In Yahoo Site Explorer I just noticed a link attack on my own site and a competitors'. His and my site are first and second for a "blue widget"-type search. I can't find other sites (3rd, 4th, etc) with the same problem.
The attack exists of different components (as far as I can see in Site Explorer):
1 blocks of apparently random text and links on hundreds of pages on dozens of domains (each site is attacked from a different set of domains). These pages have strange extensions, such as: /kqzim/exyj.php?t=485784, /wphet/xnxybx.php?rk=574041, etc. The links on these pages are directly to domain names (no www.) of the attacked sites, so in my case not visible in Google Webmaster Tools. The other links on these pages are to other, similar attacker pages on other domains (but these are not attacking my site; so there are no "link wheels"), to non-existing pages (removed attacker pages?), and to other attacked sites not related to mine. The attacked sites have their domain name as anchor text, but the other attacker pages linked have what seem random text fragments as anchor texts.
2 hidden links on a dozen or so front pages of high PR web sites not related to my site. The hidden links are placed between strange tags, such as <efskert3sewrt>hidden links<aoe4dell231rr> just before or after the </body></html> tags. The links are similar to those mentioned above, but there is no random text in between them;
3 dozens of pages on seodigger.com, generated for other competitors. This may be a co´ncidence, but I have not seen them before.
All pages (type 1 and 2) are different, in all it seems a huge network of attacker pages and hidden texts. In all there are 350 such links to my site visible in Site Explorer, and 250 to my competitor.
A quick IP address check shows that the site are hosted on a limited amount of servers (3-6 sites per IP address) which may mean servers are attacked or someone hosts the sites on a network of servers. All sites have different registrants, but the majority of them have "Domain Privacy" as admin, billing and tech contacts, and pipedns.com as dns service. This seems to point in the direction of false (or outdated) registrant names, with all sites in reality owned by one person. The field of my site is not internet-related, so I can't imagine this is done by a competitor by himself. I suspect this is done by an SEO company specialized in negative SEO, in other words rank clients in Google by attacking their competitors.
-has anyone seen this before?
-any ideas how to check further for the magnitude of the attack? I imagine I see just the tip of the iceberg.
-any ideas what I should so? My ranking is not affected sofar, so Google reinclusion request seems out of the question?
-my site is old and established so may not be affected, but should I lean back and wait? Doesn't feel good. On the other hand it doesn't feel good defending myself from such unethical behaviour either