Internal USGS Access Only

Hijacking, Email Harvesters, and other Mayhem

Hostname Hijacking

If one types a simple hostname, such as "usgs", into a web browser, it will first try to find host "usgs" and if not found then "usgs.com", then "www.usgs.com". This is how, www.usgs.com, has caused the USGS so much trouble. It was originally a porn site, then a bookstore, now a political activism site pleading the case of the Dalai Lama.

Note: Inside the USGS network the hostname www.usgs.com has been re-routed.

Another type of hostname hijacking uses names that are misspellings of popular site names, ex: http://www.nescape.com (no longer used).

(October 12, 1999) House Subcommittee Approves Anti-Cybersquatting Bill (HR 3028) which targets addresses which imitate a trademark or well-known business name, and carries a fine of up to $100,000. This law prohibits both preemptive registration of names and use of "look alike" names of Trademarks. These activities are also prohibited by the World Intellectual Property Organization, though enforcement problems have been reported.

Content Hijacking

Image Hijacking

This is a mild form of thievery in which other sites link to graphics on your site for use on their site. It saves on network bandwidth and disk space on their site.

Cloned Sites

Entire sections of your web site can be copied to another site, where search engine crawlers find and index them. Links off the duplicate pages then point to advertising.

Inserting Remote Sites into Local Frames

Frames can be used to link to remote content, making it look as if it is locally served (para-sites). --This is one of the reasons why Visual Identity is so important. To force your web page to the top of anyone else's frames:
<script language="javascript">
    <!--
    if (window != window.top)
        top.location.href = CurrentPage
    //-->
</script>

Frames bug

It is possible for other sites to insert their content into your site if you use frames. Interestingly enough the technical details of how to do this vanished from the web almost immediately after the initial announcement. Browser manufacturers scrambled to put fixes in place. Another bug discovered in Aug 2000 Allows scripts within Frames in IE 5 to have system level access.

Plain old copying

Folks have been rude or ill-informed enough to simply copy web pages to their site, and modify them slightly, making them look like content providers.

Email Harvesting

There exists software that scans web pages for email addresses which are then used by email spammers. It may be worth considering placing email addresses on your web site in a less recognizable form: ex: send email for dboldt to usgs.gov. Another suggestion is to specify addresses as userid@host, @ should render as '@' in most browsers. There is even software to derail such harvesters, called Email poisoners.

Another method of camouflaging e-mail addresses is to use JavaScript, which most WebCrawlers will not execute. Below is a sample JavaScript program which will display the e-mail address dboldt@usgs.gov with a Mailto link:

<script language="JavaScript">
    <!--
    emailname = "dboldt";
    emailserver = "usgs.gov";
    document.write("<a href='mailto:" + emailname + "@" + emailserver +"'>");
    document.write(emailname + "@" + emailserver);
    document.write("</a>");
    //-->
</script> <noscript>     dboldt at usgs.gov </noscript>

SpyWare

These are Trojan programs whose purpose ranges from tracking your Web usage, to redirecting you to specific web sites.

• In one case a USGS web site was accused of hosting a gambling site, because whenever a user tried to go to specific USGS information they ended up at a gambling site instead. SpyWare was causing the redirection.
• In another case a user's Internet connection became almost unusable; The cause was a SpyWare program trying (and retrying) to communicate to a host site that no longer existed.

One program that will remove SpyWare programs is AdAware.

Miscellaneous

This is not an issue for Web developers, but it is something to be aware of as a local Web expert.

On August 8, 2002 a security flaw was discovered in MacroMedia Shockwave and Flash plug-ins for all browsers, which will allow remote hackers to execute programs at will on computer where these plug-ins are installed. Users will need to know to upgrade these plug-ins on their computers or be vulnerable; network firewalls will provide no protection.

slide 53

"Mastering a Web Site" online course Created and maintained by Lorna Schmid and David Boldt. http://water.usgs.gov/usgs/training/webmaster/mischief.html     Last modified: Thu Sep 9 10:18:14 EDT 2004