Subscribe to Entrepreneur for $5

4 Signs Your Site Traffic Is Being Hijacked by a New Type of Malware

Opinions expressed by Entrepreneur contributors are their own.

Your company lives or dies by your business website. Even if you're not in ecommerce, your website is almost always the first layer between you and a lead. It's about your brand, your credibility and your sales.


It's no wonder that companies spend billions every year in server-side protections, making sure that hackers and don't compromise their sites. Everyone from the small, citywide retail chain to giants like and Macy's deal with the same digital threats against their online footprint.

However, a new malware threat is increasingly hitting online businesses and many have no idea it's happening. It's called Client-Side Injected Malware. Server-side protections won't save you because it's not hitting your server in the first place. It's living in the browsers and computers of your online shoppers where you, the company, have no jurisdiction.

CSIM (which includes , fake injected ads and bloatware) is malware that consumers unknowingly download, usually in bundled apps or browser extensions. They might download a video player appand, without realizing it, also download malware that will quietly live on their computer and begin to alter how they view websites online. CSIM is getting increasingly sophisticated and can live for years on someone's computer without being detected.

Related:'Venom' Vulnerability: Serious Computer Bug Shatters Cloud Security

How is that? Take a look at the screenshot below (red outline added).

Click to Enlarge+
Net-a-porter sceenshot

That's a product page for Net-A-Porter, a top-tier ecommerce site, as viewed from a CSIM infected browser. Not only does the injected ad fit neatly within the authentic website, but it's giving smart recommendations that look and feel very native to the Net-A-Porter experience. Your consumer clicks on it, makes their purchase on a competitor's website, and you're none the wiser.

Anywhere from15 percent to 30 percent of a typical website's traffic is being hijacked by CSIM just like this, every day. Until recently, because the problem lives locally on a consumer's device, brands have had no control over the problem. We've developed a that helps companies combat against it.

Here are four tips for spotting the early signs of CSIM stealing your traffic.

1. Third party services on your site don't showing any results.

If you've installed a third party service like the popular Hello Bar subscription toolbar or a special discount code popup, but aren't seeing significant results, there's a good chance CSIM is causing the problem. Your visitors aren't even seeing the bar or popups because they're being obstructed by an overlaid, injected ad.

2. Traffic and conversion numbers don't add up.

Your marketing funnel is healthy and you're spending good money to bring traffic to your site, but for some reason the conversions just aren't following. In bigger companies, the issue may be even further clouded by the fact that the CMO who buys the media isn't properly communicating with the head of ecommerce who is monitoring conversions.

You can tweak the funnel, but checking for CSIM should be your first stop. Otherwise you'll be throwing money into the fire and playing with metrics that may have nothing to do with the real problem.

Related: More Than 100,000 WordPress Websites Reportedly Infected by Russian Malware

3. Customer complaints about competitor ads and suspicious surveys.

This may seem obvious but don't ignore these phone calls and messages. For every one customer whotakes the time to report the issue, there are a hundred more whosimply gave up and took their business elsewhere.

Injust the past six months we've seen a 40 percent increase in new malware that injects a fake survey into the website experience. It's alarmingly effective at getting users off your site.

Click to Enlarge+
Macy's sceenshot

It doesn't take much to lose a customer's interest online. Even if your site merely looks "off,'' they'll simply assume it's a security issue on your end. Now you've lost a customer and brand integrity.

4. Bounce rate rises while conversion rates drop.

High bounce rates can point to a few things, but when coupled with low conversion rates on your checkout page, then Client-Side Malware is very likely the culprit. CSIM can break secure https checkout pages by injecting non-https elements into the page (which is exactly what happened with the Superfish scandal recently.) Even a security certificate can't fully protect you.

If your site metrics go against common sense, Client-Side Injected Malware may be the root cause. The threat is growing, but smart brands and publishers can stop it before it becomes a costly problem.

Related: 5 Ways You Can Be Swindled by Click Fraud

Entrepreneur Editors' Picks