Nearly every large, well-organized criminal operation needs a good “front” — a seemingly legitimate business that helps lawbreakers arrange transactions, supplement their funds, launder money, and otherwise evade detection. (Think the bakery in “Weeds.”) Traditionally, fronts have been real brick-and-mortar storefronts and offices, but with the rising prominence of ecommerce, online criminal operations like child porn rings are increasingly hiding their operations behind legitimate web stores and other sites.
BBC News reports this finding from the Internet Watch Foundation’s annual report. The Internet Watch Foundation is a UK nonprofit dedicated to monitoring child sexual abuse content online and getting it removed from British ISPs and hosts. Its 2011 report identified an emerging trend in pedophilic content being hidden on “disguised websites.”
The principle derives from a legitimate web development technique, where ecommerce companies remember who you are when you visit their site and direct you to your personalized shopping account, cart, or a specific section of the site based on saved information about past websites. This helps you bypass the hassle of starting at the homepage, and helps encourage you to spend your money as quickly and conveniently as possible. Some of the sites you’re taken to in this process are only available via a specific referrer. If you weren’t to access the site via this gateway — say, for instance, you’re in the habit of browsing anonymously — then you’d be taken to the site’s publicly-available content.
Child porn and other illegal content can be likewise hidden with restricted access. Random, non-criminal web surfers access the sites in question and are directed to benign, maybe even legitimate content. But customers with knowledge of the secret referrer URL visit the site through that pathway and can access the illicit content. Not only does this help mask the content both from regular visitors and prying eyes, but it also offers additional advantages to the child porn providers. According to the study:
-
[This] means that a commercial child sexual abuse business may be able to acquire legitimate business services, such as banking services, if the website appears to host legal content when directly accessed – essentially tricking companies into providing their services for what is actually a criminal enterprise. It also means that when the public report finding child sexual abuse content to a Hotline, to the analyst visiting the reported URL, it appears to show legal adult content.
The IWF reported discovering 579 instances of this tactic in their 2011 efforts. It claims that its analysts are becoming more adept at spotting, accessing, and reporting the sites. No instances of this tactic have yet been discovered on British servers.
The report found that nearly half of all child sexual abuse URLs were hosted in North America, with 43% hosted in Europe (including Russia).
[BBC News, Internet Watch Foundation. Image Credit: ThinkStock]