Dirty Web Promotion Tricks #1 - Legitimate and Malicious Javascripts

One of the best way to get visitors to further explore your site is to convince them to set your home page as their Internet start page, or for them to add you their "Favorites". In this article, we'll examine some ethical and unethical ways this is done.

Many sites include legitimate javascripts that allow visitors to easily add a page to their "Favourites" by clicking on a link. A script to achieve this would look like something along the lines of:

======================================================================= SAMPLE Legitimate "BOOKMARKING" SCRIPT:

<script LANGUAGE="JavaScript">

//Free for Redistribution. (C) Michael Bloch fromhttp://WWW.TAMINGTHEBEAST.NET //Please do not remove these comments. This script can be use within tables. //Suitable for most 4+ Browsers. Copy and paste into a text editor first, //change the YOURSITE details to suit, then paste into appropriate area //between <body> and </body> tags in HTML. Visit Taming the Beast for a //wide selection of Web development tools and articles!

if ((navigator.appName == "Microsoft Internet Explorer") && (parseInt(navigator.appVersion) >= 4)) { var url="HTTP://WWW.YOURSITE.COM/"; var title="YOURSITE DESCRIPTION (this will appear on bookmark text)"; document.write('<A HREF="javascript:window.external.AddFavorite(url,title);"'); document.write('<small>Bookmark YOURSITE!</small>
');} else { var msg = "Bookmark YOURSITE!"; if(navigator.appName == "Netscape") msg += " - press(Ctrl-D) on your keyboard."; document.write(msg); } </script> ========================================================================

This script should work well in most 4+ browsers. It is as simple as I could make it, and was put together using a number of free scripts available as a reference. There are many other scripts available that allow for the use of images and status bar text.

In this script:

- When Netscape is detected, it only displays a message suggesting that the visitor uses the Ctrl+D command to bookmark the page and the scripting will not appear in the source code of the page.

- In Internet Explorer, it will add your homepage to this visitor's "Favorites" from any page in the site - along with a custom description you specify in the script.

- Other types of javascript enabled browsers will only display the suggestion to bookmark (no keyboard commands as this can vary browser to browser), and the script will not be displayed in the source code.

Unfortunately, some companies do not use ethical methods to gain a valued place in a visitors Favorites or bookmarks.

On visiting a web design resource site the other day via a search engine link, my anti-virus program jumped up and alerted me with the following:

"real-time protection has found that C:WINDOWSTEMPORARY INTERNET FILESCONTENT.IE5S3QFQF0XADVERTS[1].HTM is JS.IEStart trojan."

I hadn't clicked on anything! This script had been activated simply through me visiting the page. There were no warnings on the page that this was going to occur. What the javascript had done was to reset my "home" page and added entries to "My Favourites"! I examined the script that had caused it occur and while I won't publish it here for obvious reasons, I can assure you that it would qualify as a "scumvertising" tactic.

When restarting IE I found that via an ezine site and another marketing company (from where the script was called), I was being redirected to a very well known software companies' home page. In total, there were 4 companies involved in this particular incident - I look forward to the responses to the emails I will send them.

If you have had this happen to you, I'd like to know about it.......

The JS.IEStart trojan is also known as VBS.Passon (CA), VBS.PassOn (NAV) VBS/IEstart.gen.

While it is not destructive, I object strongly to other companies adding sites to My Favourites and altering the default home page without my permission or knowledge. If I hadn't had my AV program running in the background, I probably never would have figured out where this script came from. I have since then copied the scripts, along with appropriate screenshots pending further action.

It is an invasive, disgusting marketing tactic that only serves to irritate visitors; and it helps give the web marketing industry a bad name. I am sure the company I was redirected to will be interested in knowing that their advertising cash is being spent on a marketing firm who uses, in my opinion, illegitimate means to send visitors to them. It is a waste of their money as they are recieving traffic that is not targeted - what is known as "garbage traffic".

To the companies that incorporate this type of ploy as part of their "bleeding edge" marketing technology - "may you live in interesting times"! You will be caught out!

It's bad enough that we have to travel the 'net with our AV programs and firewalls on "paranoid" mode - do we now have to have "pop up killers" running all the time as well?

Michael Bloch [email protected] http://www.tamingthebeast.net Tutorials, web content and tools, software and community. Web Marketing, eCommerce & Development solutions. _____________________________________________

Copyright information....If you wish to reproduce this article, please acknowledge "Taming the Beast" by including a hyperlink or reference to the website (www.tamingthebeast.net) & send me an email letting me know. The article must be reproduced in it's entirety & this copyright statement must be included. Thanks. Visithttp://www.tamingthebeast.net to view other great articles FREE for reproduction!

Articles Source - Free Articles

Get Latest Tech Updates For Free!