Online Outlaws Target Business Sites

By Jim Bray

There’s a new type of terrorist stalking the World Wide Web.

“PageJackers” attack corporate web sites, stealing their pages so they can use them to lure web surfers away from their victims and toward their clients’ sites.

The scheme – or should I call it “scam” – uses a cloaking device (though one unrelated to “Star Trek”) to masquerade one company’s pages as another’s as they list out on Internet Search Engines.

It’s part of the ultra competitive “search engine strategy” many companies use to ensure they get top billing to the millions of surfers looking for their type of business.

If you have any kind of e-mail presence, you may have received oodles of pitches claiming they can get your site listed more prominently on Internet search engines, if the price is right. I get so many of these inbox assaults that I nearly wore down my “delete” key.

The concept is quite valid, however, and it makes sense for many businesses.

“Optimizing” your search engine placement supposedly ensures that, when someone types “widgets” (or whatever it is you do or sell) into a search engine, your web site is displayed before your competition’s.

This means the web surfing public is more likely to find your site and visit it, rather than click through endless pages of matches that may or may not have anything to do with your business, but which happen to contain a similar keyword.

Unfortunately, as with so many other things, it’s open to abuse.

The problem isn’t the cloaking technology itself. Cloaking, which is also called “IP Delivery” or “Spoon Feeding,” can be used to help get around web designs that otherwise wouldn’t get indexed properly by search engines – like some pages generated by databases.

So, as with many other technologies, methodologies – or car drivers – it’s the nut behind the wheel that causes the problem.

These less than scrupulous interlopers use cloaking to get their pirated web pages to show up when the Internet address (URL) of the original company is requested.

How? The search engine is fooled into thinking it’s showing the real page, but when the searching public clicks on the “Joe’s Billiard Hall” link they found in their search, they’re whisked instead to “Frank’s Pool Parlor,” which just happens to be a client of the virtual hijackers and pays them by the click through for the people delivered to Frank’s site.

What these modern day pirates are doing is stealing the other company’s intellectual property, and using it to present its clients’ web pages. It’s an online form of the old “wolf in sheep’s clothing” ploy.

Rather than doing their own work and getting their clients listed on the search engines legitimately, they just find top-ranked pages that contain most of the same keywords they want, file the serial numbers off them and copy them onto their own servers.

Then, when the robots from the search engines come a poking around, they see the stolen page, store its fake location, and send traffic there instead of to the real McCoy (or, in the case of my example, the real “Joe”).

The issue came to my attention after a data recovery company’s “search engine optimizer” searched for a listing of web sites linking to its client’s site. The ugly discovery that it had been had opened up the whole PageJacking can of worms, causing them to file a complaint with the US Federal Trade Commission.

That supposedly led to some house cleaning and many “mea culpas” from the culprit company, which was apparently hijacking pages on a huge scale.

The last I heard, the culprit was no longer online and, needless to say, the legal ripples are still spreading.

How can a company fight the online plague of PageJacking? According to a spokesman for one of the firms hit by these modern day pirates, they’ve now been forced to hire two people whose fulltime job is to monitor the search engines and the company’s placement on them.

They made the costly move after going online one Monday and discovering that, as if by magic, their company’s listings – which they’d paid good money to have “optimized” – had disappeared into unknown reaches of cyberspace.

Which must have been a frightening prospect for a company that’s used to getting forty per cent of its customers via the Internet.

Jim Bray's technology columns are distributed by the TechnoFILE and Mochila Syndicates. Copyright Jim Bray.