No one likes talking or even thinking about bad things around the holiday season. It goes against the holiday spirit! But you may not have any choice. Bad things can happen to your business at any moment, and may even be happening as you’re reading this. Every day, millions of small business websites are being prodded and probed by automated hacker tools looking for unsecured websites they can hijack. It’s almost like a thief walking along a row of cars and nearly invisibly checking each door handle to see which ones are unlocked. Except hackers have an additional layer of secrecy. They don’t have to leave their homes to check websites, and they can see many of them – all at once.
Page 61 of 65
Happy Cyber Monday! If your website has survived the Thanksgiving rush, let’s hope it doesn’t suffer from a post-Thanksgiving malware hangover. Because in the usual run up to Christmas, the only people busier than elves are hackers. And their favorite tool this year appears to be malware. What’s a website to do without trusted malware removal?
We took a look at many of the top security stories to hit the headlines in just the last couple of weeks, and it’s not surprising that most of them were about malware.
Security firm Symantec says that hackers have recently been very successful in delivering a nasty gift of malware to unsuspecting users by blasting out emails pretending to be antivirus software updates. What makes the emails so convincing, according to Symantec, is that they look very authentic and incorporate logos from most of the popular antivirus products – probably even those that you use. Because most users are likely to be familiar with the brands and use at least one of them, it makes the email appear more personal and genuine. And therefore more likely to be opened. And clicked – which is what causes the most damage.
Security firm Trusteer also announced that it discovered some of the most advanced financial malware yet, malware that not only has more features than any previous malware, but also creates a private and secure communications channel back to the hackers behind it. According to Trusteer, the malware can steal information entered into web forms as well as steal log-in credentials from dozens of the most popular FTP clients.
And this is especially dangerous to small businesses in the U.S. If this malware is able to steal the login and password for your business bank account, it will very quickly empty that account. And small business accounts are not protected by zero liability. So if the thieves steal every last dime you have in the bank account, you’re out of luck. And maybe even out of business.
To add to the misery, Trend Micro also reported that it discovered more than 200,000 different types of malware targeted at online banking in just the third quarter of this year, with at least 25% of them targeted at U.S. banks.
One of the most dangerous pieces of malware in circulation right now is Cryptolocker. This is ransomware. Once it infects your computer, it will encrypt or lock your files and then demand a ransom to unlock them so you can use them again. The ransom can vary, from $300 to more than $3,000. And even if you pay the ransom, chances are you still won’t get your data back. And thousands of users have fallen victim. Even one police department admitted that Cryptolocker had managed to kidnap their data.
And not to be left out, researchers have discovered that even the NSA has turned to malware to do their job, infecting at least 50,000 with a botnet that will allow them to spy on those computers.
To add website malware scanning and defense to your holiday to-do list call SiteLock at 855.378.6200.
This is my first ever Christmas letter to you. I don’t like to ask for much, but I’m desperate. I’ve been a website for, gosh, going on three years now. Don’t get me wrong, I love my job. My owner’s great, new people visit me every day from all around the world, and my graphics are to die for. There’s never a dull moment, even when my owner is sleeping. Which of course, I never do.
But there’s a problem. My owner is so busy building the business, managing cash flow, and getting orders out the door, that she has little time for things like website security. Besides, she says she doesn’t have a technical background and know much about cybersecurity.
And that has left me feeling, well, vulnerable. Which is not a good thing on the Internet when I’m completely exposed to so many strangers. But my owner really needs the website to showcase her work and generate online orders. And being blacklisted by the search engines would make her very upset. But I worry about what might happen if she doesn’t put everything else aside, just for a moment, and think about website security.
With that in mind, here are just a few things that I would absolutely love this year. Not really for me, but for my owner. I’m doing all this for her, which I think is a very unselfish act. So I hope you’ll do your best to get me as many things on my list as you can.
- First, I’d love someone to watch over me. I know where my weaknesses are, but my owner doesn’t, and she doesn’t have the time to guard me every second of the day. So a website security or monitoring service would be just great. Everyone can sleep easier and I’ll feel much less naked and vulnerable.
- A new password would be great. Would it be asking too much to ask for a new website password say, every three months? Maybe one with a number or two, or heaven forbid a special character!? That could significantly reduce the chances that hackers will guess or crack my password and have access to who knows what. And a strong, random, and well-protected password would be ideal. I mean, what good is a password if it doesn’t do its job very well. Not complaining or criticizing, just saying.
- This might be asking too much, but any chance you could help me get rid of this stuff I’m not using anymore. I feel so bogged down lately with all this old, outdated code and images that no one even uses. It takes every bit of my energy to just load a simple page. I know I could be so much faster and lighter with just a bit of a clean-up – I’ll be a whole new website, you’ll see!
