The modeling of Web user navigational patterns is a critical component of many Web applications such as those involving Web personalization, recommender systems, and Web analytics. Because such open adaptive systems depend on users' input, malicious third parties may seek to distort the system's behavior by generating false clickstreams. Recent research in collaborative recommender systems has shown that personalization systems that use explicit user feedback in the form of ratings are vulnerable to such attacks. In this paper, we extend this work to the area of adaptive systems that use implicit measures of user behavior such as the navigational patterns employed in Web personalization. We find that, although such usage-based Web recommender systems use different recommendation algorithms, they are nevertheless subject to similar manipulation through appropriate attacks. In this paper, we introduce several examples of "crawling attacks" and demonstrate their effectiveness against some common Web personalization algorithms.