Tuesday, June 25th, 2019

W WebWorks by Terry Young
Watch your Hack



WATCH YOUR HACK

It isn't only large corporations
that can be victims of hackers



Many smaller web site owners never think that a hacker would go after their little local site. After all, they have nothing worth stealing.

While this generally may be true, it helps to understand that different sites attract different hackers with different motivations.




Larger corporate sites with high visibility are more likely to attract the 'hardcore' hackers.   These are people who only want to prove that they, just one person, are smart enough to bring down a large powerful organization.

Government sites not only face that same 'break the system' mentality, but they also have to deal with hackers trying to gain access to classified materials.

Luckily, most larger companies and organizations have 24-hour online security monitoring and backup measures in place, so most of the time, hackers prove to be little more than an annoyance.

Smaller companies may not have to worry about these types of hackers, but there are other motivations that can pose serious threats to even small, innocuous sites.

Probably the biggest threat for smaller sites comes from 'phishing.'

Phishing is where you receive an email, apparently from a bank or trusted institution, telling you that for security purposes you must log in to your account via the link provided, and verify your details.

When you click the link, you go to what appears to be a legitimate web site, but is not.  This page has fields to enter your account number,  PIN number, security question answer, and any other information which will help someone quickly access and empty your account.

Phishers are opportunists who use basic hacking techniques. All they need is to be able to gain access to any web site to upload a few fake institution files.  This is why they are a very real threat to all web sites.   Phishers work under the radar,  placing the fake pages well down in the sites folders, making them harder to locate.  Furthermore, the web site that was hacked is completely unchanged by this activity.

In the last 12 years, we have had a few businesses who needed our help after their web sites were compromised.

In most cases, the owners had no idea anything was wrong until they were contacted either by security companies, or concerned citizens who had received phishing emails.

The most recent case was just a month ago, and was one of our clients. Their site suddenly had several new files and folders appear that mimicked a New Zealand bank's site.

Luckily for all concerned, this issue was discovered the same day, the hosting passwords were changed, and the fake pages removed.

So, can you minimize such risks?   Yes.  Web site owners need to make sure that the site is frequently checked for new files by the web designer.

Alternatively, the designer could create a program to automatically scan the site and compare files every day as our newer WebUpdate sites do.

Site owners should also frequently review and change their hosting passwords, never using real words or names, which can easily be guessed.

If you are ready to grow your business, now is the time to consider new web technologies such as our WebUpdate systems, which employ advanced promotion and security features designed to give businesses the best competitive edge online.





Terry Young is the founder and CEO of Internet Marketing and Design. Since 1997,
his computer programming and graphic design knowledge have kept his company
at the forefront of the latest technology in web development.