Get All Access for $5/mo

4 Signs Your Site Traffic Is Being Hijacked by a New Type of Malware Client-side injected malware is an awkward name for an insidious and growing ecommerce threat.

By Chemi Katz Edited by Dan Bova

Opinions expressed by Entrepreneur contributors are their own.

Shutterstock

Your company lives or dies by your business website. Even if you're not in ecommerce, your website is almost always the first layer between you and a lead. It's about your brand, your credibility and your sales.

It's no wonder that companies spend billions every year in server-side protections, making sure that hackers and malware don't compromise their sites. Everyone from the small, citywide retail chain to giants like Amazon and Macy's deal with the same digital threats against their online footprint.

However, a new malware threat is increasingly hitting online businesses and many have no idea it's happening. It's called Client-Side Injected Malware. Server-side protections won't save you because it's not hitting your server in the first place. It's living in the browsers and computers of your online shoppers where you, the company, have no jurisdiction.

CSIM (which includes spyware, fake injected ads and bloatware) is malware that consumers unknowingly download, usually in bundled apps or browser extensions. They might download a video player appand, without realizing it, also download malware that will quietly live on their computer and begin to alter how they view websites online. CSIM is getting increasingly sophisticated and can live for years on someone's computer without being detected.

Related:'Venom' Vulnerability: Serious Computer Bug Shatters Cloud Security

How is that? Take a look at the screenshot below (red outline added).

Click to Enlarge+
Net-a-porter sceenshot

That's a product page for Net-A-Porter, a top-tier ecommerce site, as viewed from a CSIM infected browser. Not only does the injected ad fit neatly within the authentic website, but it's giving smart recommendations that look and feel very native to the Net-A-Porter experience. Your consumer clicks on it, makes their purchase on a competitor's website, and you're none the wiser.

Anywhere from15 percent to 30 percent of a typical website's traffic is being hijacked by CSIM just like this, every day. Until recently, because the problem lives locally on a consumer's device, brands have had no control over the problem. We've developed a technology that helps companies combat against it.

Here are four tips for spotting the early signs of CSIM stealing your traffic.

1. Third party services on your site don't showing any results.

If you've installed a third party service like the popular Hello Bar subscription toolbar or a special discount code popup, but aren't seeing significant results, there's a good chance CSIM is causing the problem. Your visitors aren't even seeing the bar or popups because they're being obstructed by an overlaid, injected ad.

2. Traffic and conversion numbers don't add up.

Your marketing funnel is healthy and you're spending good money to bring traffic to your site, but for some reason the conversions just aren't following. In bigger companies, the issue may be even further clouded by the fact that the CMO who buys the media isn't properly communicating with the head of ecommerce who is monitoring conversions.

You can tweak the funnel, but checking for CSIM should be your first stop. Otherwise you'll be throwing money into the fire and playing with metrics that may have nothing to do with the real problem.

Related: More Than 100,000 WordPress Websites Reportedly Infected by Russian Malware

3. Customer complaints about competitor ads and suspicious surveys.

This may seem obvious but don't ignore these phone calls and messages. For every one customer whotakes the time to report the issue, there are a hundred more whosimply gave up and took their business elsewhere.

Injust the past six months we've seen a 40 percent increase in new malware that injects a fake survey into the website experience. It's alarmingly effective at getting users off your site.

Click to Enlarge+
Macy's sceenshot

It doesn't take much to lose a customer's interest online. Even if your site merely looks "off,'' they'll simply assume it's a security issue on your end. Now you've lost a customer and brand integrity.

4. Bounce rate rises while conversion rates drop.

High bounce rates can point to a few things, but when coupled with low conversion rates on your checkout page, then Client-Side Malware is very likely the culprit. CSIM can break secure https checkout pages by injecting non-https elements into the page (which is exactly what happened with the Lenovo Superfish scandal recently.) Even a security certificate can't fully protect you.

If your site metrics go against common sense, Client-Side Injected Malware may be the root cause. The threat is growing, but smart brands and publishers can stop it before it becomes a costly problem.

Related: 5 Ways You Can Be Swindled by Click Fraud

Chemi Katz

Co-founder and CEO of Namogoo

Namogoo is the Digital Journey Continuity platform — clearing the path to purchase and driving journeys forward. Digital Journey Continuity blocks all competitors' injected ads and delivers the exact personalized promotion each customer needs to continue their journey. By incorporating hundreds of business and behavioral data points, Namogoo autonomously adapts every journey to each individual customer. Over 250 leading global ecommerce brands trust Namogoo to keep their digital journeys moving forward in full force and their business on the path to growth. To learn more, visit www.namogoo.com.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Business News

Looking for a Remote Job? Here Are the Most In-Demand Skills to Have on Your Resume, According to Employers.

Employers are looking for interpersonal skills like teamwork as well as specific coding skills.

Business News

'It's Deceptive:' Lori Greiner and Barbara Corcoran Clash on Employees 'Quiet Vacationing'

Does it matter where you work if you are getting your work done?

Business News

Could Google Be Forced to Sell Chrome? The DOJ Is Reportedly Pushing For It.

A federal judge ruled in August that Google monopolized certain markets, including search.

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

Business Solutions

The Ultimate Hack for Employees Juggling Multiple Projects at Once: This $18 Microsoft Tool

Organize, visualize, and set deadlines for all your projects.