SEO
How to Avoid Mistaking Correlation for Causation in SEO
Every so often the SEO community will erupt into an uproar at the publication of a new ranking factors study.
The usual cry – “correlation is not the same as causation!”
You may be familiar with the terms.
Correlation is the “mutual relation of two or more things” and causation is “the action of causing or producing.”
Essentially, is something genuinely the cause of a result, or does it just happen to change in line with the result?
To put it clearly, here is an unusual example of correlation.
According to the data gathered by Tylervigen.com from the U.S. Department of Agriculture and National Science Foundation, there is a direct correlation between the number of Civil Engineering doctorates awarded in the U.S. and the per-person consumption of mozzarella cheese.
That’s right.
Want more civil engineers to graduate in the U.S.?
You’d better start eating more cheese.
We can all quickly identify that it’s likely being a coincidence rather than a causal link.
This is a good example of correlation not being the same as causation.
Why Are Correlation & Causation a Concern in SEO?
A lot of SEO activity is based on trial and error, experience, and statements from search engine representatives.
Due to this, there are often assertions made like “SEO activity X has a positive effect on your webpage rankings.”
For example: “links from authoritative websites will improve your website’s SERP rankings.”
Sometimes, these will be accurate – the stated activity will be what has caused the ranking increase.
Other times, it is purely coincidental.
The issue with this is that there can be substantial time and money invested in carrying out SEO activities that will never pay off.
For instance, what if there was an SEO study that suggested the number of JPEGs on a page was a ranking factor.
This hypothetical study suggested that the more JPEGs the higher you are likely to rank in Google.
This might cause SEO professionals to start adding images to their pages regardless of whether they would benefit the end-user.
And paying for photographs or a premium image service could be expensive.
No to mention the time taken to upload the images to every page could also be costly.
How to Avoid Mistaking Correlation for Causation
How then do you decide if Y is affected by X, or if changes are mere coincidences?
Consider the Claim
First of all, consider what is being claimed.
Sometimes a commonsense check of what is being discussed will be enough to determine whether the correlation is a coincidence.
The following two questions can go a long way to working this out:
- How could the search engines measure this?
- How would it benefit the end user and therefore the search engines?
This is not an exhaustive list.
The cynical us might ask, “would this financially benefit the search engine?”
Or you might wonder, “would this be the case for my industry?”
It might be that a supposed ranking factor would not make sense for the industry you are in.
For instance “your money or your life” (YMYL) pages, ecommerce, or entertainment sites might have been subject to different weightings for different ranking factors.
What Does Your Experience Say?
Have you experienced SEO results in a way that rings true with the causation statement made?
Your experience is just as valid as anyone else’s.
If you have seen the opposite happen – for instance, removing unnecessary JPEGs from a page caused your page’s ranking to increase – then that is reason enough to investigate the claim further.
Identify Other Factors
With the example given above, there might be other reasons why adding JPEGs to a page correlated with an increase in SERP rank for a page.
For instance, maybe the images included alt attributes and that was actually what made the difference in rank.
Perhaps the images were part of a page’s redesign and other elements like unique copy were also introduced at the same time.
It’s also hard with studies run by third parties to know the true methodology.
Perhaps there were other variables in play that the researchers did not account for.
That alone could call into question the validity of the experiment.
How Big Is the Sample?
When running statistical experiments a researcher will be looking for results that have reached a statistical significance.
That is, an assurance that the relationship between X and Y did not occur through chance.
In order to achieve a reliable level of statistical significance, your sample size has to be large enough.
If your sample size is not large enough your experiment may be subject to a sampling error.
A correlation may emerge that would simply not be there in a larger sample size.
In our example, what if only three websites were used as part of the study into how JPEGs affect rankings.
If two of them had seen ranking increases when adding JPEGs to a page and one of them did not then you could conclude that JPEGs have a positive effect on rankings.
However, what if you added a further seven websites to your study, and each of those did not show an increase in rankings when JPEGs were added to the page.
That would bring the result to two which showed rank increases and eight that did not.
What would happen to the results with another 10 websites?
Three is simply too small a sample size to make declarations about all the websites in the search engine index.
How Varied Is the Sample?
Similarly, if your sample is not a diverse enough representation of the entire data set then you risk sampling errors.
For instance, what if the websites chosen for our hypothetical study were all ecommerce sites.
Would it be a reliable enough experiment to apply those findings to information only sites?
Could they be applied to YMYL sites?
What if the websites sampled were all built on WordPress?
Would it be a fair conclusion to assume that websites running on Magento would rank in a similar way?
A Caution on Third-Party Studies
It is very easy to see studies shared around the likes of Twitter and LinkedIn and assume the study is thorough.
Similarly, listening to a speaker share their case study at a conference may inspire confidence that their conclusions are valid.
You can’t be sure of this, however.
A third party study may have experimental flaws.
One case study is too small a sample size.
Conclusion
Whenever you hear a claim about what is or isn’t important in SEO and there is data used to back it up, make sure you bring yourself back to your school science experiments.
Was there a large enough sample used?
Were all the variables accounted for and controlled?
Would you get an “A” grade for that study?
If there is any doubt then make sure you do not take the conclusions as fact.
Instead, continue to experiment on your own.
Monitor the effect of any changes you make to your sites to see if they have the result you expected.
More Resources:
Image Credits
Screenshot taken by author, October 2020
SEO
Mozilla VPN Security Risks Discovered

