Pay per click hijacking

Interesting article at on pay per click hijacking, which is really an extension on old DNS poisoning attacks. Essentially the DNS poisoning attack works like this…

Every domain name on the internet is really just an easy way to access the machine address or IP address. So right now resolves to for me and they have a round-robin record of sorts I think, so that I could check a few times and get a few different addresses, all under the control of and all legitimate. This lookup that happens though happens on Nameservers that are supposed to keep an accurate index of where these domains point. The catch comes when someone is able to poison the information in these nameservers. Let’s say someone is able to poison the server for to point to which is really under control of The page is made to resemble google and instead of google search results the search results are afilliate ads.

Under this scenario, gets a lot of traffic, gets lot’s of clicks (ad revenue from their affiliate ads.) In time things get righted and it’s hard to trackdown slimeyfraudsters. What can you do to protect against DNS hijacking. Not a lot really, this is something that ISP’s need to be concerned about. Obviously from time to time sites will do a redesign, but if something looks terribly amiss with a particular site. (CNN replaced with ads for who knows what), you might want to contact your ISP if things are terribly amiss. Unfortunately, they may suspect you have spyware and send you on a quest of cleaning up your own machine before you point the finger at them. Normally this kind of poisoning gets sorted out relatively quickly. It’s something worth being aware of though.
CNet news is reporting on this story as well.

Related Posts

Blog Traffic Exchange Related Posts
  • The Google Problem, or why I'm starting to use MSN and Yahoo more. This weekend has been a bit of an introspective for me on why google is still the primary search engine I use. I know, I've been a big "fan(?)" of google for quite some time, I've obviously incorporated many of their products into my pages and used Google for 99%......
  • The biggest computer security vulnerability ever I talk quite a bit about computer viruses and computer security on this site. It's probably one of the bigger problems that I grapple with for my customers. Today I'm going to talk about the biggest computer security vulnerability there is. In fact, this is a general security vulnerability. It......
  • Network security - what does arp spoofing mean for wireless? So, if you haven't already had enough cause to tighten your wireless security.... we've been talking about arp poisoning (spoofing) and the basic conclusion is that IF an attacking machine is on the same subnet as your machine (same IP address range), they can "own" all traffic from you machine......
Blog Traffic Exchange Related Websites
  • Ad Revenue From Corporate Blogs Many companies don’t consider the fact that they could actually make money from their blogs. The popularity of online advertising has made it easy to include ads from all over the world, and Google Ads in particular make it very easy to target your readers with advertisements that they will......
  • Content Network Vs. Google AdWords Search Network There are two choices in benefitting from the use of Google AdWords. You are able to choose to post your ads on Google’s search results pages or the search network, or you are able to opt to have your ads posted on sites associated to your company or the content......
  • How To: Find People Online The Social Media Way The following is a guest post by Ann Smarty. She is an SEO consultant blogging on search engine optimization, search engine news and social media. She is also interested in all kinds of (free) Internet tools and apps and loves to discover new unique ideas. With the wealth of social......    Send article as PDF   

Similar Posts

See what happened this day in history from either BBC Wikipedia
Amazon Logo

Comments are closed.

Switch to our mobile site