Loyal readers already know I’m a great proponent of the marketing opportunities of RSS. But because the concept is so difficult for some people to wrap their minds around, I have deferred bringing up the dark side of RSS but this cannot wait any longer so if you’re still in the dark about RSS firstly, please don’t let this be a deterrent. Every technology has flaws even email and the telephone! The problem is new and the experts haven’t really found a concrete solution just yet but eventually I’m sure something will come up.

For you experienced RSS and podcast publishers, you need to know, your feeds can be hijacked very easily. I think the better description for this is more kidnapped or held for ransom. Now before I go further into this, be warned it will require a little bit of imagination. When I first read about this at Om Malik’s blog, it wasn’t clear at first but after thinking through, I got it. You may want to draw a quick chart – it will help you better understand this.

First, the hijacker creates a redirect URL so e.g. I’m hijacking your feed. I will create http://www.mysite.com/fakefeed.xml. In my control panel, I will simply create a redirect to your feed e.g. http://www.yoursite.com/rss.xml

So you know what happens now? Anyone going to or subscribing to http://www.mysite.com/fakefeed.xml will land on http://www.yoursite.com/rss.xml. What the hijacker does now is promote http://www.mysite.com/fakefeed.xml everywhere on directories, anywhere they can promote it.

Ok hold your horses Lynette – isn’t that like…. good? Well yes and no first, you’re thinking wow! I have a sudden influx of subscribers this is so cool! You’re basking in the glory, all your hard work pays off and you proudly display a badge telling everyone how many subscribers you got. Wow you hit the big time.

For your sake, I hope that is true because if your feed were truly hijacked, you first get an influx of subscribers because this guy is promoting for you but… then one day he decides it’s payback time and ‘pulls’ the redirect. So now people who were listening to you via http://www.mysite.com/fakefeed.xml are now listening/reading some other garbage that’s not published by you.

Now, you’ll find your subscribers have dropped dramatically but that’s not all… people who are still subscribed to http://www.mysite.com/fakefeed.xml will think you are still the publisher although they will not comprehend why this sudden change in content. Or they may demand ransom from you. Scary? Yeah.

Well what can you do about it? Unfortunately there is no easy answer right now. Colette Vogele suggests some good starting points on this including checking all the directories – to make sure the feed listed is truly pointing to the correct URL, writing to the offender and notifying the directories. But I’d like to offer a few additional ideas.

• If you have a podcast – it may be a good idea to start or end each show with a quick reminder – just say something like “If you’re subscribed to us from http://www.myurl.com/podcast.xml you’ve got the real deal, if you’re not, unsubscribe right now and resubscribe to http://www.myurl.com/podcast.xml” or some similar language.
• If you’re publishing an RSS feed – maybe once a week or (or more) you can put in a quick entry to remind people of your correct feed URL. If it is a dynamically generated feed I’m quite certain you can get a programmer to enter something similar beneath each entry
• Go to Google Alerts, type in your RSS title, blog name or podcast name. Google will tell you when it finds some mention of you anywhere on the Internet – you might catch someone pretending to be you

Do you have any other suggestions? Post them in the comments 🙂