US authorities to put pinch on site hijackers

American authorities to crack down on 'snake in the grass scam'.

The US' Federal Trade Commission (FTC) is set to announce a sweeping crackdown on the hijacking of legitimate Web pages to redirect Web surfers to porn sites. The crackdown is set to be announced next week. The practice affects "millions of legitimate Web pages and innocent Web surfers, including children", the FTC says.

ZDNet partner MSNBC in May first reported on a cyber-twist on the old "bait-and switch" scam that threatens trademarks and ensnares unwitting Web surfers by trapping them in a loop that hurls a series of pornographic Web sites at them with every click of the mouse.

That story prompted an investigation by the FTC, according to David Landrigan, a professor at the University of Massachusetts, Lowell, who brought the scam to MSNBC's attention. Landrigan, who found several hundred hijacked Web pages warehoused on the Alta Vista search engine and dubbed the practice the "snake in the grass scam", said he was contacted by the FTC asking for information.

The FTC declined to comment beyond a brief press release announcing it would reveal a "new Internet scam" that has become the agency's 100th Internet case. The agency also said it will unveil a new high-tech Internet lab next week. The exact nature of the crackdown, how many people are targeted and what enforcement actions the FTC is taking isn't known. The agency will, however, be bringing in "victims" affected by the scam to speak at its news conference. That event, which had been scheduled for Thursday, has been delayed until next week because of Hurricane Floyd.

The FTC has been particularly aggressive in attacking scams that have migrated from the "real world" to cyberspace. During a recent congressional hearing set to examine how federal agencies were dealing with the proliferation of Web sites illegally dispensing prescription drugs, the Food and Drug Administration was upbraided by House members for its lack of investigation and enforcement efforts The FTC, which also testified at the hearing, escaped unscathed.

The FTC has broad authority to go after unfair or deceptive practices in or affecting commerce. Such hijacking scams divert potential customers from legitimate sites, possibly affecting the revenue potential of those sites.

Speaking generally and without commenting on any specific case, Paul Luehr, assistant director of marketing practices for the FTC, previously told MSNBC that for some time the FTC has had "concerns about how some operators may be using a variety of technical tricks to divert consumers from their intended search results. There's a number of different ways that some companies appear to be manipulating search engines, and we're concerned about a variety of those techniques."

Professor Landrigan found that hijackers were equal opportunity offenders, stealing traffic from news organisations, community groups, government sites and even sites directed at Internet-based games for children.

Here's how the scam works. A Web page that contains common words, such as "news" or "maps" or "kids' games" is targeted by the scamster and then duplicated. The counterfeit pages are then hosted on a computer run by the scam artist. When a search engine "spider" -- software that automatically roams the Net cataloguing the keywords of millions of Web pages -- runs across the purloined page, it has no idea the page has been hijacked and robotically inputs the bogus URL into its database along with the keywords.

When someone enters a keyword, such as "kids' games" into the search engine, among the results are the legitimate Web page as well as the duplicate, which now lives on a rogue server. The original and stolen highlighted links offered up by the search engine look identical save for the underlying URL, which is easily overlooked by a Web surfer trying to sort through a morass of information.

The trick comes in how the scamster has modified the stolen page. Using a one-line piece of Java scripting that has been inserted into the stolen page, the scam artist can automatically redirect a user to any number of sites without the user's ever seeing the real page.

The exact extent of such re-direction scams isn't known. However, MSNBC has received dozens of messages from readers who have been snagged in such schemes. Several of those have informed MSNBC that they filed formal complaints with the FTC's consumer protection office.

Typically, the FTC evaluates such citizen complaints and begins an investigation if warranted. Once that investigation begins, the agency looks for trends in an attempt to ferret out just how extensive the new scam might be. It's likely that this FTC cyberspace investigation has identified several variations on the snake in the grass scam and will be announcing steps it's taking to first alert consumers to the practice and second, what its doing to crack down on the scam artists.

Take me to the Hackers news special