News Stay informed about the latest enterprise technology news and product updates.

Is your Web site atop the search pile? Better watch your back.

As competition heats up for a higher perch on MSN, Yahoo and Google searches, more Web sites are falling victim to pirates rigging the results. One consultant shows how to fight back.

Congratulations, your company's Web site made the top of a Google, Yahoo or MSN search, based on traffic and carefully created page descriptors. Now you must make sure you don't take a hit.

An increasing number of Web sites are falling victim to search engine pirates who steal source code and use scripts to redirect browsers to their sites. The increased traffic boosts their rankings on the top search engines, where more eyeballs may mean more revenue.

"Whenever you become top-ranked, it's almost like you might as well put crosshairs on yourself and paint a target -- because everyone is gunning for you," said Garry Grant, CEO of Carlsbad, Calif., consultancy Search Engine Optimization [SEO] Inc. Grant says illegal practices like "pagejacking" and "screenscraping" are worse than ever.

"It's gotten completely out of control. Some of this is still your typical search engine spam, but the new wave coming in is doing some incredible stuff," he explains. Grant cited a Chinese company, which wrote a proxy script that indexed other Web sites and then attached the victimized company's domain to its site, effectively becoming the victim's subdomain. Victims included eBay and Google.

During the last six months, Grant's company has documented scores of copyright infringements, in which someone illegally

More on Web threats
Check out our resource center on web threats.
reproduced SEO's Web site content to get search engines to index his site using the unauthorized material. The practice is known as pagejacking, in which someone copies Web page content and pastes it into another, unauthorized site. The thieves move enough stolen content to submit the illegal site to major search engines for indexing.

Grant, a former rock musician who's played with superstars like Bruce Springsteen and Jon Bon Jovi, has a vested interest in companies policing their sites. SEO Inc.'s 65 employees work with 220 active clients seeking better visibility on the top search engines. The proliferation of pirates makes the task more difficult. "Money -- that is the motivator behind this," he explained. "A top spot on a search directly equals revenue. Having a top spot is highly coveted. It's like having a billboard in Times Square."

How do you know you've been 'duped'?
A good place to find out if your site's been violated is to visit A free service displays the top 10 Web sites with matching or similar content to your own. It even highlights the duplicated text in each entry. The company also offers a subscription service with expanded results and e-mailed notifications when new instances of possible infringement pop up.

Once you find you've been "duped," it's time to e-mail the offending site a sternly worded letter informing the company it is in violation of the Digital Millennium Copyright Act, which carries some stiff fines for violators. Grant advises allowing 24 hours for copyrighted content to be removed before threatening legal action.

Another way to find plagiarists is to closely examine search results to see who is linking to you. What you're looking for are people engaged in "screenscraping," where someone views a page's source code, copies it and then creates an identical page on another site. Thieves also use sneaky redirect scripts to so browsers heading to one site instead land on another.

There are tools known as "page snoopers" that will show you code behind a suspicious URL. Many are freely available via a Web search. Again, type in the URL and compare its source code to your site's.

If it's a match, you can contact a search site's abuse department to report the offender. "But don't just send an e-mail saying you've been violated," Grant advised. "You have to be analytical and detailed in the message you send." Include a statement of the problem that includes your URL and those you believe are stealing your material or improperly linking to it. Ask for the offending sites to be removed. "If you detail and document so they don't have to research, it will be handled more quickly,"

There is a danger, however, in being lumped with bad neighbors. "If you have your content duplicated and the search engine does some filtering, it's possible both of you may be demoted or wiped out," Grant warned. "If you're in the right and something like this happens, the only thing you can do is send the search properties a formal, factual, printed letter, preferably through snail mail and ask them to fix it."

Dig Deeper on Web application and API security best practices

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.