Porn sites hack search engines

Angel Munoz wanted to see how a page on his Web site was categorised, so he looked it up on AltaVista.com, the search engine. But when he clicked on the address that would lead him to his video gaming site, avault.com, he discovered pornographic images instead.

Munoz, 39, president and CEO of NewWorld.com, which owns avault.com, believes that someone stole his site's so-called "meta" tag -- an invisible description search engines use to categorise information. "I found out by coincidence," Munoz said. "I was totally shocked."

Terms placed inside meta tags serve as keywords, which are used by some Internet search engines when they index Web sites. Copying the meta tag for a Web site is easy -- the information is readily available within the HTML code on almost any Web page. Munoz suspects the "thief" registered his or her adult site with AltaVista using the meta tag from avault.com.

So when users looked for avault.com and clicked on the search result, they saw pornography rather than video game content. "I don't blame AltaVista. I don't blame anyone -- except the person who created this ultrahack," Munoz said. "AltaVista was a victim just like we were."

What happened with Munoz's site, he said, is more severe than a typical hacking operation. "This is worse than hacking your site because if someone hacked into your site, you'd know," Munoz said. "But if they redirect viewers to adult sites (by way of a search engine), how would you know?" Munoz was worried about his mostly young audience -- most users are between 10 and 20 years old -- being exposed to adult material. He said that avault.com is right now one of the biggest video gaming sites, but is worried it might lose traffic thanks to the prankster.

Munoz's situation sounds strikingly similar to a case uncovered earlier this year in which a university professor found that his Web site was being redirected to porn sites through AltaVista. When Munoz discovered the problem in May, he and his attorney, John Fischer, immediately alerted AltaVista. Although they said that AltaVista was slow to act -- the misdirection persisted for two weeks after the initial complaint -- the search engine eventually corrected the problem.

Fischer, who specialises in intellectual property in Dallas, also contacted the FBI, who told him that hackers often get paid to redirect Web sites by the owner of the second site. They were able to trace the misdirection to a Webmaster in Racine, Wis., and believe the owner of the adult Web sites is offshore.

Racine police officials, now investigating the case, declined comment.

AltaVista staff said meta tag theft is more prevalent than people may realise. "Stealing meta tags is fairly common," said Tracy Roberts, director of marketing for AltaVista Search. "We deal with it on a daily basis."

And it's not unique to AltaVista. Nilo Zaratan, manager of search and spider for Infoseek, said, "It happens from time to time -- maybe once a month." "Spider" is a name for the program that search engines use to visit Web sites and gather information for indexing.

Meta tag misuse is so common that some search engines, such as Excite@Home, don't even use meta tags to index search information. Kris Carpenter, director of search products and services for Excite@Home, said that they don't index meta tags for searches, in part because "they're so frequently misused and abused -- we didn't think we could trust them".

But, while common, inquiries about stolen meta tags make up less than 5 percent of daily messages that AltaVista receives, according to David Emanuel, communication director for AltaVista. Emanuel added that meta tag theft "is prevalent in the search engine community. As the Internet grows, in proportion, these issues will grow with it".

Currently, AltaVista doesn't have an explicit policy about meta-tag theft. "Our recommendation (to Web site owners) is to get in touch with the person who stole the meta tags," Roberts said.

Infoseek's Zaratan said that meta tag discrepancies are fairly easy to deal with -- as soon as Infoseek hears about a meta tag theft, they look at the different Web sites that are involved, determine which is the legitimate site, and delete the other one. The owner of the impostor site is then put on a list and blocked from using the same URL again.

Zaratan said the motivation for stealing meta tags is financial. "If you can trick one or two people to look at your site, you have more page views that you can sell to advertisers. It's all about money."

Excite@Home's Carpenter agreed, saying that people steal meta tags to increase the visibility of their Web sites in searches. This artificially boosts the presence of their content and consequently increases visits to their sites. "Adult content is famous for this technique," Carpenter said.

Avault.com's Munoz said that he doesn't know if anything can be done to prevent meta tag theft. "There's no way to secure your meta tag under current HTML standards," he said. He feels that the best prevention would be to make such theft illegal. "There has to be some acknowledgement of property."

Munoz, who says he's an experienced Internet user, added he hadn't heard of this type of theft before he became a victim. "People need to be aware that this is happening," Munoz said.