Tuesday, December 29, 2015

What is Page Hijacking ?

If a website duplicates the contents of a popular website, web crawlers will detect the duplicate while indexing the webpages. And if two pages have same content, only one will be shown and the other will be kept in Show Similar Pages. And, attackers take advantage of this behavior in Page Hijacking.

How is Page Hijacking perpetrated ?

In Page Hijacking, attackers make a website, duplicating the contents of a popular website. Then, they use some malicious techniques that ensures that after a few weeks their duplicate website gets shown and the other is kept in Show Similar Pages.

For example, suppose a popular website is called www.ecommerce.com and it sells online clothes.

To do Page Hijacking, attackers first make a website www.ecommerce.org and duplicate the webpages. After a few weeks, the search result will show something like this :

Ecommerce.org - Buy Clothes Online
Offering clothes online
- Show Similar Pages -

As a result, visitors searching with “online clothes” will end up visiting the malicious website www.ecommerce.org, instead of the authentic website of ecommerce.com.

Now, the attackers are free to redirect the innocent visitors to an unrelated malicious website, which may spread malware through drive-by download or by some other means. Or, the attackers may even plan for perpetrating more attacks.

Prevention of Page Hijacking for Users

A couple of steps can be taken to prevent falling victims of Page Hijacking :

  • Use your common sense while browsing. Do not install anything in your computer, unless you are very sure how much trusted the source is.
  • Use anti-virus autoprotection, so that it can alert you at proper time.
  • Keep an anti-hijack toolkit to be on safer side. You can use Ad-aware, Spybot, Hijackthis, CWShredder or similar.
  • Keep your browser and other commonly used software updated with recent security patches.

Prevention of Page Hijacking for Website Owners

If a website is falling victim of Page Hijacking and website traffic rank is dropping dramatically suffering the business a lot, the website owners should contact the third-party site first. A couple of times Page Hijacking happens unintentionally. If that is the case, then the third-party site cooperates in most of the cases.

However, if Page Hijacking is done for malicious purposes, then the website owners should report the malicious website to search engines. Many a times the search engines investigate the matter and take necessary steps.

No comments:

Post a Comment