Mozilla published the results of a recent third-party security audit of its VPN services as part of it’s commitment to user privacy and security. The survey revealed security issues which were presented to Mozilla to be addressed with fixes to ensure user privacy and security.
Many search marketers use VPNs during the course of their business especially when using a Wi-Fi connection in order to protect sensitive data, so the trustworthiness of a VNP is essential.
Mozilla VPN
A Virtual Private Network (VPN), is a service that hides (encrypts) a user’s Internet traffic so that no third party (like an ISP) can snoop and see what sites a user is visiting.
VPNs also add a layer of security from malicious activities such as session hijacking which can give an attacker full access to the websites a user is visiting.
There is a high expectation from users that the VPN will protect their privacy when they are browsing on the Internet.
Mozilla thus employs the services of a third party to conduct a security audit to make sure their VPN is thoroughly locked down.
Security Risks Discovered
The audit revealed vulnerabilities of medium or higher severity, ranging from Denial of Service (DoS). risks to keychain access leaks (related to encryption) and the lack of access controls.
Cure53, the third party security firm, discovered and addressed several risks. Among the issues were potential VPN leaks to the vulnerability of a rogue extension that disabled the VPN.
The scope of the audit encompassed the following products:
- Mozilla VPN Qt6 App for macOS
- Mozilla VPN Qt6 App for Linux
- Mozilla VPN Qt6 App for Windows
- Mozilla VPN Qt6 App for iOS
- Mozilla VPN Qt6 App for Androi
These are the risks identified by the security audit:
- FVP-03-003: DoS via serialized intent
- FVP-03-008: Keychain access level leaks WG private key to iCloud
- VP-03-010: VPN leak via captive portal detection
- FVP-03-011: Lack of local TCP server access controls
- FVP-03-012: Rogue extension can disable VPN using mozillavpnnp (High)
The rogue extension issue was rated as high severity. Each risk was subsequently addressed by Mozilla.
Mozilla presented the results of the security audit as part of their commitment to transparency and to maintain the trust and security of their users. Conducting a third party security audit is a best practice for a VPN provider that helps assure that the VPN is trustworthy and reliable.
Read Mozilla’s announcement:
Mozilla VPN Security Audit 2023
Featured Image by Shutterstock/Meilun
SEO
Link Building Outreach for Noobs

Link outreach is the process of contacting other websites to ask for a backlink to your website.
For example, here’s an outreach email we sent as part of a broken link building campaign:
In this guide, you’ll learn how to get started with link outreach and how to get better results.
How to do link outreach
Link outreach is a four-step process:
1. Find prospects
No matter how amazing your email is, you won’t get responses if it’s not relevant to the person you’re contacting. This makes finding the right person to contact equally as important as crafting a great email.
Who to reach out to depends on your link building strategy. Here’s a table summarizing who you should find for the following link building tactics:
As a quick example, here’s how you would find sites likely to accept your guest posts:
- Go to Content Explorer
- Enter a related topic and change the dropdown to “In title”
- Filter for English results
- Filter for results with 500+ words
- Go to the “Websites” tab


This shows you the websites getting the most search traffic to content about your target topic.
From here, you’d want to look at the Authors column to prioritize sites with multiple authors, as this suggests that they may accept guest posts.


