The English word hijacking stands for kidnapping. On the Internet, hijacking can refer to the hijacking of a domain, an Internet address, content, an email, a PageRank, or a user. InIP networks, the attacker can also hijack an active IP session.
Domain hijacking involves domains that are registered but have expired or been deleted. These are of particular interest if many inbound links point to the domain and it has a high ranking index or visibility index and a large link popularity. The attacker populates the occupied domain with his own content and links and profits from the existing PageRank.
URL hijacking involves hijacking the Internet address of a website with a high PageRank in order to position a website with a lower PageRank in front of one with a high PageRank in the results pages. To do this, a website with a high PageRank is redirected to a website with a lower PageRank. When the search is entered, it is assumed that the redirecting website will appear before the original website in the search results. The search results then show the content of the original website on the domain of the forwarding website.
The goal of content hijacking is to appropriate someone else's content and data assets. Content hijacking is about foreign content that the attacker is interested in and wants to appropriate. Such a content attack on a domain can, for example, serve to degrade the PageRank of the website from which the content was taken, while at the same time increasing the attacker's own. Content hijacking can be done by duplicated content, but also by content shortcuts. The goal is to improve one's own content offering for the purpose of marketing.
Incustomer hijacking - a term from invasive marketing - the Internet user is abducted to another website. The technique of customer hijacking is based on loading a program onto the Internet user's computer that then calls up a competitor's site when the Internet user is researching certain products. The user is encouraged to visit this website via the competition page that is displayed.
In session hijacking, the attacker slips into the user's role after authorization and authentication and takes over the IP connection. He can control and terminate the session. With the UDP protocol, the procedure is particularly easy because it works connectionless. It is different with the TCP protocol, where the attacker has to guess the sequence number.
Email hijacking is a man-in-the-middle attack where the attacker places himself between the mail server and the web and attacks and infiltrates the mail server. By monitoring the communication link to the mail server, the attacker can grab detailed information from the mail traffic. For example, transaction data that one company mails to another. He can interfere with the communication and transmit his own account numbers.
Pagejacking involves copying the content ofwebsites and embedding it on other websites. These websites appear as if they are the legitimate ones. In pagejacking, visitors are led to the illegal pages via the search engines, which have a higher number of visitors as a result.