Outdated WordPress Software

Panama Papers Breach Attributed to Outdated Sites

Security-BreachJust like the software on your PC, your Content Management Software (CMS) (or for most, your WordPress Software) for your website also needs to be kept up-to-date.

Failing to keep the software up-to-date means that your website has the potential to be exploited. This could result in your data being stolen (or your customer’s data), your website being blacklisted as a security threat or even all of your website being deleted. While Conetix is responisble for the security of the network and the server itself, the security of your website (and all software updates) is the responsibility of the client.

Warning: Failure to keep your site up-to-date may result in your website being defaced or if it’s used for malicious activities it will be suspended.

Tips to keep your CMS software up-to-date:

  • Use a platform which is easy to update (eg WordPress)
  • Login frequently to your admin area in order to check for updates
  • Don’t forget to update all plugins and themes as well.
  • Contact us to organise for use to do this on a weekly or monthly basis for you

A recent write up explains how the sites owned by the Panama Papers Breach were  left vulnerable.
See write up.

So imagine your site being hacked? Imagine your site having your content stolen from.

Do something about it today. Call us to discuss your options.

Ransomware Strikes Websites

Ransomware is a type of malware that prevents or limits users from accessing their system. This type of malware forces its victims to pay the ransom through certain online payment methods in order to grant access to their systems, or to get their data back. Some ransomware encrypts files (called Cryptolocker).

Ransomware infections were first seen in 2013 and have been on the increase since then. Today it is one of the most pervasive online threats that Internet users and businesses face. Traditionally, ransomware has only affected personal computers and the malware is often distributed through hacked websites.

Every Week we hear of someone who computer has been infected. Just recently  ( Jan 2016) there is a new email coming out disguised as Australia Post. Telling you that a parcel could not be delivered and to click here for more info.

Over the last few months there has been a new development with ransomware attacks: They’ve started to infect websites themselves. Yes so if you are reading this and you have a website, BEWARE!!!

These attacks infect and encrypt the website files and then demand payment. The files on the server are inaccessible and the homepage is defaced with a warning that the website has been held hostage.

 

Have you seen this? You dont want too.

Ransom

 

 

 

 

 

 

 

 

 

 

 

Unsurprisingly, vulnerabilities in outdated software seem to be the main method of distribution. Remember web admins: Update, update update!

Ransomware Is Now Targeting Websites

Usually websites are used to spread PC-based ransomware; visiting the infected website will launch the virus onto your machine, encrypting its contents. Before it was also commonly distributed through tech support scams and bogus e-mails, but now we see website admins fall victim as well. Magento e-commerce sites seem to be a big target of this new website ransomware, but it is by no means limited to them. ALL websites are now at risk.

Once the attackers have access to your server, (where your website is hostedthey encrypt all your site files and have the extension of .encrypted added to the file name rendering them useless:

There was a flaw in the way the files were encrypted, and it was possible to return then to a state or good health, however the attackers caught wind of their design flaw and now it is even hard to rectify. So without a clean backup, you might find yourself having to rebuild your entire website (unless you want to take the risk of paying the ransom fee which there is no guarantee you will ever get the key to fix the files).

Whats even worse, is this malware can spread to other websites in the same hosting environment making a bad situation much worse. So if you have more than one website

Just like your computer backups, website backups are Critical

If you are unfortunate enough to have your website infected with this ( or any) malware, your only option is to revert to a recent backup, change all login detailss and update all software. If you dont do backups, then when you get hit, you will understand why we impress on our customers to backup Backup BackUP!!!!. If you don’t already do backups, then we can take some steps for you to ensure you have a backup handy.

If you find yourself having to get your website rebuilt after such an infection, then you will be kicking yourself, and wondering why you never got us to do a backup for you. Once it has happened, it is too late.

The very least you should do for your site is to put your site behind a website firewall to help prevent attacks before they even reach your site. We can recommend a hosting company that bends over backwards to prevent this sort of thing happening..

If you would like to talk to us then please call or head over to our contact page and get in touch.

