Thursday, January 01, 2009

Protecting Brands Against Web Spam

Hello All...

I have some pretty disturbing news, and as unfortunate as it is to address, it needs to be addressed as quickly as possible. This post concerns companies of all sizes, but it seems that small business websites are specifically targetted. And this particular predicament can directly effect your business brand name through no fault of your own. If you are concerned even the slightest about protecting your brand names, please pay attention to this article as it concerns everyone with a name to protect.

First, I would like to point out that our commercial website, Syd's Eastside Auto Parts, at http://www.sydsautoparts.com/ is a safe site. In fact, it has recently been scanned by McAfee SiteAdvisor and the results are available at http://www.siteadvisor.com/sites/sydsautoparts.com.

The McAfee SiteAdvisor program is a great service because it helps identify and protect against websites that are using malicious software. But it is on this note that I have noticed a disturbing trend recently, and it is essentially spam, but it can also be much more dangerous.

Unfortunately, SiteAdvisor doesn't see everyone's website or page as it is released to the internet. New sites are not usually well enough known so that they can be scanned. And it seems that some malicious hacker is setting up a system where he is spamming reputable brand names and domain names, using mere snippets of text from all sorts of reputable websites in the hopes that someone will search for a known brand name or even a domain name and wind-up at his page.

The spam web pages in question vary between pure spam pages of lists of unrelated yet very recognizeable name brands, as well as the associated domain names, which seem to actually be copied and pasted from tons of original brand name websites. Strangely, it is not just any one brand, but a whole plethora of these brand names from a wide variety of different successful companies. However, some of the spam pages are much worse and are actually redirecting the visitor to malicious software downloads which are disguised as an anti-virus software program or such.

That's right, spam is no longer exclusive to email. Just like email spam, web spam is often illegal, as well. And to top this off, the web spam is often more dangerous than the spam of the email variety. At least email spam has become a little bit manageable since most modern email client software anticipates and tries to detect spam emails. Unfortunately, browsers offer a weak point of attack for most spammers and scanners.

Truly, spam has broken the internet. Just to avoid it requires one kind of investment or another (time or money). But what if I tell you that your brands and domains could easily be attributed to spam? This most likely will happen if we don't take action when it occurs. Fighting spam that is directed against us becomes a necessity. Still, we have to take an active part in order to fend-off spam that could become associated with our brand or domain.

It is unclear why the governments of the world sit on their hands as spam permiates businesses to become a real threat against society. Yet governments have turned their backs on thier people by not making spam a criminal act. Still, even the smartest networking professionals probably require a significant time investment to kill this type of activity and the burden of spam is crushing our communication and business networking capabilities as it grows.

All of the above makes protecting your brands and domain names an important and significant step in conducting business online, or even in maintaining an online presence. So it is important to note how to combat this type of fraudulant activity.

Obviously, when I visit these scam sites, I can easily recognize the pages that are conducting the fraud, as I cannot seem to exit these sites, no matter what. Upon arrival to one of these sites, I am presented with a page faked to look like a "My Computer" window. The dead giveaway for me is that I have lots more devices attached to my computer than are shown. I also get a pop-up. This pop-up window itself is highly unusual since I am usually running at least a couple of pop-up blockers in the first place and it manages to survive them nevertheless. The pop-up message indicates that I have elected to download a file to help me scan my hard drives. Of course, I did not. This is actually quite telling. But, it is also quite dangerous since many of these phishing pop-ups are stealing the window focus. It seems that you cannot quit this window. Usually, I have to press Ctrl+Delete and quit whatever browser application I am using, completely. If you have anything going on in any of your other browser tabs or windows, it's gone when you quit a browser in this fashion. This in particular is actually quite scary since some browsers now offer to allow a person the ability to reload all of the tabs and windows which were active durring the last browser session. If a user were using this option, because of how things work, they might not even be able to get out of such a malicious site without reconfiguring their browser options.

Through Twitter, I contacted Matt Cutts on what my best options are to report these websites. Matt Cutts is the head of Google's Web Spam team that identifies and fights just this type of activity. His reply follows:
"@Domainating, if they're ripping off content from you: google.com/dmca.html . If they are spammers, use this spam report: http://bit.ly/r86F"
Since the text that is copied from our websites, and from all of the other business websites they are copying material from, are not actually large enough sections of text to be considered Copyright infringement, and because reporting of an instance of Copyright infringement and being wrong could actually be extremely expensive, I am reporting these pages as spam through Matt's recomended URL in Google's webmaster tools http://bit.ly/r86F.

