Fraud itself is not a crime but some crimes such as obtaining money under false pretenses cannot exist without fraud.  The internet has been used as a means to carry out some fraudulent activities of those who choose to use its great powers to the disadvantage of other people while gaining monetary rewards in the process.  Such is the case with page-jacking.

What is Page-Jacking?

Page-Jacking is defined as stealing a web page and submitting it to search engines using a different address.  All users who attempt the legitimate page are routed to the scammer’s website. This type of scam is believed to be perpetuated by porn operators as users are usually routed to pornographic sites.

Scammers use online auction sites for their page-jacking schemes.  They start out by informing users of some “problems” with regards to an eBay account or transaction and directing them to go to a certain page to fix the problem.  The page which often looks like the official site would require personal information such as online passwords, credit card numbers and the like.

All the revealed information will be sent to the scammer who will use it against the very person who provided the information.  Victims to this scam would only realize what actually happened after seeing questionable charges in card statements or having unauthorized withdrawals from personal accounts.  The victim ends up losing a big amount of money and is left with many false transactions to cancel or rectify.

Scammers can also choose to copy a web page in its entirety and upload the page at a new address.  They will then add a script that automatically and instantly redirects traffic to the fraudulent web page.  Websites that have been page-jacked are very much diverse and does not point to any specific preferred topic.

This type of scam has been known to be used in combination with the Mouse-Trapping Web Scam.  The combined action of these two scams tricks web users into their websites and then prevents them from leaving by disabling their browser’s back and close buttons.  The scripts direct the user’s browser to load a second page upon mouse clicking.  The scripts contained in the second page then direct the browser to load a third page and so on.  The sequence continues thus effectively trapping the user.

Using Search Engines

Page-jacking relies heavily on search engines for indexing the scammer’s page-jacked web pages and the user’s use of search engines to choose the pages to visit.  Search engines work by indexing words from web pages and the users in turn are searching this index for words.  Specific information about individual sites is collected by search engines through its systematic programs.  A list of pages is returned to the user usually with titles and description.

An entire body of data is stolen for the search engine to index when scammers manage to page-jack a web page.  By doing so, scammers get to have their URLs listed in the data bases under a false description.  A search engine that may have indexed the page-jacked page may unknowingly be sending it included in the list of responsive web pages.  The title and the description that will be seen will be that of the original web page but the URL in the hyperlink will be directed towards the page-jacked page.  There is no actual need to steal other people’s web page but it is certainly a lot easier to copy wholesale than to write fake web pages.  Copied websites need not even be remotely connected to the contents of the scammer’s website.

There are two categories of users that are not affected by this scam due to the scam’s dependence on the user’s browser’s ability to interpret the Java Scripts.  These are the people who use early versions of browser which are not Java Script capable and those whose browser have been set to disable Java Scripts. Other than these, web browsers and other users of software offer no protection against this type of scam.

Protecting Yourself

The dangers existing in the internet are not always very obvious.  They seem to hide in the most innocent and simplest acts.  There are ways to gain protection from being victimized by scams.

First and foremost to remember is to be very careful in revealing personal information.  The most widely used tactic by scams is pretending to be a financial institution that sends an email with a sense of urgency for the required action.  Most of the scams employ very realistic means thus it is best to ignore email messages that are not expected.  Clicking on links that come with it should be avoided.  Users should also be wary of opening attachment files that come through emails.  The best thing to do is to confirm with the person or company who supposedly sent you the email if they indeed sent one to you.

Make sure that the site in which you believe you are shopping is the real or the legitimate site.  Payment pages for websites should be secure so that any data you send over the internet remain safe as it is encrypted or scrambled in a code.  Unsecured pages leave your data in plain text and can be read or stolen by electronic eavesdropper.  You can check the security level indicator on your web browser to determine the site’s safety.

Do not fall victim to social engineering or the manipulation of people to reveal confidential information.  This usually occurs in chat rooms and instant messenger programs due to the level of immediacy and intimacy involved.  Instant messenger programs are associated with dreaded attachments encouraging you to load at suggested links.

Spyware software may get downloaded to the user’s machine with or without consent.  It usually gets installed on an unsuspecting user’s machine while browsing on unfamiliar sites or clicking on interesting links.  Its main purpose is to report on the various aspects of the user’s computer use.  The appearance of a pop-up ad shown on your computer at about the same time you are browsing on a similar though unrelated website or being sent to an alternative search engine are clues that spyware is present in a user’s machine. Lastly, do not believe everything you see in the internet.  Doing so is by far the biggest threat to your personal security.