If you want to learn how to find prospects for different link building tactics, I recommend reading the resource below.
2. Find their contact details
Once you’ve curated a list of people to reach out to, you’ll need to find their contact information.
Typically, this is their email address. The easiest way to find this is to use an email lookup tool like Hunter.io. All you need to do is enter the first name, last name, and domain of your target prospect. Hunter will find their email for you:


To prevent tearing your hair from searching for hundreds of emails one-by-one, most email lookup tools allow you to upload a CSV list of names and domains. Hunter also has a Google Sheets add-on to make this even easier.


3. Send a personalized pitch
Knowing who to reach out to is half the battle won. The next ‘battle’ to win is actually getting the person to care.
Think about it. For someone to link to you, the following things need to happen:
- They must read your email
- They must be convinced to check out your content
- They must open the target page and complete all administrative tasks (log in to their CMS, find the link, etc.)
- They must link to you or swap out links
That’s a lot of steps. Most people don’t care enough to do this. That’s why there’s more to link outreach than just writing the perfect email (I’ll cover this in the next section).
For now, let’s look at how to craft an amazing email. To do that, you need to answer three questions:
- Why should they open your email? — The subject line needs to capture attention in a busy inbox.
- Why should they read your email? — The body needs to be short and hook the reader in.
- Why should they link to you? — Your pitch needs to be compelling: What’s in it for them and why is your content link-worthy?
For example, here’s how we wrote our outreach email based on the three questions:


Here’s another outreach email we wrote, this time for a campaign building links to our content marketing statistics post:


4. Follow up, once
People are busy and their inboxes are crowded. They might have missed your email or read it and forgot.
Solve this by sending a short polite follow-up.


One is good enough. There’s no need to spam the other person with countless follow-up emails hoping for a different outcome. If they’re not interested, they’re not interested.
Link outreach tips
In theory, link outreach is simply finding the right person and asking them for a link. But there is more to it than that. I’ll explore some additional tips to help improve your outreach.
Don’t over-personalize
Some SEOs swear by the sniper approach to link outreach. That is: Each email is 100% customized to the person you are targeting.
But our experience taught us that over-personalization isn’t better. We ran link-building campaigns that sent hyper-personalized emails and got no results.
It makes logical sense: Most people just don’t do favors for strangers. I’m not saying it doesn’t happen—it does—but rarely will your amazing, hyper-personalized pitch change someone’s mind.
So, don’t spend all your time tweaking your email just to eke out minute gains.
Avoid common templates
My first reaction seeing this email is to delete it:


Why? Because it’s a template I’ve seen many times in my inbox. And so have many others.
Another reason: Not only did he reference a post I wrote six years ago, it was a guest post, i.e., I do not have control over the site. This shows why finding the right prospects is important. He even got my name wrong.
Templates do work, but bad ones don’t. You can’t expect to copy-paste one from a blog post and hope to achieve success.
A better approach is to use the scoped shotgun approach: use a template but with dynamic variables.


You can do this with tools like Pitchbox and Buzzstream.
This can help achieve a decent level of personalization so your email isn’t spammy. But it doesn’t spend all your time writing customized emails for every prospect.
Send lots of emails
When we polled 800+ people on X and LinkedIn about their link outreach results, the average conversion rate was only 1-5%.


This is why you need to send more emails. If you run the numbers, it just makes sense:
- 100 outreach emails with a 1% success rate = 1 link
- 1,000 outreach emails with a 1% success rate = 10 links
I’m not saying to spam everyone. But if you want more high-quality links, you need to reach out to more high-quality prospects.
Build a brand
A few years ago, we published a link building case study:
- 515 outreach emails
- 17.55% reply rate
- 5.75% conversion rate
Pretty good results! Except the top comments were about how we only succeeded because of our brand:


