A Sky News investigation has found that some payday loan brokers have benefitted from hacking into websites to divert the history and status of a legitimate business to their domain.
This increases their ranking on Google, and the tactic has given unregulated brokers access to online traffic worth millions of pounds.
The findings come as the Office of Fair Trading (OFT) prepares its report into dirty tricks in the market, due to be published in February.
Every month, tens of thousands of potential customers use Google to search for payday loans.
The search engine has a complex algorithm based on a website’s history and credibility which tries to ensure that users are directed to the most appropriate websites.
However, Google’s natural listings system can be tricked. Sky News found three payday websites that were stealing the credibility of other websites to boost their ranking. The target victim sites included a music business, a graduate website and even a church website.
In November last year, Sky News discovered established music licencing website Ricordi was one of several domains that began ranking highly for selling payday loans on the front pages of Google. Clicking on the link diverted the user to a payday broker’s site.
Web analyst Dr Joseph Somerhalder from search optimisation company Chillicow explained what was happening.
He told Sky News: “They hack into the website. They optimise the website for something that it is not about such as payday loans. Then they wait for the right moment, and then they forward all the history and all the credibility from the old website, the legitimate business, into the illegitimate business.”
He added: “It’s a bit like stealing your identity online. They take the website’s identity and history and they point it somewhere else.”
Ricordi is owned by Universal Music Group. A spokesperson for the company said: “We recently discovered the unauthorised access to our Ricordi UK website. UMG takes the protection of its sites very seriously and has implemented measures to prevent a recurrence of this type of event.”
But other companies may not be aware of the hacking. Using web analysis software, we found that over 10,000 websites have been compromised by this technique on one server alone.
Sky News spoke to the owners of UK graduate website Gradfunding which was also in the process of being hijacked.
Dr Luke Blaxill, director of the website, said he was also trying to deal with the problem.
“To get rid of this we are going to have to rewrite every bit of code on the website and transfer it to a new server.”
The payday loan intrusion meant his company was starting to fall down the listings for its own business operations and it could lose years of building up an online reputation.
Dr Blaxill said: “It has taken years for us to get to the position that we are in this particular market and for that effectively to be almost rewritten overnight by a scammer, is a real problem.”
Raiham Islam from Jar Applications, which fixed the problem for Gradfunding, told Sky News: “What they did was inject a malicious code into the web server, and the files trick Google by the method of cloaking.
“They then bomb the site with payday loan links to increase its ranking for payday loans and redirect the traffic to their scam website. That’s when the hacker starts making money.”
During the investigation we found church website Canada had been hacked for this purpose. We also discovered 21,000 payday loan links had been pointed at a Bonsai society website.
There are concerns these tactics leave UK loan customers exposed to unscrupulous, unregulated brokers.
Over the last two months Sky News conducted test searches on Google for payday loans which produced websites high in the natural listings that were in breach of OFT regulations.
Several had no consumer credit licence, a requirement for any loan broker and lead generator.
Some websites claimed to be 100% secure, but actually had no data protection when customers entered their bank details. This exposes customers to fraud and identity theft.
We also found many websites broke legal requirements on transparency to customers, such as failing to prominently display a representative APR or an address where the company can be contacted.
Some legitimate lenders in the industry have told us they are aware of the problem. Many of them advertise on Google’s pay per-click service as an alternative to the natural listings.
One lender who did not want to be identified suggested the price of Google’s sponsored links have gone up because demand has increased with legitimate companies struggling to get on the natural listings.
“Google could solve this problem by tightening up their algorithm” he suggested. “But they have no incentive to do so. We’re all having to use the sponsored listings to get any traffic to our websites.”
He added: “But customers don’t realise that some companies on the natural listings don’t have a consumer credit licence, which means they don’t have to tell the customer how much they’re going to pay back, which feeds into some of the problems we’re seeing at the moment of customers not able to pay back their loans.”
Google says its key motivation is to try to direct customers to the best websites.
A spokesman told Sky News: “As part of our on-going effort to reduce webspam and return high-quality websites to our users, we are constantly improving our search algorithm to better detect and decrease rankings for sites that we believe are violating Google’s quality guidelines and engaging in webspam tactics to manipulate search engine rankings.”
For legal reasons we are not naming the websites linked to hacking but we have passed our evidence to the OFT, which told us: “The OFT is clear regarding the standards it expects from those businesses that it regulates and has publicised an extensive suite of guidance documents. We take very seriously any evidence tending to show that businesses are not meeting the standards set out in our guidance.
“The guidance for credit brokers and intermediaries states that creditors should satisfy themselves that persons they deal with are appropriately licenced. Accepting leads from unlicensed sources would raise concerns about a lender’s fitness to hold a consumer credit licence.”
At one point during our investigation we found the highest ranking website on Google was a four-day-old domain registered to a field in California.
Just a few days in this position can earn the web owner tens of thousands of pounds. Yet this site was in breach of several regulations and displayed nothing on the website to suggest it was licenced to sell loans in the UK.
Last November, the OFT opened formal investigations into the tactics used by an number of payday lenders. But if the regulator wants to properly police the market, it seems it is going to have to work with Google.