We have various packages available, however we can do special one off deals depending on your needs. Speak to us today to see what we can do for you

Email Scams Targeting Websites

Email scam alertCAUTION WEBSITE OWNERS

We are often contacted by clients after they have received emails from random individuals or businesses claiming to have the expertise to improve the website’s “digital performance”, or improve the site’s ranking by providing a “website audit” or wanting to write “posts” and link to the site.

Be very wary when approached in this manner. Before you agree to let someone have access to your site or pay any money to them, thoroughly check their credentials. It is more than likely that they are email scams.

HOW CAN YOU TELL??
If you look at the Signature blocks for all 3 of these examples below they are all very similar.

Michael | Strategy & Technology Manager

AU IT SOLUTIONS
Headquarters: 41 Bridge Rd Glebe, NSW 2037, Australia
Other Offices: Hong Kong & China | USA | New Zealand | UAE | Singapore

PAGE PORT Pty Ltd
Address: Level 13, 460 La Trobe St Melbourne VIC 3000
Global Offices: NZ | China | USA | Singapore | UAE

SMM Pty Ltd
Headquarters: 36 Surry Hills Sydney NSW 2010 Australia
Other Offices: Hong Kong & China | USA | New Zealand | UAE | Singapore

Google their names, visit their websites.
Looking at our examples on the internet, each of these companies have different addresses to what is listed on the Signature block. Also when we looked at “Page Port” there are warnings on the net about this being a SEO Scam from India.

So please before you think about contacting any of these people because they sound good and say they can help you out, check with us. As the end result could be that you spend money and get nothing or get infected with spam etc on your site. No doubt they would ask for money up front or access to your site..

Your website Will be hacked

It is not IF you will be hacked, but When it will be hacked.H
Yes your website is vulnerable to being hack and destroyed! Are you worried if it is? I would be.

WordPress security watchdogs, Sucuri, have revealed that “brute force” attacks are at an all time high.

A brute force attack occurs when an attacker runs a script that attempts to crack a website’s password. This occurs by attempting to log in to a site with automatically generated passwords at rate of thousands of times per minute.

Brute force attacks are not new — in fact, they’ve been around over 15 years, and data shows they’re still going strong.

There have been so many this year that Sucuri has created a new page dedicated to monitoring the current threat level of brute force attacks.

On this page you’ll see that the amount of brute force attacks has grown from around 5 million per day at the beginning of the year, to 35 million per day in the second week of September.

Sucuri’s data also shows the majority of brute force attacks originate from the United States. Attacks tend to occur most frequently between 12pm to 2pm EST, but a site can be vulnerable to a brute force attack at any time.

One of the best way’s to protect yourself from a brute force attack is to have a strong password that’s difficult to crack. It’s also a good idea to have some kind of monitoring system in place so you’ll be notified if your website is the target of a brute force attack.

Another easy way for attackers to gain control of your WordPress site is through flaws found in older versions. It’s important to stay on top of WordPress update because they often contain important security fixes.

That being said, there are always updates being put out for WordPress. Use them!!. If you dont know how and want to keep your site safe against known vulnerabilities, then contact us today to see if your site is more at risk than it should be. We will have a look at your site for free and tell you what is missing and how we can assist you in making your site safer.

While there are numerous ways in which a WordPress site is vulnerable to attack, the following four weak spots are most commonly at fault when a WordPress site is hacked. Dont think these are the only ways, but just 4 of the most common.

  1. Easy to hack or weak usernames/passwords
  2. Theme or plugin that have bugs in them.
  3. If you don’t update the WordPress core files and themes/plugins in a timely manner.
  4. Nice (NOT) people who hack WordPress sites

Weak Usernames/Passwords: As of WordPress 3.8, the standard “password strength detector” forces you to create something extremely strong. This is undoubtedly part of the WordPress Foundation’s efforts to help reverse this particular statistic. So, never use the “admin” username and go as difficult as possible with your password (mixing letters, numbers and letter-case throughout). If you find you want to keep it simple for you to remember then your also making it simple to get your site hacked. Write it down (if you have to) and most importantly, keep it private. If you want to  learn more about how weak usernames/passwords to reduce chances of a hacked site, contact us and we can have a chat to you.

