As you read this, thousands of hackers are working hard to hack your website and computer.
They are after your personal information, your social media accounts, and your website. Unfortunately, the safest measure to avoid hacking is to stay offline. Since that’s not feasible, you need to know what hackers do. Once you know that, then you can take preventive measures and worry a lot less.
Here are six popular hacker methods of attack:
Spamvertizing
When a site is hacked by spamvertizing, it means it’s included as a link in spam emails. The hacker has placed a piece of code somewhere on your site that redirects your viewers to a different site.
Why do they do this when they could simply send out emails with their own website link? Because spam filters have already flagged them as bad sites, and this way they can get more emails past spam filters.
The hackers will continue to spamvertize your site until it’s also flagged as spam and blocked, and then they will move on to a new site. This is when your web host will realize your site is spamvertized from complaints about the emails.
WordPress sites are common target as hackers go in search of new, uninfected sites to use for their spamvertizing.
Webcam control
Hackers are tapping into webcams around the world. To view some live action of webcam hacking, see Reddit’s list of controllable webcams. It’s hard not to when you know you can.
The scary news is there are ways for hackers to access your laptop camera or computer webcam without triggering the light that lets you know it’s being used. Despite all the claims otherwise, it appears there might only be one method to prevent this.
The most high-tech, failsafe way to protect yourself seems to be covering your camera lense with a post-it note or piece of tape. I used an expertly cut piece of Miss Kitty duct tape.
Phishing scams
Most of us wonder how anyone could fall for phishing scams. Those too-good-to-be-true emails that claim you have won a contest, job offer, or have money in an overseas account. Really?
Surprisingly, thousands of people fall prey to this each year, which is why these scams continue to flourish. Whenever you receive an email from an unknown source who is requesting information, never give anything away.
It’s no different than when you receive a phone call. You never provide any personal information to anyone unless you made the call to a verifiable number.
If you suspect your site is hacked with a phishing scam, call your web hosting company for assistance.
Trojan horse
Another use of phishing emails is the Trojan horse, where the hackers insert a virus into your computer. This virus can then send out spam email or attack other computers.
The virus is installed when you click on the file. Refrain from clicking on any link or opening any attachment. No matter how official the email looks, always go directly to the website to search for and open whatever is being offered.
Even if an email appears to be from someone you know, check with the sender to see if it’s valid before opening any attachment or link, particularly if there is little text included.
This scam can surface through social media with infected links. Be particularly wary of popups that tell you to update software or your video player.
Password hacking
The real trouble with password hacking doesn’t lie with intelligent guesswork. Most of the time, it involves data breaches at your web hosting company or another website that you’ve used your password with.
Sometimes, the hacker uses a virus embedded in your computer to access your system and record your passwords. Another method is to correctly answer your security questions. A simple way to avoid this is to supply answers that aren’t at all related to the question.
The bottom line is to create strong passwords, and to have different passwords for different accounts.
Open WiFi
Your business and home WiFi should be encrypted so outside users can’t connect. To be extra secure, set up a guest password with a separate guest password so your guests won’t have access to your files.
Once on your network, hackers and neighbors can surf to bad websites and download illegal files. They can see and record your activity and steal your information.
Just follow your WiFi router’s manual for instructions. When you’re in a public place, disable the WiFi if you’re not using the internet.
What to do about it.
Up-to-date security software
This is an absolute must. Security software will detect and prevent many viruses before they are installed. Be sure to keep it current at all times.
Plugins
Wordfence is my personal favorite WordPress plugin. They are a front line defense against hacker attacks. If for some reason hackers manage to slip through, Wordfence will alert you.
You get a lot of excellent site protection with the free version, and the paid features do even more, including early warning systems for spamvertising.
Google Webmaster Tools
This is a handy way to check and see if you’ve received a security threat. Go to your verified website in Google Webmaster Tools and click on Security Issues in the left side bar. It will let you know if they’ve detected any.
Cross-site Malware Warnings
When Google detects a site contains malware, it alerts users who are visiting the site with a browser warning. This lets users know that the content they are loading from a site has been identified as malicious.
Sometimes a site isn’t flagged on Google’s Safe Browsing list as unsafe, but there’s still a browser warning. This happens when a website has loaded content from a different site that contains known malicious content.
This is called a cross-site warning, and you will see this warning image:
If this occurs on your site, Google recommends locating and removing any reference to the domain that’s caused the browser warning. For more information on what to do, read Cross-site Malware Warnings.
Safe browsing site check
You can monitor the status of any site with the Google Safe Browsing diagnostics page. If you have any cause to doubt a site’s safety, this will help you determine if you should attempt to open it.