860-351-eBMG (3264)

Website Security Update – Phishing to Plugins


Depositphotos_22233745_l-2015I know I write about this stuff a lot.

I know I read about this stuff a lot.

Using the powers of deduction, it makes sense to write about this stuff a lot.

While most of our time is spent on how our logo looks, what our content plan is, when will we find time to write the business blog (we can solve that issue!) and poring over digital data, the “unseen” and often forgotten security exists just under the surface.

Unfortunately, the people who spend their time hacking and spreading malware are geniuses that can derail your business and possibly do damage to your clients.

Keep up with the information, file it away and take the counter-measures necessary to make your website and your business less likely to be hacked which shows you care not only about your company, but your customers as well.

It’s Always Phishing Season

rod-1366145_1280Wow!  Now the scammers are getting so sophisticated that you will actually be sent to the real link, but your data is being stolen by malicious JavaScript (think little, invisible programs) in the background.

Today’s example I’ll share is the PayPal advanced phishing tactics that Malewarebytes.org shared in their recent blog post.

I use their premium software that would have protected me in this situation as the article explains, so I do swear by this company and I am not an affiliate (although I probably should be, that’s how much I respect their efforts).

To sum it up, you hit a bad link that looks like the correct URL (i.e. hovering over the link won’t tip you off, boo!), proceed to enter your PayPal credentials and are sent to the proper PayPal page.  Unfortunately, all your PayPal credentials went to another place, a very bad place for you and your credentials.

WordPress Plugins – When Hackers Attack!

The most popular and rapidly growing CMS is WordPress for many great reasons, many of which is why eBurns Marketing Group has a WordPress website and we design and implement them.

attack-1294254_1280But, as you can probably guess, it’s all about security with this guy and we have options to keep up with the necessary plugin and platform updates, monitoring the plugin vendors when it comes to staying current and finding new options should a plugin become vulnerable.  It takes time and effort, but being proactive can reduce the weaknesses hackers are “looking” for with their Malicious Bots…always probing, always looking and always causing trouble!

I use the Wordfence Premium security plugin because it’s very proactive…but, the free plugin is superior on so many levels you can simply use that.  Their recent blog on the Top 50 Most Attacked WordPress Plugins this Week and it’s an eye-opener for those of you who give this little to no thought (more reason to contact us about our proactive, managed hosting plans).

Here is a small snip of that page, but I invite you to click over to read the full article as you will learn that during this one week:

  • Wordfence Blocked nearly 21 million attacks on websites they are installed on
  • 73.6 thousand bad IPs were the source of these attacks
  • 38.8% of the active websites protecting where attacked worldwide

As I said at the top, I know I write about this often.  Maybe it’s my insurance-industry training to avoid risk that I apply to most situations in life or maybe it’s because I see the sheer volume of hack attempts on my website and those I manage.  It’s real, so either find a resource who is as dedicated as we are or reach out to me at eBurns Marketing Group to figure out how to help your company avoid digital disaster!

Wordfence Top 50 Attacks Sample

Wordfence Top 50 Blog Snip