Theme and/or Plugin: Now and then, even the most extremely popular premium themes/plugins will have an some sort of security flaw.  However, you can avoid them by simply reading up on the plugins you’re installing, before you install them. But then most of the time you wont know as they dont know themselves. Stay away from free themes/plugins when they are not from the official WordPress Directories. Also, try to stick to themes/plugins with four and five star ratings. And to be on the safe side, just Google this: “[insert plugin name] security” and see if anything shows up.

Not Updating WordPress Core and Themes/Plugins: It’s understandable that if your site is highly dependent on the functionality of a few plugins, that you’re going to want to wait until they’re compatible with the newest version of WordPress before you update your core. However, when it comes to high quality and reliable plugins, they will almost always have an update within hours or days of the WordPress core release–if it’s needed at all. As a rule of thumb: if you see that an update is available, backup your site and run it.

On ‘Nice” People Who Hack WordPress Sites: It’s important to remember that there are ‘Nice” people out there (as well as misguided wannabe’s with malicious scripts) just waiting for you to slip up. So stay vigilant, follow the guidelines below, and you should be ok.

 

Phishing Emails

Phishing EmailsWhat is a phishing email?
You may have received an email falsely claiming to be from the company or another known entity. This is called “phishing” because the sender is “fishing” for your personal data. The goal is to trick you into clicking through to a fake or “spoofed” website, or into calling a bogus customer service number where they can collect and steal your sensitive personal or financial information.

You need to be a proactive contributor by reporting suspicious-looking emails to the banks or company that the email is about. See if they have an Abuse Department and send it to them.
Most big companies have a security team who work to identify if the email you received is a malicious email.

Most Businesses will carefully review the content reported to them to certify that the content is legitimate. They will generally contact you if they need any additional information for investigating the matter. Please take note to the security tips provided below as they may help to answer any questions that you may have about the email you are reporting to them.

Most Businesses will Always:
– Address their customers by their first and or last name or business name of their account.

They Generally  Will Never:
– Send an email to: “Undisclosed Recipients” or more than one email address.
– Ask you to download a form or file to resolve an issue.
– Ask in an email to verify an account using Personal Information such as Name, Date of Birth, Driver’s License, or Address.
– Ask in an email to verify an account using Bank Account Information such as Bank Name, Routing Number, or Bank Account PIN Number.
– Ask in an email to verify an account using Credit Card Information such as Credit Card Number or Type, Expiration Date, ATM PIN Number, or CVV2 Security Code.
– Ask for your full credit card number without displaying the type of card and the last two digits or four digits. Or similar to this.
– Ask you for your full bank account number without displaying your bank name, type of account (Checking/Savings) and the last two digits. Or similar to this.
– Ask you for your security question answers without displaying each security question you created.
– Ask you to ship an item, pay a shipping fee, send a Western Union. Western Union has a very bad name for allowing Scammers or Spammers to transmit money via their system without due care.

READ!
Any time you receive an email about changes to your account/s, the safest way to confirm the email’s validity is to log in to your account, and go to where where any of the activity reported in the email will be available to view. If there is nothing in the site itself, then take the email as spam.

DO NOT USE THE LINKS IN THE EMAIL RECEIVED TO VISIT THE WEBSITE.

Instead, always go to a browser window like I.E or firefox etc and enter www.website.com into your browser to log in to your account. ( where website.com is the web address of the bank or other account the email is about)

Oh NO You Didnt Did You?

Help! I responded to a phishing email!
If you have responded to a phishing email and provided any personal information, or if you think someone has used your account without permission, you should immediately change your password and security questions.
You should also report it to the Bank or company immediately and they will help protect you as much as possible.
Contact the appropriate business and discuss the email with them. They will help.

If you do this, you will help make a difference.
Every email counts. By forwarding a suspicious-looking email to the business involved, you have helped keep yourself and others safe from identity theft.