- I don’t want to sound selfish, but could I ask for a little something else for myself? Nothing fancy, but I’ve worked so hard all year I think it would help my spirits and confidence as we get ready for yet another year. Patches. I’d like some patches, or updates. I am up to my gills in all kinds of third-party programs that the web designer thought would be so very cool to burden me with. But he’s easily distracted and he’s forgotten about most of them. Now at least half of them have serious and known vulnerabilities that have never been patched or updated.
Anyway, I hope I didn’t take up too much of your valuable time. And I hope you’ll see that what I’m asking for is not for me. I even know of a company that can help you with this. To make things easy, I’ll provide you with the number to SiteLock website security. It’s 855-378-6200. They’re available 24/7/365 to help!
As Thanksgiving weekend approaches, your customers may be gearing up to make some big purchases. And how safe and secure they feel about your website could determine how much of their hard-earned cash will end up in your pocket.
Website security is one of those things that needs to be addressed (the horror stories of hacked websites are everywhere), but it tends to get put off for many reasons. Some of us underestimate the importance of securing our website, some are afraid it will be expensive, and some think it will be too hard to manage without an IT person on staff. The truth is, website security is critical to your business, but also very easy to implement.
We’ve listed three easy ways to improve your website security:
1. Ensure safe online shopping for your eCommerce customers
As an eCommerce website, you can maximize your sales opportunity by displaying a trust seal. Most website scanning services provide a trust seal to publish on the website’s homepage to show visitors that the website has been scanned and is free of malware and viruses. Trust seals are also used to boost customer confidence.
2. Update your plugins
This is one of the easiest things you can do to protect your website, and also one of the most important. Using outdated versions is the single most common way for a hacker to gain entry to your website, and all your information, and often that of your customers. So make a list of all the plugins and third-party software on your site, peruse it, and purge (uninstall) anything you no longer use. For the ones you do use and want to keep, make sure you have the latest versions and updates installed.
3. Educate your employees about phishing emails
If you are someone who is extremely cautious about opening emails from unknown or large company senders, it may be hard to believe anyone still opens phishing emails or (gasp!) downloads the enclosed attachments. But the reality is that not everyone is aware. And even those who are careful are often so busy and inundated with emails that a few might slip through the cracks. Plus, hackers are getting scary good at impersonating legitimate business emails – PayPal, FedEx, Apple, to name just a few – and luring victims to click on links in order to update account information, track a package, download an important update, etc. All you need is one employee to click on one of these fraudulent download links, and you could be handing over your entire business to a criminal. Financial data for you and your customers – stolen, and your reputation – ruined, in a matter of seconds.
Follow these three easy ways to improve your website security. If you need help with any of the items listed above, give the SiteLock experts a call 855.378.6200. We are available 24/7/365 to help.
As National Cyber Security Awareness Month wraps up for yet another year, have you learned anything? More important, have you done anything, at least to improve your security? In case the answer to one or both is no, I thought I’d share the experiences of just a couple of small businesses (one which I worked with personally) that learned about security the hard way.
In the first case, the victim was a small but thriving electronics business based in Nevada. Their problems began when they started getting phone calls from angry suppliers wanting to know why some big bills hadn’t been paid. After some investigating, the business owners figured out that the bills had not been paid because they had never actually placed the orders.
Data has always been a currency for crooks but, now more than ever, personal data has become a hot commodity for everyone from petty identity thieves to major organized crime. And one of the easiest ways to get this kind of information is from websites just like yours.
A watering hole, or water hole, is a website with vulnerabilities that hackers take advantage of to plant malware. The idea is that the malware simply lies in wait until someone visits your website, and if that someone is not using protection, he or she will find their computer or smartphone infected with that malware.
OK, so there’s no such thing. But guess what? It’s still October, which means it’s still National Cyber Security Awareness Month. Close enough, right? That also means there’s still plenty of time to focus on the security housekeeping that’s crucial to the success and survival of your web presence.
Security is like profit – it’s not an option. And that’s even more important to remember if you rely heavily on your website, either to promote your business or to process orders.
When you purchase a new PC, you wouldn’t dream of connecting to the Internet without having an antivirus tool in place. Because it’s fairly common knowledge that the pace of growth and infection of viruses and attacks that affect personal computers is increasing rapidly and they can do serious damage. PC viruses and malware are often looking for personal information, like credit card data, that can be used for criminal and fraudulent activities.
To counteract the PC infection and theft that viruses and malware can cause, anti-virus tools have a sophisticated knowledge base of active threats. And they continuously look out for computers that have out-of-date antivirus software so they can update it automatically to protect PC owners and their computers from new threats as they are discovered.