proxy hacking

Proxy hacking, also known as proxy hijacking, is an attack technique designed to supplant an authentic Web page in a search engine's index and search results pages. An attacker may use proxy hacking to gain an advantage over a competitor or, ultimately, to redirect users requesting the targeted page to a malicious or fraudulent website.

Here's how it works: The attacker creates a copy of the targeted web page on a proxy server and uses methods such as keyword stuffing and linking to the copied page from external sites to artificially raise its search engine ranking. The authentic page will rank lower and may be seen as duplicated content, in which case a search engine may remove it from its index.

Bill Atchison and Dan Thies gave a presentation on proxy hacking at the 2006 SES conference in San Jose. Thies had noticed the vulnerability in Google's algorithm the previous year and alerted the company. Although Google has attempted to deal with the problem, proxy hacking attacks have reportedly continued to affect the company's search results as recently as February 2010.

If you suspect that your website is the victim of a proxy hack, search for a phrase that should be unique, or almost unique, to your content. Your page should be prominent in search results. If, however, a duplicate of your content shows up, it may be a proxy page.

Proxy page URLs typically look different. Dan Thies provides this example of how a proxy link might appear:

In the middle of the link, http/www appears, which is only at the start of normal URLs.

To prevent proxy hacking, you should limit connections from open proxy servers to your website. Open proxy servers, which are accessible to anyone online, are often used for illegal purposes.

This was last updated in October 2010

Dig Deeper on Cybersecurity risk assessment and management