Web Design, SEO and App Development   |   Call Us Today On 01883 372488   |   Request A Quote

Security

/Security

How To Guard Against Malware Attacks

Cyber attacks such as Malware and the recently highlighted ‘Ransomware’ attacks are becoming all too common.

To help combat against the constant threat posed by cyber hackers and online criminals we have created a list of tips to help improve your online security.

No. 1 – Be Careful What You Open

The majority of ransomware attacks continue to spread via the use of phishing emails. These e-mails often contain attachments which look like invoices or tax rebates. Opening these attachments will allow the virus to infect your computer.

It’s important that you never open attachments unless you are certain that you know what they contain. Many viruses are spread via attachments that look like invoices and tax rebates so please be ultra cautious.

Top Tip – As strange as this may seem, many fake e-mails, web pages and attachments often include bad spelling (“PayePal” instead of “PayPal” for example). They also have a different look from the standard templates used by reputable companies. These should both act as a red flag.

Looking at the e-mail address that the e-mail as been sent from can often be another tip that something is not right. If you are unsure, forward the e-mail to the company that the e-mail purports to be from and ask them if the e-mail is valid.

No. 2 – Update Windows Regularly

Computer viruses such as Malware and Ransomware rely on exploiting loopholes in outdated software to infect computers. Therefore it is absolutely essential that you ensure all Windows updates are implemented at the earliest possible opportunity.

If you are currently using Windows 10, the operating system should be automatically set to update itself. However, if you are using an older version, the default setting may well be for manual updates.  If you use an older OS, you can find instructions on how to switch on automatic updates here.

No. 3 – Online Chat – What To Be Aware Of

Cybercriminals often use online chats, forums and apps to try and spread Malware. These often take the form of emergency messages.

As a general rule, Microsoft says, ‘Don’t click on a link on a webpage, in an email, or in a chat message unless you absolutely trust the page or sender.

No. 4 – Update Your Browser & Block Pop-Ups

Malware will try to exploit any weakness it can find to infect your computer. Blocking pop-ups and updating your internet browser regularly can significantly reduce the risk of being infected.

Top Tip – Whilst commonly used browsers such as Firefox and Chrome will update themselves automatically, it is still important to restart your browser every so often to make sure any recently installed updates are utilised.

No. 5 – Don’t Download Pirated Versions Music, Games or Films

We’re sure that none of you download illegal versions of anything but just in case you know someone that does, pirate website sites offering free music, games or films are often infested with malware!

Our advice is – don’t do it!

No. 6 – Back Up Your Files

Our final tip is not a preventative measure and is instead a damage limitation exercise.

Should your PC become infected it is essential that you have taken regular back-ups to ensure that the damage is not too severe.

Free online services such Google Drive and Dropbox offer the ideal way of backing up photos and data whereas removable hard drive (which you must not keep plugged into your computer all the time!) allow you to back-up and restore files quickly.

If you are a Windows 10 user, Microsoft has drawn up a guide for how to back up your machine and it can be found here.

Contact Us

If you would like to put your website in the hands of a company who will take it forward, please contact Footprint Web Design on Tel. No. 01883 372488 today.

Currently Browsing: How To Guard Against Malware Attacks
By | May 16th, 2017|Security|Comments Off on How To Guard Against Malware Attacks

Ransomware – Have You Been Attacked & What You Can Do To Protect Your Computer

In view of last week’s events which highlighted the constant risk posed by hackers and cyber-attacks (http://www.bbc.co.uk/news/health-39899646), we thought that now was a great time to offer a few tips to help guard against this ever-present risk.

However, before we offer our own tips on tightening your online security, we would like to address the specific threat from the ‘Ransomware’ which crippled many systems last Friday and would like to direct anyone who feels the could potentially have been compromised to read the information from United Hosting below.

“We strongly advise our customers to apply the following security update, released by Microsoft on March 14th this year: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx?f=255&MSPPError=-2147217396 , if not having done so already.

Overview of risk

Microsoft have announced a vulnerability in Microsoft Server Message Block 1.0 (SMBv1) server today. This service (SMB) is utilised to present shares, printers and more on a Microsoft Domain network.

This vulnerability exposes core Active directory components to Remote Code Execution from unauthenticated attackers. They would be able to execute any code they wished to potentially gain access to the entire network. The patches Microsoft have provided should be tested installed as a matter of urgency.

Specific Security reports of the Common Vulnerabilities and Exposures (CVEs) are below –

Vulnerability title CVE number
Windows SMB Remote Code Execution Vulnerability CVE-2017-0143
Windows SMB Remote Code Execution Vulnerability CVE-2017-0144
Windows SMB Remote Code Execution Vulnerability CVE-2017-0145
Windows SMB Remote Code Execution Vulnerability CVE-2017-0146
Windows SMB Remote Code Execution Vulnerability CVE-2017-0148

The released patches target the SMBv1 service and the way it handles the particular requests that can be used to exploit it.”

