I do a lot of work for a company in a very competitive legal services niche in the UK. Its website does well on search engines because of a healthy (and white hat) backlinks profile and content by a professional writer. The website recently suffered a very successful attack that some SEO experts claim is impossible.
The website was cloned, the company name changed and contact details replaced with non-existent ones. The clone was then made to appear well above the real site on search results for the keywords we target, in many cases removing it completely. In effect it was a denial of service attack, almost certainly ordered by a competitor.
Bizarrely, on the clone site all the names on the staff page were changed.
I have written an article for a general readership, Fake copies of our website made us disappear from Google search, about what happened during the attack and what I did about it. I would like to add further tips for prevention and cure.
My working hypothesis is that the attack worked because it used click farming. However, I am a white hat kind of guy so I know very little about the black hat world.
I cannot find anybody on the Internet who has had this exact form of attack. I would really appreciate help with this before any next attempt.