The memory of winter starts to fade as the days are getting longer and the sun is getting stronger. The world seems to be a brighter place again. Unfortunately that is not the case for the virtual world. That world has become much darker lately, and today I was rudely reminded of that.
It started with a call from a client who was worried about all the spam emails that came in through their business website. I explained there are different ways you can protect yourself from unwanted emails, but that it would automatically mean legitimate (and perhaps not so web savvy) users would also have to jump through more hoops to contact them through email. So less spam for the website owner will translate into a more negative user experience. Pick your poison.
After this call I received an alert from our automatic security scanning service that one of our websites had been injected with malicious code. Luckily it was “only” a so-called blackhat SEO trick, where someone was trying to get a link from our website for a pharmaceutical keyword – and not an attempt to infect the computers of our website’s visitors. And we were not the only one targeted; thousands of websites have been infected like this in the past months and it is an ever-growing headache.
What’s even scarier is that many website owners aren’t even aware their sites have been hijacked. The links are not visible on the web page; but search engines see them – and perhaps penalize you for being a “spammy” site.
So how to find out whether your site has been compromised like this? You could start by checking your website’s source code manually on a regular basis, if you are knowledgeable enough. Or you could check your site in the search engines and see if Google is issuing a warning about the safety of your website. Mind you, the harm is already done by then; Google’s trust in your site will have taken a hit.
A more pro-active way to monitor the health of your website is to use an alert service. Security monitors can help you block suspicious attacks, check if your website server is still up-and-running and email you when malicious or spam code has been found. Then you or your web master can investigate and hopefully fix those problems.
It’s a new day in internet marketing – and a dangerous one. More and more hacking attempts make websites sitting ducks, and it is probably not a question of if you will be hacked at some point, but rather when. So you better be prepared by taking preventative measures to improve your website’s security, and making sure that you are aware of any problems as soon as they occur.
For more information: contact your web developer, or website optimizer Nardo Kuitert at nardo@ucwebs.com or 519-787-7612.