How does the virus spread?

One of the key questions regarding this attack is how did it manage to spread so quickly?

There are 3 primary methods of entry for Malware to a computer. These are:

  • Opening attachments or clicking on links in phishing emails
  • Downloading legitimate-looking
  • Visiting a malicious site (particularly if you are using outdated software, browsers etc)

Please Note – If an infected computer is hooked up to a network, the virus can then spread to other connected computers.

Is It Possible To Protect My Computer From The Ransomware Virus?

Many of the users who were affected were still using outdated versions of Windows such as Windows XP which was no longer receiving security updates from Microsoft.

If you are using an older version of Windows, we would recommend upgrading your operating system ASAP.

Microsoft’s current operating system is Windows 10. Two slightly older versions, Windows 8.1 and Windows 7, are also still available.

Am I Safe If I Have a More Recent Version of Windows Installed?

Even if you have a more recent version of Windows on your PC, we strongly recommend downloading all of the most recent updates and security software to increase your ability to guard against these threats.

The security patch that Microsoft released in March, named MS17-010, can be found online.

Windows 10, 8.1 and 8 all include Microsoft’s Windows Defender antivirus software as standard and this can be effective against many types of malware and ransomware. If you are still using Windows 7, downloading Microsoft’s free Windows Security Essentials software can be beneficial.

What to do if your computer is infected?

The National Crime Agency (NCA) encourages victims not to pay any ransom and to contact Action Fraud.

Further information and support can be found on the NCSC website.

They also recommend the following steps:

  • Run Windows Update
  • Make sure your antivirus product is up to date and run a scan – if you don’t have one install one of the free trial versions from a reputable vendor
  • If you have not done so before, this is a good time to think about backing important data up – you can’t be held to ransom if you’ve got the data somewhere else.

Contact Us

If you would like to put your website in the hands of a company who will take it forward, please contact Footprint Web Design on Tel. No. 01883 372488 today.

Currently Browsing: Ransomware – Have You Been Attacked & What You Can Do To Protect Your Computer
By | May 16th, 2017|Security|Comments Off on Ransomware – Have You Been Attacked & What You Can Do To Protect Your Computer

The Top 2 Reasons You May Want To Consider Upgrading Your Website To HTTPS

It always pays to leave no stone unturned when it comes to SEO. Whilst there are a huge number of factors taken into account by Google when it comes to determining their website rankings, exploring all options can only help.

There is a groundswell of opinion stating that upgrading your website to HTTPS (Hypertext Transfer Protocol Secure) could prove to be crucial if you are battling rivals for prime keyword positions.

What Are the Benefits of HTTPS?

We’re all used to seeing ‘HTTP’ at the beginning of a URL but was about extra ‘S’? Essentially the S stands for “SSL”, which in turn stands for Secure Sockets Layer.The Top 2 Reasons You May Want To Consider Upgrading Your Website To HTTPS

This extremely useful technology helps to encrypt the connection to a website, providing that extra layer of security making it more difficult for hackers to intercept important data. This can include passwords and payment details.

Below are 2 additional reasons why increasing the security of the site could benefit your business.

Can Be a Key SEO Ranking Factor

When two similar sites have similar SEO values, the inclusion of an SSL certificate could be enough to nudge your website above your competitor.

Whilst no-one knows precisely what Google’s algorithms look for, it is widely believe that it is Google’s goal to offer the best possible user experience. Increased online safety would certainly fall under this umbrella and therefore having a secure site (HTTPS) can help you rank higher on Google.

Mobile Search Boosts

Are you serious about being found online? You can no longer ignore mobile search optimisation. Because many modern browsers and phone applications require HTTPS in order to perform correctly, failure to add this to your website could leave you lagging behind your rivals.

Contact Us

If you would like to put your website in the hands of a company who will take it forward, please contact Footprint Web Design on Tel. No. 01883 372488 today.

Currently Browsing: The Top 2 Reasons You May Want To Consider Upgrading Your Website To HTTPS

 

By | May 15th, 2017|Security|Comments Off on The Top 2 Reasons You May Want To Consider Upgrading Your Website To HTTPS

Gone Phishing?

Being proactive with on-line security has always been important but with website attacks increasing in frequency, taking steps to safeguard your Keeping Your Details Safewebsite should no longer be viewed as an ‘optional extra’.

Customers need to feel secure and protected when accessing your website, making purchases or submitting sensitive information on-line and the rise in cyber-crime and on-line theft has resulted in effective internet security becoming more important than it has ever been.

Taking Website Security Seriously

With hackers across the globe employing increasingly advanced techniques designed to compromise websites for their own benefit, doing everything possible to stay one step ahead is now the only sensible option for anyone who takes the security of their website seriously.

