It’s a common issue – you type in a URL only to be directed to a website that has nothing to do with the page you intended to view. Or you have clicked on a Google search result to buy that jumper you’ve had your eye on for a while, and you find that you are either on a website that looks very much like the intended site but offering heavily discounted products, or again, you end up being redirected to a completely different website?
Malicious browser redirects are often caused by browser hijackers, a type of malware that can modify the behaviour of your browser without your permission. However, malware is not the only possible cause of browser redirects. In some cases, users’ computers can be squeaky clean and they’ll still find themselves being magically redirected to questionable websites that are completely unrelated to the page you want to visit. If this happens, there’s a good chance that the legit website has been compromised with a malicious redirect. Unfortunately, this is now a common issue brand owners are continuously having to battle with!
What are malicious redirects and why do hackers create them?
Malicious redirects are bits of code that are injected into the core files of a websites or plugins. They are designed to divert website visitors to a specified, unrelated site that often contains:
- fraudulent copies of your branded products/services
- potentially unwanted programmes or browser extensions, etc.
And why are hackers doing this? Put simply, it is of course for money, but it achieved in the following ways:
- Fraudulent products/services: Redirects take you to a fake branded website where you can buy fraudulent products/services for a fraction of the price.
- Phishing:Redirects can be used to send you to fraudulent websites where you’re encouraged to enter sensitive information such as your username, password and credit card details (for example, bank or payment websites). This information is then sent directly to the criminals, who can use this data to commit identity fraud.
- Malware: Cybercriminals also use malicious redirects to send you to websites where you can download software you may or may not want on your system. These products often come bundled with malware and/or potentially unwanted programmes, which can you leave your system vulnerable to attack in the future.
Unfortunately, removing the code is often easier said than done. In many situations, brand owners and webmasters aren’t even aware that their website has been compromised. And even if they do notice that something is amiss, malicious redirect scripts are often heavily obscured, making it difficult for website owners to not only identify and remove the offending lines of code but also capture, prove and take down any offending websites.
How can this negatively impact brand owners?
Malicious redirect can harm brand owners in many ways, including:
- Breach of Privacy – It could result in data loss and breach of user privacy, in cases where visitors unintentionally download software from that infected website.
- Branding – A visitor to your hacked site could be redirected to websites selling illegal or spam products which can harm your brand and customers will lose trust in your website.
- User frustration – If a user is trying to reach your site and is constantly being redirected to another, it can be incredibly frustrating and cause the user to choose an alternative provider/supplier/product.
- Revenue Loss– This can happen on two levels:
- Traffic is being diverted away from your website, and therefore this can reduce the number of purchases on your platform or the consequential in-store purchases.
- If your website is an E-Commerce site, then it can lead to huge revenue loss as well as theft of sensitive information.
- Reputational loss: If hackers gain access to your users, whether that is their money, data or confidential information from your website, then get ready for some considerable reputational consequences.
- SEO damage– Yep, of course, Google is not going to take any chances with its reputation, and you are definitely going to be penalised by Google. Google may also show “This Site May Be Hacked” warning message alongside your website listing in search results.
- Website suspension: Your website host may suspend your website. You might get a message like “this site has been suspended” OR “Account suspended contact your hosting provider for more information.”
What can you do about it?
As noted, malicious redirects are difficult to avoid and tricky to remove. However, as brand owners, there are still a few things you can do to help protect yourself. These include:
- Updated CMS version: Make sure you’re using the most recent version of your Content Management System (CMS) at all times.
- Plugins: Carefully check what plugins you use and ensure they are from a legitimate source.
- Report the issue: Encourage users to report any malicious redirects they encounter by having an easy-to-use reporting process on your site. This not only informs users that you are aware of the issue but are doing your best to protect the user and are committed to stamping it out.
- Use specialists: Employ a specialist agency to continuously monitor and act on any malicious activity. These agencies use monitoring technology and redirection tracking tools to help track down malicious redirects and shut down fraudulent sites.
Malicious redirects are a headache for website owners and users alike. As a brand owner, it can be incredibly difficult and time consuming to ensure your domains aren’t being hijacked. Not only are the sheer number or redirects hard to stop, but they are changing so quickly and using a combination of redirects (e.g., Server-Side Redirect and Script Redirect), it is often hard to obtain “proof” that a redirect is in fact being used.
By using a specialist agency, they are able to combine industry technology and tools with their own expertise to dig deeper into the details in order to capture and prove that a website is redirecting to malicious content.
If you require help to find out more about malicious redirects and how to stop them, contact us here.
Your e-mail address will be used to send you communication messages and invitations to our events in accordance with our Privacy Notice. You can unsubscribe at any time.
© 2020 BRANDIT. All Rights Reserved. Privacy notice & Terms and Conditions