
The message describes the supposed attack in intimidating jargon — 'toxic backlink campaign', 'negative trust signals', 'de-indexing your domain' — sometimes attaching a screenshot or spreadsheet of a handful of spammy links as fabricated 'proof' the attack has already begun. It demands a payment, often recurring monthly, framed as a 'protection' or 'monitoring' fee to prevent or reverse the damage.
If the business pays, the scammer may claim credit for the site's ranking staying stable (which would have happened regardless) and return later with a renewed demand, sometimes escalating the threat or targeting the business's online reviews next.
Why this scam works
Small business owners are often justifiably worried about their search ranking and online reputation but lack the technical background to evaluate an SEO threat independently. Jargon-heavy language creates an appearance of expertise, and the fear of losing customers who search for the business online is a powerful motivator to pay rather than investigate.
The scam also exploits a kernel of real technical possibility — negative SEO tactics do exist — which makes the threat feel plausible even though the actual risk to a well-established, legitimate business is typically low.
A typical pattern
The owner of a small business or online store receives an email or message claiming that the sender has identified vulnerabilities in the business's search engine ranking and can either 'protect' the site or damage it. The message describes a negative SEO attack in technical-sounding terms — thousands of spam backlinks pointed at the site, fake malware flags reported to search engines, or a wave of coordinated fake negative reviews — and states that these actions will begin within a set number of days unless a payment is made. Sometimes the sender includes a sample of a few low-quality backlinks or a screenshot of a search console warning to make the threat appear technically credible. The business owner, uncertain how search rankings work and fearful of losing customers who find the business online, is pressured to pay a one-off or recurring fee to make the threat stop.
Common red flags
- Unsolicited email using technical SEO jargon to describe an alleged attack
- Demand for payment framed as 'protection' or 'monitoring' to prevent damage
- Screenshot or spreadsheet presented as proof, often generic or low-quality
- Recurring or subscription-style payment requested rather than a one-off resolution
- No verifiable company name, business registration, or physical address provided by the sender
- Threat is sent as an identical or near-identical template to many businesses
Sanitized example messages
Illustrative, sanitized examples. Personal details are replaced with placeholders such as [phone number] and [fake link].
"We have identified that your website is vulnerable to a negative SEO attack. Within 5 days, thousands of toxic backlinks will be pointed at your domain unless you engage our protection service for [AMOUNT] per month."
"Your competitors have hired us to destroy your search rankings. We can stop the campaign for a one-time fee of [AMOUNT], payable within 48 hours."
"See attached: 200 spam links already pointing to your site. This is just the beginning. Pay [AMOUNT] to have them removed and prevent further damage."
Common variations
- Fake proof-of-attack variant: scammer sends a spreadsheet of spam backlinks claiming the campaign is already live
- Review-bombing threat variant: threatens a wave of fake negative reviews on business listing platforms unless paid
- Recurring subscription variant: frames the payment as an ongoing 'SEO protection' service rather than a one-off fee
- Fake de-indexing threat: claims to have the ability to get the business's website removed from search results entirely
- Competitor-impersonation variant: implies the threat is being carried out on behalf of an anonymous competitor
How to verify before you act
Check the business's search console or analytics tools for any actual, unusual drop in rankings or traffic before assuming the claim is genuine — in the vast majority of cases, no real change has occurred. A reputable SEO professional or agency can review any backlinks flagged in the threat and confirm whether they pose a genuine risk.
Search online for the exact wording of the threatening email; this scam is frequently sent as a template to many businesses, and other recipients may have already identified and reported it as a scam.
Payment methods used
- Cryptocurrency
- Bank/wire transfer
- Gift cards
- Money transfer services
- Payment apps to 'friends & family'
Who is usually targeted
- Small and medium business owners with limited SEO knowledge
- E-commerce store owners dependent on organic search traffic
- Local service businesses relying on online reviews and search visibility
What to do immediately
- Do not pay or engage with the sender
- Check your search console and analytics for any genuine change in ranking or traffic
- Search online for the exact wording of the email to check if others have reported it as a scam
- Report the email as spam or phishing to your email provider
- Consult a reputable SEO professional if you remain concerned about specific flagged links
- Warn other local business owners or trade associations if you receive this threat
How to prevent it
- Do not respond to or pay unsolicited threats regarding your website's search ranking
- Monitor your own search console and analytics regularly so you can independently verify any claimed drop in performance
- Use the disavow tool provided by major search engines if you discover genuinely suspicious backlinks, rather than paying a stranger
- Consult a reputable, verifiable SEO professional if you are unsure whether a threat is credible
- Keep your business contact details on your website professional but be aware they can be scraped for mass scam campaigns
- Educate staff who manage the business website or email inbox about this scam pattern
Evidence to preserve
- Full copy of the email including headers
- Any attached 'proof' files or screenshots
- Payment details or wallet addresses requested
- Date and time the threat was received
Where to report it
- Action Fraud (UK) — UK national fraud & cybercrime reporting centre
- FTC ReportFraud (US) — US Federal Trade Commission fraud reports
- FBI IC3 (US) — US Internet Crime Complaint Center
- Scamwatch (Australia) — Australian competition & consumer reporting
- Your bank's fraud line — Use the number on the back of your card or in your banking app — never a number the caller gives you
Always verify reporting routes and emergency contacts on the official government or agency website for your country.
Frequently asked questions
Can someone really damage my website's search ranking from outside?
Genuine negative SEO attacks are technically possible but rare, and modern search engines are generally resilient against externally built spam links harming an established, legitimate site. Most threats of this kind are bluffs designed to frighten business owners into paying.
Should I engage with the sender to negotiate or ask questions?
No. Engaging confirms your email is active and monitored, which can lead to further scam attempts. Report and ignore the message instead.
What should I do if I do notice a real drop in my rankings?
Investigate through your own search console and analytics tools, and consult a reputable, independently verified SEO professional — not the person who sent the threatening email.