Whether the page is merely a mish-mash of brand names, or is actually a phishing page (such as a site trying to get you to run (or download and run) a malicioius software package (disquised as an anti-virus scanning program or such), I am reporting these offending pages as spam in Google. Google obviously has the ability to sort-out these pages.

I am also reporting the phishing sites to McAfee SiteAdvisor.

I have personally been reporting these pages as I come across them for our brand names. It is a terribly involved process and actually requires a significant time investment. This may be the very reason that the criminals involved are targetting the more recognizeable small business brand names as they might not have the resources to detect this brand name spam.

The truth is though, that these spam pages and sites are actually pretty easy to detect. The simplest and most direct route to detecting them is to simply to use a search engine (such as Google) to search for your unique brand name(s) and domain name(s).

However, we don't likely take time out of our busy days to do this on a regular basis. Although not the original reason, by signing-up for Google Alerts, we are effectively monitoring any mention of our unique brand names and domains. Originally, we signed-up for Google Alerts to monitor our web presence through-out the worldwide web. Alerts had originally notified us as our link submissions were approved in the web directories and GoogleBot (Google's Web Crawler) had spidered them. Now-a-days however, this method of watching for our brand names and domains as they are mentioned on the web is assisting us in the fight against spam and phishing sites that are utilizing our names to aqcuire traffic.

In order to get Google Alerts, you will need to sign-up for a Google account if you have not yet done so, already. You will also need a Google account to report the offending pages to Google through its Webmaster Tools program, at the URL (or web address) that Matt Cutts gave us, http://bit.ly/r86F. That URL is actually a shortened URL which redirects us to the actual address of https://www.google.com/webmasters/tools/spamreport?hl=en&pli=1 (Matt used a short URL program, provided by bit.ly so that he could send more info within Twitter's 140 character post limit).






Once you have signed-in to your Google account, you can setup your Google Alerts. Obviously, you should enter your unique brand names and domains so that Google will send you an alert everytime it runs across your brand name somewhere on the web. I also go one step further and break our longer brands into parts because we want to be sure to we know what others are doing with similar brands, as well.

However, when you do get notification that your brand is in use on any given page, and if you do not recognize it as a back link to your site, because the spammers and scammers are now using such sophisticated scripts that may rob you control of the browser, I recommend that you use a different browser.

That is, I recommend that you copy the URL of the page in question, and use an alternate browser to check out any and all alert links. This way, you are protecting yourself if the link's destination page does anything funky or even manages to steal away control of your web browser, you can quit the application (by pressing Ctrl+Delete, if it comes down to that).

For instance, if you are currently using Internet Explorer to view web pages, I would load-up an alternate browser. There are many browsers that are actually much better than IE is today (and better than IE ever will be in the future), such as Mozilla FireFox, Apple Safari, or Google Chrome. In the same respect, if you normally use one of those browsers, choose yet another to test out the alert links.

The good news is that the majority of the websites that you will encounter using your brand names and domains will probably be discussing your services, linking to you as a recommended (local) service, or are directories confirming a link that you have submitted. But you will still have to be diligent about following up on all of these alerts, because you don't want someone associating bad things with your brand.

When you have run into a bad guy page on the web that is trolling for traffic using your brand name, also remember that the page you are viewing could very well be a hacked page that has been put up by a malicious hacker without the knowledge of the webmaster. This is one reason why I choose to report the offending page to Google rather than asking the web host to black ball the whole website. Another reason is that many reputable firms are now blocking their contact information in the whois database. This is done to hide email addresses and other contact info away from spammers and scammers.

If you would prefer to contact the web host, as many pefer to do, you can use a whois tool (such as available through Domain Hostmaster). Even if the domain registration information is protected, you should be able to see who the nameservers are for that domain. Then you will lookup who the nameservers belong to, contact that web host with an email informing them of the situation on their server and identify the offending page. Usually web hosts are very cooperative and will take down a whole website until the webmaster fixes the offending page. However, although the above method works well for phishing and other malicious websites, it will likely not work well for simple web spam, no matter that it doesn't make any sense at all and trespasses everyone's brand names. That's why I address the offending pages by using the Google Webmaster Tools Spam Report.






