Linkjacking is a practice used to redirect one website’s links to another. Usually, this is accomplished by submitting someone else’s content to an aggregator website, which then drives traffic to the secondary site, rather than that of the original creator.
Some larger websites, such as Digg or Reddit, may linkjack a blog or an interesting article. In these instances, the notable website does provide backlinks and appropriate references to the original content, thereby gifting a large spike in traffic to the originating website.
From a negative standpoint, some linkjackers provide a website with no original content and by driving up traffic to the alternate content, they make money on any click-through ads. When used in this fashion, the linkjacker doesn’t provide backlinks.
What does this mean for an SMB?
While there aren’t many security risks around linkjacking besides the potential for Phishing, it’s still vital to ensure you have all basic security measures in place. Taking the following actions recommended by CyberHoot can save you many headaches down the road with any account containing sensitive information:
- Adopt two-factor authentication to prevent a password breach of your business’s VPN, email services, and any other critical service that is directly Internet accessible
- Adopt a password manager to use personally and professionally to improve password hygiene
- Regularly backup data following the 3-2-1 backup method for backing up all your critical and sensitive data
- Train employees on how to spot and avoid phishing attacks – the primary way cyberattacks occur
- Test employees on their training to validate they can spot and delete threats rather than click and succumb to an attack