Whilst there is a chance that your website may escape the attention of hackers, the indiscriminate nature of many attacks just goes to prove that burying your head in regards to on-line safety is never a sensible option and in the article below we will outline exactly why this is the case.

Is My Website Safe?

Let’s be honest here, if the CIA’s website fell victim to hackers, it is safe to say that no website is 100% safe! Authorised Personnel Only

Please click here to see an animated infographic which highlights just how many high profile and respected websites have become victims of hackers over the past few years.

However, as the hackers’ methods of breaking into websites have become more advanced, the good news is that so have the methods of defending these attacks.

Are Some Websites More Vulnerable Than Others?

Some of the most recent statistics available highlight the fact that “WordPress is used by 60.8% of all the websites whose content management system we know. This accounts for 23.5% of all websites.”

For more on this, please visit – http://w3techs.com/technologies/details/cm-wordpress/all/all

For this reason alone, it should come as no surprise that WordPress sites are often targeted by hackers but this does not mean that WordPress Content Management Systemswebsites are the only regular target.

Websites designed using:

  • Joomla
  • Drupal
  • Magento
  • + many others

Being particularly prone to attack, the likelihood that nearly all hosted websites are likely to see some sort of malicious attempt to disrupt their service at some point is very high.

How Do Hackers Attack?

Hackers are skilled at identifying common vulnerabilities related to any platform which can be exploited if software is not kept up to date and now have a number of different methods of attacking websites to gain the information that they require.

Below we have highlighted 3 of the most common:

Threat No. 1 – Phishing

Many people have heard the term ‘phishing’ before but do you know what it actually means though and if so, are you aware of the dangers posed by a phishing scam?

Essentially, the purpose of a phishing attack is to steal a person’s login and password details so that the hacker can take control of the victim’s social network, email and on-line bank accounts.

The image below shows just how much the information which can be taken via a website hack can be worth.

How Much Is Your Data Worth

What Makes This Method So Effective?

A recent article highlighted the fact that up to 70% of internet users still use the same password for most, if not all, of their on-line accounts, and this is Keeping Credit Card Details Safewhat makes phishing so effective.

Once the hacker has gained the required login details, they will have the ability to access multiple private accounts and manipulate them for their own good.

The types of information hackers try to obtain via a phishing attack often include credit card numbers, passwords, account numbers and many other types of personal information.

Common Phishing Attacks

A person can attempt to extract valuable information from an unassuming individual in many different ways. A few are listed below:

  • Emails
  • Text Messages
  • Instant Messages
  • Telephone Calls
  • Pop-Ups

How Can it Infect My Site?

If hackers can gain access to your website, they can create new areas or pages on your existing site designed to fool users into providing their personal details.

Employing up to date online security measures are essential to ensure that this does not happen.

Threat No. 2 – Malware

Malware (or malicious software to give its full name) is used to attack a person’s computer in order to spread a bug onto other people’s devices and Malware-Attacksprofiles. Malware also has the ability to infect a computer and turn it into a botnet, which means the hacker will gain the ability to control the computer and use it to send malware to others.

Malware can be extremely dangerous due to the fact that it can often be very stealthy, working away in the background without the knowledge of the user for an extended period of time stealing information.

How Can it Infect My Site?

Spyware or other variations of malware is sometimes found embedded in programs supplied officially by companies, e.g., downloadable from websites, that appear useful or attractive, but may have, for example, additional hidden tracking functionality that gathers marketing statistics.

No. 3 – Spamming

Spamming is when a cyber criminal sends emails designed to make a victim spend money on counterfeit or fake goods. Botnets, such as Rustock, send the majority of spam messages, often advertising pharmaceutical products or security software, which people believe they need to solve a security issue which doesn’t actually exist.

Are Phishing & Spamming Linked?

Phishing and spamming are often linked due to the fact that once a phishing attack has been successful, hackers then have the opportunity to use the details obtained to send e-mails which appear to have come from a legitimate company as they look very official.

It is surprisingly easy to fool unsuspecting people into providing credit card numbers, account information etc in this fashion in hopes of rectifying some nonexistent catastrophic problem with an account.

The sense of urgency and impending doom created by the email sender is done intentionally with the hope of coaxing the recipient into taking immediate action by providing all requested information or face dire consequences.

How Can We Help?

Because of the ever changing and evolving method of attacks, vigilance is the primary weapon against all forms of hacking. Online Security

To help this guard against attacks on your website, we are offering a service which will regularly update all of the plugins/patches and software versions used within your website to ensure that any vulnerabilities which may be targeted by hackers are removed.

We are also offering an emergency restore and removal service (restore the site back and remove the malware/virus).

Contact Us

For more on these services and how they can help you, please contact us on Tel. No. 01883 372488 or via e-mail info@footprint.co.uk at we will be happy to run through your options.

Currently Browsing: Gone Phishing?
By | March 9th, 2015|Security|Comments Off on Gone Phishing?
Top