It’s true; we acknowledge it. But I think the takeaway here isn’t that we should repeat the experiment with an unknown website. The takeaway is that more SEOs should be focused on building a brand.
We’re all humans—we rely on heuristics to make judgments. In this case, it’s branding. If your brand is recognizable, it solves the “stranger” problem—people know you, like you, and are more likely to link.
The question then: How do you build a brand?
I’d like to quote our Chief Marketing Officer Tim Soulo here:
What is a strong brand if not a consistent output of high-quality work that people enjoy? Ahrefs’ content team has been publishing top-notch content for quite a few years on our blog and YouTube channel. Slowly but surely, we were able to reach tens of millions of people and instill the idea that “Ahrefs’ content = quality content”—which now clearly works to our advantage.
Ahrefs was once unknown, too. So, don’t be disheartened if no one is willing to link to you today. Rome wasn’t built in a day.
Trust the process and create incredible content. Show it to people. You’ll build your brand and reputation that way.
Build relationships with people in your industry
Outreach starts before you even ask for a link.
Think about it: People don’t do favors for strangers but they will for friends. If you want to build and maintain relationships in the industry, way before you start any link outreach campaigns.
Don’t just rely on emails either. Direct messages (DMs) on LinkedIn and X, phone calls—they all work. For example, Patrick Stox, our Product Advisor, used to have a list of contacts he regularly reached out to. He’d hop on calls and even send fruit baskets.
Create systems and automations
In its most fundamental form, link outreach is really about finding more people and sending more emails.
Doing this well is all about building systems and automations.
We have a few videos on how to build a team and a link-building system, so I recommend that you check them out.
Final thoughts
Good link outreach is indistinguishable from good business development.
In business development, your chances of success will increase if you:
- Pitch the right partners
- Have a strong brand
- Have prior relationships with them
- Pitch the right collaboration ideas
The same goes for link outreach. Follow the principles above and you will see more success for your link outreach campaigns.
Any questions or comments? Let me know on Twitter X.
SEO
Research Shows Tree Of Thought Prompting Better Than Chain Of Thought