One of the drawbacks of using Google's Spam Report is that it is requesting some very specific details. When you get your Google Alert and find that a site is simply using your brand as link bait to a doorway page, or for redirection to a malicious software download, you will still have to use Google to do some more research.

The first thing you will do is search for that exact same phrase that Google has alerted you to, using your alternate browser. This will be listed directly with the alert. Copy that search phrase into Google and then start searching for the offending URL in the search results. It most likely will not be at the top, if you have any kind of brand recognition program or if you do any search optimization, so keep looking until you find the link to the nasty page from within Google's search results.

Utilizing your alternate browser, once you find the page listing the offending URL in Google's search results after searching for that very specific brand name indicated by your Google Alert, you need to copy the URL Google is showing you, it is found in your web browser's address bar. Usually, by clicking in the address bar once, the whole address is selected. Once the whole URL is highlighted, hold down the "Ctrl" key (or the "Cmnd" key on a Mac) and press the "C" key to Copy that URL to the clipboard. Then switch to your main browser where you have the Google Spam Report page up and put your cursor in the third field where Google is asking you to copy the Google URL listing the offending page. Hold down the "Ctrl" key (or the "Cmnd" key on a Mac) and press the "V" key to paste the Google search URL into that third field.

Although Google is making you jump through a few hoops on this, I do hope that one day they will allow this practise to be easier and more streamlined by possibly allowing you to add an ID code that came with your Google Alert. But at least they are allowing you all the tools required to enable you to get the job done.

Note that when you arrive at pages to check out your brand name or domain name text and wind-up redirected to other pages instead (where you may be trapped or dircted to download malicious software), then your brand is used as bait and the final page you see is not what Googlebot will see when it visits the page. So you could check "Page does not match Google's description", but the baited page is the original webpage with your brand and is not the page that humans see, so you can also check "Cloaked page".

Remember also to report the fraud and malicious software pages to McAfee SiteAdvisor, as well. This will also require a registration. There are other places similar to McAfee SiteAdvisor that will do the same job, I am sure.

Getting those offending spam and phishing pages blocked and out of the search results is actually the responsibility of all of us. Check your brands in Google. Sign-up for Google Alerts. Report spammers and scammers.

Keep your brands and domains protected!

-Douglas Peters
Webmaster & Online Marketing Director
Syd's Eastside Auto Salvage, Inc.



References:


  • Matt Cutts is a software engineer at Google and is presently in charge of the Web Spam team. His team tries to filter out spam from the search. He also maintains a blog which can be extremely helpful to webmasters and businesses looking to promote their websites, which is available at http://www.mattcutts.com/
    Also of note, Matt Cutts also has a few interviews and videos online that can be of great help, as well. You can search YouTube for Matt Cutts and get a nice selection. I have also grouped most of these together along with some other helpful web design videos at http://webdesign.vodpod.com/

  • McAfee SiteAdvisor is a program offered by McAfee which allows registered users the ability to suggest websites to be checked for malicious software and phishing scams, as well as checking sites for good linking neighborhoods. This facility allows users to report problem websites as they encounter them.

  • Google Alerts are email updates of the latest relevant Google results (web, news, etc.) based on your choice of query or topic. You can set these email updates to notify you of any occurance of a particular keyword, search phrase or textual string throughout the web, in blogs, within groups & videos, etc... By utilizing this service to comprehensively alert you of any occurances of your brand names & domains, you can monitor what is said regarding them, and where they are mentioned. Signing-up for Google Alerts will require that you have (or register) an active account with Google.

  • Twitter is a friendship and/or community centric micro-blogging social network system.

  • Mozilla FireFox currently is the most advanced web browser on the market.

  • Apple Safari is a great web browser which is the default browser on the Macintosh platform, and the Windows version is actually quite popular on PC systems, as well.

  • Google Chrome is an up-and-coming web browser which is currently in Beta, but offers some very advanced features.


Note from the Author, Douglas Peters:

I am the webmaster and online marketing director for Syd's Eastside Auto Salvage, Inc., and its online properties. My personal profile on Twitter is Domainating (as it is also on other social networks), which reflects my efforts as a domain name registrar through my own Domain Hostmaster registration & web services website, as well as my efforts as a domainer, a brand expert and a professional logo designer. It is in fact my experience as an identity architect for small businesses through my expertise as the graphic designer for Symbiotic Design, a well recognized freelance design studio and its other online properties, which makes me uniquely qualified to write on brand names and domain name matters.

No comments: