AIMultiple ResearchAIMultiple Research
AI
AGI TimingAI BiasAI Chip MakersAI EthicsAI ImprovementAI TrainingAI UsecasesAI in FashionDatasets for MLDynamic Pricing AlgorithmFew Shot LearningHealthcare AI Use CasesLogistics AIManufacturing AIModel RetrainingNLP Use CasesRecommendation SystemSupply Chain AI
Automation
Banking RPAEcommerce TechnologyNo Code RPAOCR AccuracyOpen Source RPAPython RPAPython RPA LibraryRPA FinanceRPA Generative AIRPA In ProcurementRPA MacRPA PricingRPA SAPRPA Vs RDARPA Web ScrapingRobotic Process Automation RPA Vendors ComparisonRobotic Process Automation Use CasesTop Robotic Process Automation RPA BenefitsUiPath PricingUnsuitable Processes For RPA
CRM
CRM AICRM AutomationCRM Best PracticesCRM For ManufacturingCRM In Financial ServicesCRM In RetailCRM PricingCRM SoftwareCRM TrendsCall Center CRMFinancial CRM SoftwareGenerative CRMHealthcare CRMHealthcare CRM SoftwareInsurance CRMInsurance CRM SoftwareNo Code CRMPharma CRMPharma CRM SoftwareRetail CRM Software
Cloud
Cloud Deep LearningCloud GPUCloud GPU Providers
Customer Success Software
Cloud Contact Center SolutionsContact Center AIContact Center Software FeaturesSocial Customer ServiceSocial Customer Service Software
Cybersecurity
DASTDAST ToolsInsider Threat ManagementInsider Threat Management SoftwareMicrosegmentationMicrosegmentation ToolsPenetration Testing Use CasesSoftware Testing Best PracticesVulnerability Management Automation
Data
Amazon Mechanical Turk AlternativesAppen AlternativesData AnnotationData AugmentationData Augmentation TechniquesSentiment Analysis Dataset
Generative AI
ChatGPT Code InterpreterChatGPT EducationChatGPT For BusinessChatGPT Use CasesChatGPT in MarketingChatbot Vs ChatGPTEnterprise Generative AIGenAI ApplicationsGenerative AI CodingGenerative AI FashionGenerative AI FinanceGenerative AI in EducationGenerative AI in InsuranceGenerative AI in ManufacturingGenerative AI in MarketingGenerative AI in RetailLLM EvaluationLLM Fine TuningLarge Language Model TrainingLarge Language ModelsLarge Language Models in HealthcareRetrieval Augmented GenerationRisks Of Generative AIVector Database LLM
Process Intelligence
Digital Twin ApplicationsMachine Learning Process MiningOpen Source Process MiningProcess Analysis ToolsProcess Improvement Case StudiesProcess Improvement TechniquesProcess KPIsProcess MiningProcess Mining AlgorithmsProcess Mining ToolProcess Mining Use CasesProcess RiskProcess TechnologyProcess Visualization
Proxies & Scrapers
AI Web ScrapingAntidetect BrowsersChatGPT Web ScrapingEmail ScrapersFacebook ScrapingHow to Bypass CaptchaInstagram ProxiesInstagram ScrapingLinkedIn ScrapersPlaywright Vs PuppeteerPlaywright Vs SeleniumProxy ScrapingPython Web Scraping LibrariesResidential Proxy ProvidersSocial Media ScrapingSocks5 ProxiesTikTok ScrapingTwitter ProxiesTwitter ScrapingTwitter Web ScrapingWeb CrawlerWeb Scraping Ethics
Surveys
B2B Satisfaction SurveyCustomer Survey SoftwareGoogle Survey AlternativesHealthcare Market ResearchPollfish AlternativesProduct Market ResearchRetail Market ResearchSurvey Analysis ToolsZoho Survey
Sustainability
Carbon Footprint CalculationDigital Transformation And SustainabilityGPT SustainabilitySupply Chain SustainabilitySupply Chain Sustainability TechnologySustainability AISustainability Case Studies
Workload Automation
Alternative To Task SchedulerHybrid Cloud Job SchedulerMeter To Cash SolutionsOpen Source Job SchedulerSAP BTP AutomationSAP Scheduler Alternative

How to protect your business from website cloning / mirroring in 2024

Cem Dilmegani
Marketing
Updated on Feb 14
3 min read
Table of contents
We learnt about cloning by getting clonedWhy do attackers clone websites?How does cloning work?What can you do against it?

Your business may be a mundane B2B business like ours and you may think that you do not have to protect your website from attacks like cloning. You would be wrong. Eventually, your site may get cloned, it happened to us. This could be done by

  • attackers trying to steal your traffic
  • your competitors
  • 3rd parties who may not like the contents of your website

We explain our experience, how cloning works and how to protect yourself once it happens:

We learnt about cloning by getting cloned

Someone bought a misleading domain name that looks similar to ours and mirrored our entire website.

Now the mirror website is down but you can see a screenshot below.

THE CLONE was copying our website immediately. We added “2” to the category name on the right which was immediately reflected
IT was not a perfect clone, as you can see the share images were not replicated

The domain was bought about a month after we published an article about a crypto project. It could be due to that article or another reason:

This was unethical and incompetent. All we needed to do was:

  • Look up the new website’s IP
  • Block it via Cloudflare

Why do attackers clone websites?

The aim is to steal traffic. Search engines could be sending your traffic to the clones which the clone operators can use to monetize via ad networks like Google Ads or they could make changes to the clone to confuse your readers by putting words in your mouth.

How does cloning work?

Attackers can use a variety of tools (e.g. HTTrack) to create a copy of your website. This copy may be dynamically updated, which was the case in our attack.

What can you do against it?

As usual, we will suggest defense in depth to ensure that cloners put in as much effort as possible with limited benefits. As a preventative measure, you should improve your capability to identify clones and make it easy for your users to identify your website:

  • Link extensively between your own articles. The cloner may not change these links which would mean that even visitors that arrive at the clone, can click a link to arrive at your website. This helps you
    • become aware of the clone via your website analytics solution since you will be seeing traffic from the clone. They will probably buy a domain name that is similar to yours which will make it easy to notice
    • win back your readers quickly after they arrive on the clone
  • Link between your different domains. It is trivial to read your links and replace the internal ones with URLs in the clone. However, if you own a website on a different domain, the links to that domain will probably not be replaced by the cloner and will warn you about the clone.
  • Invest in your branding. The more memorable your logo, font choices and visual layout of your website, the better your readers will remember it. Therefore they may be less likely to be confused by cloners when they arrive at a domain that is different than yours that includes your material.

These help you identify as soon as you get cloned. Here is how to deal with a clone when you discover one:

  1. Try to block it from crawling your website. These are worth trying but will not stop sophisticated cloners so do not spend too much time with these steps:
    • Make a trivial change on your website and check the clone to see how frequently they refresh their clone. If it is a static clone, move to the second step as there is not much you can do to take it down via technical measures. If it is a dynamic clone
      • Discover the IP of the clone website, there are numerous free online tools for that
      • Block its IP if it is regularly crawling your website. However, if the crawler is based in another server, this may not work. Then, it may be worth looking at IPs that regularly crawl your website and block them. Of course, you do not want to block legitimate users or search engine bots so thread with caution in blocking.
  2. Contact every provider the clone website relies on including its domain provider, host or CDN. Send them a take down request and clearly explain the attack. Sharing your copyright and trademarks along with the take down request will expedite the process.

Hope that was useful! We normally write about AI, feel free to explore AI use cases in business.

Access Cem's 2 decades of B2B tech experience as a tech consultant, enterprise leader, startup entrepreneur & industry analyst. Leverage insights informing top Fortune 500 every month.
Cem Dilmegani
Principal Analyst
 Follow on

Cem Dilmegani
Principal Analyst

Cem has been the principal analyst at AIMultiple since 2017. AIMultiple informs hundreds of thousands of businesses (as per similarWeb) including 60% of Fortune 500 every month.

Cem's work has been cited by leading global publications including Business Insider, Forbes, Washington Post, global firms like Deloitte, HPE, NGOs like World Economic Forum and supranational organizations like European Commission. You can see more reputable companies and media that referenced AIMultiple.

Throughout his career, Cem served as a tech consultant, tech buyer and tech entrepreneur. He advised businesses on their enterprise software, automation, cloud, AI / ML and other technology related decisions at McKinsey & Company and Altman Solon for more than a decade. He also published a McKinsey report on digitalization.

He led technology strategy and procurement of a telco while reporting to the CEO. He has also led commercial growth of deep tech company Hypatos that reached a 7 digit annual recurring revenue and a 9 digit valuation from 0 within 2 years. Cem's work in Hypatos was covered by leading technology publications like TechCrunch and Business Insider.

Cem regularly speaks at international technology conferences. He graduated from Bogazici University as a computer engineer and holds an MBA from Columbia Business School.

To stay up-to-date on B2B tech & accelerate your enterprise:

Follow on

Next to Read

Voice of Customer (VoC) B2B Marketing in 2024

Jan 33 min read

In-depth Guide to B2B Inbound Marketing in 2024

Jan 114 min read

7 Use Cases of ChatGPT in Marketing for 2024

Jan 23 min read

Comments

Your email address will not be published. All fields are required.

0 Comments

Related research

A Complete Guide to Experiential Selling: Definition & Examples

A Complete Guide to Experiential Selling: Definition & Examples

Feb 144 min read
First Party Data: Use Cases & Best Practices in 2024

First Party Data: Use Cases & Best Practices in 2024

Jan 34 min read