Tracking software protects Yell from harvesting attacks

Online directory service Yell is investing in tracking technology to protect its online database from theft by criminal groups...

Online directory service Yell is investing in tracking technology to protect its online database from theft by criminal groups and rival businesses.

The company faces regular attacks from individuals, groups and businesses which use database "scraping" software. The software is capable of copying 100,000 items an hour in an attempt to steal Yell's proprietary data, the company will tell the E-Crime Congress today.

Eddie Cheng, e-business director at Yell, said the company had installed sophisticated tracking software to spot suspicious transactions and was continually updating it in an attempt to stay one step ahead of the criminals.

One technique used by Yell is to seed the data with false companies created using real addresses and phone numbers. If the fake businesses begin to receive junk mail, it is an indication the database has been copied, said Cheng.

Yell has also deployed pattern recognition technology to spot website users who appear to be harvesting data. "Like all databases, we log usage. We know how many searches come from a particular IP address and the pattern of the search. A normal person might check their local pharmacy, but they will not be interested in contacting all the pharmacies in the South East," said Cheng.

Other indicators are enquiries made from overseas or at unusual times of the day, Cheng said.

Yell began to take countermeasures three years ago after noticing that one or two heavy users were accounting for a large proportion of the transactions on the website.

Some of the attacks are by amateurs, who, for example, use Yell to send out fundraising letters without realising they are breaching copyright. Others appear to be perpetrated by businesses. Yell said it had no choice but to prosecute some offenders.

"Any business in this area is likely to need some sort of protection. If they have not got it, they are likely to be in trouble," Cheng said.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.