Join our Waitlist for Expert Advice!

4 Signs Your Site Traffic Is Being Hijacked by a New Type of Malware Client-side injected malware is an awkward name for an insidious and growing ecommerce threat.

By Chemi Katz Edited by Dan Bova

Opinions expressed by Entrepreneur contributors are their own.

Shutterstock

Your company lives or dies by your business website. Even if you're not in ecommerce, your website is almost always the first layer between you and a lead. It's about your brand, your credibility and your sales.

It's no wonder that companies spend billions every year in server-side protections, making sure that hackers and malware don't compromise their sites. Everyone from the small, citywide retail chain to giants like Amazon and Macy's deal with the same digital threats against their online footprint.

However, a new malware threat is increasingly hitting online businesses and many have no idea it's happening. It's called Client-Side Injected Malware. Server-side protections won't save you because it's not hitting your server in the first place. It's living in the browsers and computers of your online shoppers where you, the company, have no jurisdiction.

CSIM (which includes spyware, fake injected ads and bloatware) is malware that consumers unknowingly download, usually in bundled apps or browser extensions. They might download a video player appand, without realizing it, also download malware that will quietly live on their computer and begin to alter how they view websites online. CSIM is getting increasingly sophisticated and can live for years on someone's computer without being detected.

Related:'Venom' Vulnerability: Serious Computer Bug Shatters Cloud Security

How is that? Take a look at the screenshot below (red outline added).

Click to Enlarge+
Net-a-porter sceenshot

That's a product page for Net-A-Porter, a top-tier ecommerce site, as viewed from a CSIM infected browser. Not only does the injected ad fit neatly within the authentic website, but it's giving smart recommendations that look and feel very native to the Net-A-Porter experience. Your consumer clicks on it, makes their purchase on a competitor's website, and you're none the wiser.

Anywhere from15 percent to 30 percent of a typical website's traffic is being hijacked by CSIM just like this, every day. Until recently, because the problem lives locally on a consumer's device, brands have had no control over the problem. We've developed a technology that helps companies combat against it.

Here are four tips for spotting the early signs of CSIM stealing your traffic.

1. Third party services on your site don't showing any results.

If you've installed a third party service like the popular Hello Bar subscription toolbar or a special discount code popup, but aren't seeing significant results, there's a good chance CSIM is causing the problem. Your visitors aren't even seeing the bar or popups because they're being obstructed by an overlaid, injected ad.

2. Traffic and conversion numbers don't add up.

Your marketing funnel is healthy and you're spending good money to bring traffic to your site, but for some reason the conversions just aren't following. In bigger companies, the issue may be even further clouded by the fact that the CMO who buys the media isn't properly communicating with the head of ecommerce who is monitoring conversions.

You can tweak the funnel, but checking for CSIM should be your first stop. Otherwise you'll be throwing money into the fire and playing with metrics that may have nothing to do with the real problem.

Related: More Than 100,000 WordPress Websites Reportedly Infected by Russian Malware

3. Customer complaints about competitor ads and suspicious surveys.

This may seem obvious but don't ignore these phone calls and messages. For every one customer whotakes the time to report the issue, there are a hundred more whosimply gave up and took their business elsewhere.

Injust the past six months we've seen a 40 percent increase in new malware that injects a fake survey into the website experience. It's alarmingly effective at getting users off your site.

Click to Enlarge+
Macy's sceenshot

It doesn't take much to lose a customer's interest online. Even if your site merely looks "off,'' they'll simply assume it's a security issue on your end. Now you've lost a customer and brand integrity.

4. Bounce rate rises while conversion rates drop.

High bounce rates can point to a few things, but when coupled with low conversion rates on your checkout page, then Client-Side Malware is very likely the culprit. CSIM can break secure https checkout pages by injecting non-https elements into the page (which is exactly what happened with the Lenovo Superfish scandal recently.) Even a security certificate can't fully protect you.

If your site metrics go against common sense, Client-Side Injected Malware may be the root cause. The threat is growing, but smart brands and publishers can stop it before it becomes a costly problem.

Related: 5 Ways You Can Be Swindled by Click Fraud

Chemi Katz

Co-founder and CEO of Namogoo

Namogoo is the Digital Journey Continuity platform — clearing the path to purchase and driving journeys forward. Digital Journey Continuity blocks all competitors' injected ads and delivers the exact personalized promotion each customer needs to continue their journey. By incorporating hundreds of business and behavioral data points, Namogoo autonomously adapts every journey to each individual customer. Over 250 leading global ecommerce brands trust Namogoo to keep their digital journeys moving forward in full force and their business on the path to growth. To learn more, visit www.namogoo.com.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Franchise

The Customer Is Always Worth Listening to, But Proving You're Right Can Backfire

When approaching a customer who may be mistaken, sensitivity is critical — and the language we choose is vital.

Business Culture

This One Habit is a Productivity Killer — And You Can Get Rid of It in Under 5 Minutes

Notifications are productivity vampires — silence them to reclaim your focus and momentum.

Business News

You Have One Month Left to Buy a House, According to Barbara Corcoran. Here's Why.

"If you are planning on waiting a year and seeing where interest rates go, you are out of your mind," Corcoran said.

Starting a Business

NBA Star Jaylen Brown Turned Down $50 Million Worth of Deals to Start His New Business — And He Got the Idea From Kobe Bryant

The NBA Finals MVP sat down to talk business with Kickstarter CEO Everette Taylor for a new series called 'The Playbook,' by Entrepreneur and Sports Illustrated.