Craving for 'clicks' bogs down search

Hackers and mainstream Internet companies are beginning to take extreme measures to grab Web search "clicks"--sowing confusion for consumers and posing new challenges for search providers.

Search experts point to domain name registrar VeriSign's controversial attempt to redirect mistyped domain names to its own search page as one high-profile illustration of the trend. Also, security consultants last week discovered a Trojan horse called QHosts that changed browser domain name system (DNS) settings to redirect visitors to Web sites, including Google.com, to an alternate search site laced with ads.

Google co-founder and president of technology Sergey Brin said his company was deluged last week with complaints from Web surfers who said they could not reach the site. He added that search companies and consumers can expect search hijacking attempts to increase, given the value of search traffic.

"A growing number of people will do anything to get (search ad) clicks," Brin said Monday at a panel discussion at Stanford University that among other things addressed Web search hijacks.

Attempts to siphon off search traffic highlight the success of new search advertising strategies, which are generating billions of dollars in revenue for companies such as Google, Yahoo and Microsoft. That money has drawn in both mainstream Internet companies as well as hackers hoping to take a slice of the profits.

VeriSign has denied that it did anything wrong in launching its Site Finder service, saying consumers who sought to visit nonexistent Web addresses benefited from the assistance provided by its search page. But the company pulled the site Friday under pressure from Internet administrators and after vociferous complaints that the service interfered with the normal functioning of the Net.

Search experts said VeriSign's temporary experiment signals more fights to come over Web search territory, particularly in the wake of the QHosts attack. Microsoft released a patch for the vulnerability on Monday. But search engine and security consultants said other search attacks are sure to follow.

The situation is already causing confusion among ordinary Web surfers, who may find themselves redirected to unfamiliar sites or discover that their browser preferences have been switched without their knowledge.

Gardner Cole, president of ViaStar Records and a regular Internet user, said that his machine was recently taken over by software that changed his Web mail program and search settings. "The default search engine became something called 'MySearch,' overriding Google," he said.

Hackers aren't the only ones trying to cash in on search. "Adware" or "spyware" companies also are targeting Web users with search-related ads, sometimes superimposing search pages on top of rival sites. Such programs are typically browser plug-ins that piggyback on popular free downloads, such as iMesh, and may manipulate browser settings or serve pop-up or pop-under ads with search-related links.

Gator, a widely used adware program that people often acquire by downloading third-party software such as DivX or Kazaa, uses pop-under ads to target people when they search for common commercial terms on Google or other search sites. Gator will display its own page with sponsored search results behind those of Google's. Lending credence to its service, Overture Services partnered with Gator to distribute search ads to compete with Google.

Cashing in on clicks
Such attempts to control people's Internet experience have long been about bolstering traffic numbers. Now, it's more about promoting clicks--or collecting fees each time Web surfers click on text ad links.

The industry has become so lucrative that domain name companies and adware companies are preying on it. FindWhat.com, a second-level pay-per-click advertising company, and others partner with domain name registrars to deliver lists of commercial advertiser links to people while they're looking for nonexistent Web pages. Google itself has a partnership with VeriSign to display ad listings when people are looking for a non-registered Web page.

"It illustrates there's all these different actors who are trying to steal searches and typo errors in the browser," security consultant Richard Smith said. "These people think there's enough money on the table that they can make dough off this."

Companies as diverse as VeriSign and online retailer Amazon.com are joining the act, inventing ways to capture Web surfers while they're searching for information to display related ads. Amazon in recent months placed a Web search box on its home page in partnership with Google, and the company is in the process of developing its own search technology. eBay also has begun its own paid search service for auction members.

Access to Web search applications have moved from Web sites to browser toolbars and other applications such as instant messengers. Yahoo, for example, has used downloads of its latest Instant Messenger software to encourage people to make its search page their default. As part of the "Yahoo Experience," it repeatedly attempts to change consumers' home page to Yahoo. In addition, the company has developed a tool for people to use IM to search the Web. Google and many others offer specialized search toolbars that Web surfers can use as a default tool throughout the Web.

Microsoft itself has used its Web browser monopoly with Internet Explorer to control Web search. The company has redirected Web users to its search page when they mistyped Web addresses into the domain name bar. Unlike VeriSign, however, Microsoft's Internet Explorer allows people to change their default search provider.

"It's a fairly new problem," Google's Brin said. "The Internet community has to figure out what's OK."