Pay per click hijacking

Interesting article at on pay per click hijacking, which is really an extension on old DNS poisoning attacks. Essentially the DNS poisoning attack works like this…

Every domain name on the internet is really just an easy way to access the machine address or IP address. So right now resolves to for me and they have a round-robin record of sorts I think, so that I could check a few times and get a few different addresses, all under the control of and all legitimate. This lookup that happens though happens on Nameservers that are supposed to keep an accurate index of where these domains point. The catch comes when someone is able to poison the information in these nameservers. Let’s say someone is able to poison the server for to point to which is really under control of The page is made to resemble google and instead of google search results the search results are afilliate ads.

Under this scenario, gets a lot of traffic, gets lot’s of clicks (ad revenue from their affiliate ads.) In time things get righted and it’s hard to trackdown slimeyfraudsters. What can you do to protect against DNS hijacking. Not a lot really, this is something that ISP’s need to be concerned about. Obviously from time to time sites will do a redesign, but if something looks terribly amiss with a particular site. (CNN replaced with ads for who knows what), you might want to contact your ISP if things are terribly amiss. Unfortunately, they may suspect you have spyware and send you on a quest of cleaning up your own machine before you point the finger at them. Normally this kind of poisoning gets sorted out relatively quickly. It’s something worth being aware of though.
CNet news is reporting on this story as well.

Related Posts

Blog Traffic Exchange Related Posts
  • Another IE security flaw this one could lead to data theft I saw this earlier this afternoon at there seems to be a flaw in the way Internet Explorer deals with css that could put your data at risk. According to this article it is a risk combined with Google Desktop. This can be "fixed" by disabling scripting or using......
  • Network security - what does arp spoofing mean for wireless? So, if you haven't already had enough cause to tighten your wireless security.... we've been talking about arp poisoning (spoofing) and the basic conclusion is that IF an attacking machine is on the same subnet as your machine (same IP address range), they can "own" all traffic from you machine......
  • Adwords Referrals from Google I noticed something yesterday when I had logged into the adsense page at Google. They've now added "adwords" referrals. For those that don't know - Adwords is the name for the program where you can advertise your site on google, or through their advertising network (such as this site for......
Blog Traffic Exchange Related Websites
  • How To: Find People Online The Social Media Way The following is a guest post by Ann Smarty. She is an SEO consultant blogging on search engine optimization, search engine news and social media. She is also interested in all kinds of (free) Internet tools and apps and loves to discover new unique ideas. With the wealth of social......
  • New Google Ads on YouTube, Maps, and Even Games Google recently announced that additional contextual advertisements will be displayed on YouTube. Google will be providing links to relevant iTunes and products that are related to the videos. For instance, if you hear a catchy soundtrack on the video, you might see a link to purchase it on iTunes.......
  • How To Make An Easy $25 & Other Blog Monetizing Tips AuctionAds is running a promotion. Just sign up to display Auction ads on your site and you'll get $25. Not only that, if you refer anyone, you get 5% of their income for the first 6 months too.It takes less than 5 minutes to sign up and you can modify......    Send article as PDF   

Similar Posts

See what happened this day in history from either BBC Wikipedia
Amazon Logo

Comments are closed.

Switch to our mobile site