Akamai's new Hijacking Protector aims to block browser redirection

The Audience Hijacking Protector by Akamai is a cloud-based solution to help protect in-browser attacks including marketing fraud and other malicious redirections.

Browsers version 100 bug

Aiming to reduce affiliate fraud and mitigate privacy risks, web and internet security company Akamai has released Audience Hijacking Protector, a cloud-based solution designed to minimize in-browser marketing frauds by blocking unwanted redirections like unauthorized ads and pop-ups.

Promising protection from possible revenue loss and disrupted customer experiences, the new hijacking protector, generally available now, offer features to defend against unwanted redirection of customers to competing and malicious websites.

"The browser is often an ignored area for application behavior control," says Patrick Sullivan, CTO of security strategy at Akamai.  "But in-browser protections are a key area for effective business and security controls. Audience Hijacking Protector gathers unique data that generates actionable insights to maximize revenue opportunities and minimize fraud."

Audience Hijacking Protector uses a machine-learning algorithm that monitors and characterizes browser extension activities —both legitimate and illegal — for categories including purchases, browser hijacking, price comparisons, selling of user data, price comparisons, and competitor's ads. These extensions are controllable across each category and can have different rules for different situations.

Browser data analysis helps implement business rules

According to Sullivan, Audience Hijacking Protector can be activated in minutes and automatically runs in the background, collecting and analyzing browser data to help implement effective business rules.

"Traditionally ad fraud is fought through visibility and analysis of traffic, but bad actors, knowing that ad fraud is a big, lucrative business, have gotten far more sophisticated." says Liz Miller, an analyst at Constellation Research. "So, the market needs new AI-powered, multi-focused methods of monitoring, detection, mitigation and reporting. There are several competitors to the Akamai solution out there, but what makes this offering interesting is Akamai's long-standing posture as a leading content delivery network (CDN) and web application and API protection (WAAP) with tools like Kona Site Defender."

While the new hijacking protector promises a full protection from malicious redirects, could it block legitimate redirections, designed as a third-party tie-up or a cross sell landing page?
According to Miller, although it is rare that these tools will block authentic and legitimate traffic redirects, it is not completely impossible. "The key is for the teams to strategize and define where and what desirable vs undesirable redirects look like" she adds.

As part of the announcement for Audience Hijacking Protector, Akamai also unveiled additional products and capabilities for online businesses.

  • Page Integrity Manger enhancements: New features protect against in-browser exfiltration and other script-based attacks through Akamai's in-house threat intelligence, Akamai ETP. Also added is a policy layer enhancement that enables businesses to build custom detections.
  • API Data Loss Prevention: Allows businesses to discover where personally identifiable information (PIIs) may be leaked or used by APIs.
  • App & API Protector Custom Rule Builder: Provides businesses with a custom rule builder featuring additions like sampling intervals, more match conditions, and enhanced user massaging.
  • Managed alerting for Bot manager: Akamai's Managed Security Service has undergone an upgrade to provide better and real time alerting to improve bot detection accuracy.


 
 

 
 

Related:

Copyright © 2022 IDG Communications, Inc.

22 cybersecurity myths organizations need to stop believing in 2022