To Catch a Website Thief

To Catch a Website Thief

If imitation is the finest form of flattery, then we should feel quite honored. Heck, we’re practically blushing all the time. Our website has been imitated at least a dozen times this year. Except by "imitated," I mean flat-out stolen.

I’m not just talking about duplicate content here. I’m talking about someone taking our website’s code and making their own website with the exact same design. They’re not just stealing a few dollars from the bank. They’re stealing the whole bank.

Stolen, you say? Call the police! Contact the FBI! Get the President on the phone! This injustice will not be tolerated!

A Tale of Many Website Thieves

Earlier this year, we launched a brand new website, one we were very proud of:

first scribe website

Pretty soon, we found this:

website theft

And then this:

stolen website

And then there’s this, bad grammar and all:

stolen website with bad grammar

And the list went on. Some were a bit more savvy about it and changed things up enough so it didn’t look like an exact copy. But others even used some of our images:

website stolen our images

There’s Marshall, our Lead Interactive Designer, working his second job in New Delhi. It’s impressive that he makes it back to our offices every day! 

We eventually decided to do something about it. More on that in a bit. 

The Dangers of Website Theft

You may think the biggest danger of a stolen website is the potential duplicate content issues. As we know, duplicate content can hurt your search rankings. And without those rankings, your business might as well not exist, right?

But this isn’t likely going to be a problem for you, especially if you’ve done everything right on your own site: you’ve claimed it in Google Search Console and Bing Webmaster Tools, you’ve generated and submitted your sitemaps, you’ve properly implemented canonical tags, etc.

The reason duplicate content won’t be your biggest concern is because website theft is more about your design and code than it is about your content. Most website thieves have the wherewithal to update the content. Plus, they probably aren’t trying to rank for the same thing or even in the same region as you. A Minneapolis web design company isn’t going to steal the website of another Minneapolis web design company. Then it’s just too easy to get caught.

The real dangers of website theft relate to data and credibility. In our case, our website thieves all left our analytics script within the page code—which made it easy to find them. But it’s had a negative impact on our data, and it’s left us spending hours trying to remove the junk.

website thief data

The other issue is that of credibility. If there are exact duplicates of your design out there, it can diminish the integrity of your own design. Imagine this scenario: A potential customer is looking at our website and is seriously interested in using our web design services. While they wait for our proposal, they continue their search. They stumble upon another web design company with an identical website. We suddenly don’t look so good. Through no fault of our own, we’ve been reduced to a bunch of unoriginal hacks.  

Finding a Website Thief

Finding a website thief is by no means an easy task. There’s a good chance you’ll never even know your website was stolen. But if you’re the paranoid type—or if you just want to see what else is out there—then you can certainly find them. I don’t recommend spending a lot of your time on this, but it is important to protect your brand.

There are a few ways you can search for website thieves. You can set up a Google Alert. You can use a program like Copyscape. Or you can rely on your analytics.

Analytics is how we found our thieves. You see, we use Adobe Dynamic Tag Manager (DTM) to implement our analytics. We think Adobe Analytics is the best tool on the market, but it’s so underused that most website thieves have no idea what it is. So they don’t bother to remove the two lines of code required to implement DTM. Which means we can catch them red-handed.

We’re big on data. We love using analytics to help us determine how we can improve our website and our clients’ websites. So it didn’t take us long to find suspicious data in our reports. When we saw that our 21st most-viewed page during April was /HappyHour.html, we knew something was up. And Adobe Analytics took us straight to the offending website, a restaurant in Las Vegas.  

stolen website data

This wasn’t the only example. There were hundreds of pages from over a dozen websites that had crept into our analytics. And their sites all looked exactly like ours.

What To Do About Website Theft

Here’s some bad news: there isn’t a lot you can do about website theft. Stealing a website is pretty easy to do (but you’ll have to go elsewhere for a tutorial). You can try to prevent people from stealing your code, but they’ll find a way if they really want to.

So what can you do about it? Well, you can try contacting the website thieves and shout "Cease and desist!" Good luck with that. The majority of website thieves won’t respond—we’re not talking about a respectable group of professionals here. And there’s a good chance you won’t even be able to find their contact information at all. In most cases, the website thieves won’t be from your country, so legal action is probably out of the question. It certainly won’t be worth the cost.

And then there’s the cases where a web design agency steals your design and sells it to one of their clients—as happened to us with the aforementioned restaurant. There’s not much more you can do here other than contact the business owner and let them know they got ripped off. Hey, you know that great new website that you love and paid a lot of money to get? Yeah, that was stolen from us.

If You Can’t Beat Them, Have Some Fun

Since the chances of you defeating the website thief in a legal battle are about zero (try calling the police when your website gets stolen and let us know what they say), you might as well beat them at their own game.

Since our website thieves are stealing our code, we decided to use our code against them. So we created a script that would fire if the code was placed on any site not on our domain. Here’s the result:

stolen website message

Here’s the message a little bigger for you:

website stolen message enlarged

Was it mean of us to let the entire world know that these people stole our website? It feels a bit more like poetic justice. And it tells potential clients to stay far away from them. Besides, we were nice enough to tell them how to remove the stolen message. Which they did—from the home page only.

I guess website thieves aren’t very savvy developers.

Written by

Nate Tower

Nate Tower has over 10 years of digital marketing experience and currently serves as the President of Perrill. He is a creative expert gifted in pinpointing our clients’ realities, goals, and audiences and turning that information into a captivating and never-before-heard brand story. With roots in digital marketing, education, and creative fiction, Nate’s an Old Faithful-caliber fountain of knowledge.


Nate Tower

Post Type



Sep 10, 2015