Researchers discovered a way to defeat the safety guardrails in GPT4 and GPT4-Turbo, unlocking the ability to generate harmful and toxic content, essentially beating a large language model with another large language model.
The researchers discovered that the use of tree-of-thought (ToT)reasoning to repeat and refine a line of attack was useful for jailbreaking another large language model.
What they found is that the ToT approach was successful against GPT4, GPT4-Turbo, and PaLM-2, using a remarkably low number of queries to obtain a jailbreak, on average less than thirty queries.
Tree Of Thoughts Reasoning
A Google research paper from around May 2022 discovered Chain of Thought Prompting.
Chain of Thought (CoT) is a prompting strategy used on a generative AI to make it follow a sequence of steps in order to solve a problem and complete a task. The CoT method is often accompanied with examples to show the LLM how the steps work in a reasoning task.
So, rather than just ask a generative AI like Midjourney or ChatGPT to do a task, the chain of thought method instructs the AI how to follow a path of reasoning that’s composed of a series of steps.
Tree of Thoughts (ToT) reasoning, sometimes referred to as Tree of Thought (singular) is essentially a variation and improvement of CoT, but they’re two different things.
Tree of Thoughts reasoning is similar to CoT. The difference is that rather than training a generative AI to follow a single path of reasoning, ToT is built on a process that allows for multiple paths so that the AI can stop and self-assess then come up with alternate steps.
Tree of Thoughts reasoning was developed in May 2023 in a research paper titled Tree of Thoughts: Deliberate Problem Solving with Large Language Models (PDF)
The research paper describes Tree of Thought:
“…we introduce a new framework for language model inference, Tree of Thoughts (ToT), which generalizes over the popular Chain of Thought approach to prompting language models, and enables exploration over coherent units of text (thoughts) that serve as intermediate steps toward problem solving.
ToT allows LMs to perform deliberate decision making by considering multiple different reasoning paths and self-evaluating choices to decide the next course of action, as well as looking ahead or backtracking when necessary to make global choices.
Our experiments show that ToT significantly enhances language models’ problem-solving abilities…”
Tree Of Attacks With Pruning (TAP)
This new method of jailbreaking large language models is called Tree of Attacks with Pruning, TAP. TAP uses two LLMs, one for attacking and the other for evaluating.
TAP is able to outperform other jailbreaking methods by significant margins, only requiring black-box access to the LLM.
A black box, in computing, is where one can see what goes into an algorithm and what comes out. But what happens in the middle is unknown, thus it’s said to be in a black box.
Tree of thoughts (TAP) reasoning is used against a targeted LLM like GPT-4 to repetitively try different prompting, assess the results, then if necessary change course if that attempt is not promising.
This is called a process of iteration and pruning. Each prompting attempt is analyzed for the probability of success. If the path of attack is judged to be a dead end, the LLM will “prune” that path of attack and begin another and better series of prompting attacks.
This is why it’s called a “tree” in that rather than using a linear process of reasoning which is the hallmark of chain of thought (CoT) prompting, tree of thought prompting is non-linear because the reasoning process branches off to other areas of reasoning, much like a human might do.
The attacker issues a series of prompts, the evaluator evaluates the responses to those prompts and then makes a decision as to what the next path of attack will be by making a call as to whether the current path of attack is irrelevant or not, plus it also evaluates the results to determine the likely success of prompts that have not yet been tried.
What’s remarkable about this approach is that this process reduces the number of prompts needed to jailbreak GPT-4. Additionally, a greater number of jailbreaking prompts are discovered with TAP than with any other jailbreaking method.
The researchers observe:
“In this work, we present Tree of Attacks with Pruning (TAP), an automated method for generating jailbreaks that only requires black-box access to the target LLM.
TAP utilizes an LLM to iteratively refine candidate (attack) prompts using tree-of-thoughts reasoning until one of the generated prompts jailbreaks the target.
Crucially, before sending prompts to the target, TAP assesses them and prunes the ones unlikely to result in jailbreaks.
Using tree-of-thought reasoning allows TAP to navigate a large search space of prompts and pruning reduces the total number of queries sent to the target.
In empirical evaluations, we observe that TAP generates prompts that jailbreak state-of-the-art LLMs (including GPT4 and GPT4-Turbo) for more than 80% of the prompts using only a small number of queries. This significantly improves upon the previous state-of-the-art black-box method for generating jailbreaks.”
Tree Of Thought (ToT) Outperforms Chain Of Thought (CoT) Reasoning
Another interesting conclusion reached in the research paper is that, for this particular task, ToT reasoning outperforms CoT reasoning, even when adding pruning to the CoT method, where off topic prompting is pruned and discarded.
ToT Underperforms With GPT 3.5 Turbo
The researchers discovered that ChatGPT 3.5 Turbo didn’t perform well with CoT, revealing the limitations of GPT 3.5 Turbo. Actually, GPT 3.5 performed exceedingly poorly, dropping from 84% success rate to only a 4.2% success rate.
This is their observation about why GPT 3.5 underperforms:
“We observe that the choice of the evaluator can affect the performance of TAP: changing the attacker from GPT4 to GPT3.5-Turbo reduces the success rate from 84% to 4.2%.
The reason for the reduction in success rate is that GPT3.5-Turbo incorrectly determines that the target model is jailbroken (for the provided goal) and, hence, preemptively stops the method.
As a consequence, the variant sends significantly fewer queries than the original method…”
What This Mean For You
While it’s amusing that the researchers use the ToT method to beat an LLM with another LLM, it also highlights the usefulness of ToT for generating surprising new directions in prompting in order to achieve higher levels of output.
- TL/DR Takeaways:
- Tree of Thought prompting outperformed Chain of Thought methods
- GPT 3.5 worked significantly poorly in comparison to GPT 4 in ToT
- Pruning is a useful part of a prompting strategy
- Research showed that ToT is superior to CoT in an intensive reasoning task like jailbreaking an LLM
Read the original research paper:
Tree of Attacks: Jailbreaking Black-Box LLMs Automatically (PDF)
Featured Image by Shutterstock/THE.STUDIO
-
SOCIAL7 days ago
Musk regrets controversial post but won’t bow to advertiser ‘blackmail’
-
SEO5 days ago
GPT Store Set To Launch In 2024 After ‘Unexpected’ Delays
-
SOCIAL6 days ago
Is this X’s (formerly Twitter) final goodbye to big advertisers? It looks like it
-
SEO7 days ago
A Year Of AI Developments From OpenAI
-
SEARCHENGINES5 days ago
Google Core Update Done Followed By Intense Search Volatility, New Structured Data, Google Ads Head Steps Down & 20 Years Covering Search
-
TECHNOLOGY6 days ago
Next-gen chips, Amazon Q, and speedy S3
-
SEO6 days ago
Firefox URL Tracking Removal – Is This A Trend To Watch?
-
MARKETING5 days ago
The Complete Guide to Becoming an Authentic Thought Leader