Was Your Website Copied? How To Prevent Website Cloning
Summary: This 3-minute article explores how hackers can clone or “pagejack” your website. Then, learn how you can prevent website cloning. If you have further questions, contact GEEKAID Computer and Network Support at https://www.geek-aid.com/. They offer a wide array of home and business IT solutions for your computer systems.
On the dark side of the IT world, cybercriminals work day and night to find new ways to steal data. Hackers will target anything that they can use to their advantage and compromising the integrity and security of websites is on their short “hit list.” The most common method of attacking websites is called cloning, also known as pagejacking.
What is Pagejacking (Cloning)?
Pagejacking is the duplication of an existing website to create a new identical website, often for nefarious purposes. Every website has three components: design, content and programming code. When all three of a website’s components are copied, the resulting page will look identical to the original one.
Website cloning is not necessarily illegal. The legality rests on the purpose for which a website is copied. For example, it is perfectly legal for the owner of a website to replicate the site as a backup. Also, a software developer might copy a website as a template for building another site. Sometimes, a legitimate competitor of the target website’s brand will copy certain parts of a site to dilute the impact of the website owner’s brand.
However, cyberthieves can use cloned websites to reroute web traffic from the legitimate website. Once rerouted, the unsuspecting users can fall victim to cyberattacks such as phishing and other malicious threats. In addition, hackers often use an attack known as mousetrapping to stop website visitors from leaving their bogus sites.
What Is Mousetrapping?
Wikipedia (https://en.wikipedia.org/wiki/Mousetrapping) defines mousetrapping as “a technique used by some websites (often tech support scam sites) to keep visitors from leaving their website, either by launching an endless series of pop-up ads, redirects or by re-launching their website in a window that cannot be easily closed; sometimes this window runs like a stand-alone application, and the taskbar and the browser's menu become inaccessible. Many such websites also employ browser hijackers to reset the user's default homepage.”
Hackers perform malicious website cloning as a first step in stealing traffic from the original site to perform additional attacks on the hijacked users. One of the worst versions of these website attacks created by cyberthieves automatically copies a website and continues to update the clone as changes are made to the legitimate site.
Once users visit the fake website, hackers find ways to trick them into divulging private information, buying counterfeit products and becoming infected with various forms of malware.
Over time, a cloned website can do severe damage to the owner of the original site. Here are some of the most dangerous potential risks of website cloning that you should consider:
- Competing SEO – Duplicate content will harm the SEO performance of the original legitimate website because exact copies will compete with each other, thereby confusing web searches.
- Damage To Your Brand – When visitors are redirected to the cloned website, they will still believe they are dealing with a trusted source. Therefore, whenever a site visitor is scammed, they will blame the owner of the original website, which damages the legitimate brand.
- Loss of Competitive Edge – Businesses spend significant time and money planning their sales strategies, pricing and marketing image. Any duplication of these elements can unfairly undermine a business’s marketing plan.
The easiest way to confirm that your website has been cloned is by running a copyright protection program such as Copyscape. These programs automatically check the vast online copy universe for plagiarism and other copyright infringements. Routinely running anti-plagiarism software should become part of your IT maintenance and network cyber security.
Once you have confirmed that your website has been cloned, steps should be taken to:
- Stop The Hacker From Accessing Your Website – Blocking the cloning process is a priority. If the clone is updated when your website is updated, you will know it’s a dynamic clone (one that updates automatically). You can test to see if it’s dynamic by making small, insignificant changes to your website. If the clone changes, it’s a dynamic clone. To stop the clone, you must check for IP addresses most frequently visiting your website and then block them. If the clone is static (unchanging), then this approach will not work.
- Remove The Clone – The first step to taking down a website clone is to send a cease-and-desist letter to the clone’s domain provider and website host. Include as much information as possible and include screenshots to support your request. Reputable providers will investigate and, if the website in question is proven to be a clone, will remove it.
- Use Clone Management Software – Software platforms are available that automatically scan for copyright infringements.
- Standardize Best Practices For Clone Prevention –
- Focus On Your Brand – Unique and distinctive branding will make it more difficult for hackers to clone your website.
- Target Your Audience – Make your website and brand immediately recognizable to your visitors.
- Use Google Analytics – Using analytics to monitor all your website’s incoming traffic will help you identify malicious bots and potentially fake domain names.
- Include Internal Links – Most hackers will not comb through your site for internal links contained within your copy. If a visitor is on the fake site and clicks on an internal link, it will take them back to your legitimate website.
Your website functions as your online brand ambassador. For many SMBs, a website clone can bring devastating consequences, even bankruptcy. Being vigilant and having robust protection against website cloning is well worth the investment of time and money.