Lately, there has been an upsurge of phishing attacks on my servers! Though I don’t blog a lot, anyone who knows me or knows my posts, knows how much I hate dealing with phishing attacks. They leave an awful mess for me to clean up. So, I find that I repeat myself often, and I suppose that won’t change in the near future.
It’s important for you to know that there has been an Internet-wide increase in bank phishing attacks against websites around the world. In these attacks, a hacker gains access to a website by obtaining or guessing the site password or, more often, exploiting a weakness in code on the website. They then place files on the website designed to fool people into thinking they are at their legitimate bank website where they enter their account access information. Now, the hacker has what is needed to access and potentially empty a person’s bank account.
What Does This Mean For You? If your website is hacked by a Phisher or Hacker, your site will be tagged by the major Internet security blacklists. This can cause your website to be totally inaccessible. Once listed, it can take a while to get all the criteria met to have your site declared safe. This process is often a very expensive ordeal to go through costing hundreds of dollars.
What am I doing? As your web designer, I make sure your cPanel/FTP passwords are very strong, using upper and lowercase letters, numbers and special characters. At the first signs of brute force attacks, I change the passwords.
What Should You Do? Make sure your WordPress passwords are very strong, again, using upper and lowercase letters, numbers and special characters. If you have ANY doubt, change them immediately to a very strong password. I have set up your WordPress site to require strong passwords. I know this is frustrating to have to think up a password that is super strong. Memorizing something with upper and lower case letters, numbers, and symbols can be very difficult. But this is critical for the safety of your website and the safety of your customers. If you just can’t come up with a decent password, you can generate a strong password here: PasswordGenerator.net. If you are like me and you really do have trouble remembering all those convoluted passwords, check out LastPass.com. This website stores all your passwords and allows you to access your passwords from any browser and any device. It will also tell you of any websites that have security problems like the recent Heartbleed vulnerability.
Your website or blog was developed with WordPress. Most software or plugins that allow for a customer to log in as a member or customer are vulnerable to phishing attacks. As your web designer or webmaster (webmistress), I am responsible for keeping that software updated. I update a couple of times a week. If you are logged into your account and have seen that there are plugins, themes, skins, or anything else that needs to be updated, let me know. I’ll get right on it!
Our web host’s Anti-Malware System has caught hundreds of these attacks as well as literally thousands of other types of assaults on various client websites so I strongly recommend that, if you have not already done so, ask me how you can add this incredibly valuable protection to your website(s)!
If you are experiencing trouble with your website, don’t hesitate to contact me.