Log in


Categories » ‘Tales from the trenches’

Website hacking on the rise

Categories: Alerts Tales from the trenches WebMasters Tools
September 11th, 2009 by Pete

(Republished from Sept Succinct Update)

I’ve encountered several ‘hacked’ websites recently and thought it was important to alert you to this disturbing trend.

The two forms of web site hacks I’ve encountered are those flagged by Google and a more furtive cloaked hack.

Flagged publicly by Google
This embarrassing alert is shown to visitors if Google determines your site has been hacked
Google-virus-warning

I’m sure you agree that this is enough to scare off any prospective client, and so is commercially very damaging. Google displays this message if it determines your site has a connection with a known ‘malware site’.

Malware means malicious software, and these sites use devious software to attack security vulnerabilities in your PC when you visit the site. The Google Online Security blog shows that reported malware sites have doubled in 2009 to over 300,000!

Although embarrassing, Google’s message possibly avoids a costly litigious situation should a website visitor have their computer systems compromised and loose business as a result.

BTW Google will also freeze your AdWords advertising campaigns if your site is assessed as associated with malware.

Your website’s ability to promote your business comes to a grinding halt.

Cloaked hacking
Possibly more sinister because you don’t know your website has been compromised, these hacks use your site as a ‘link farm’.

The hackers add links from your site to their target sites to help improve the ranking of their sites. Read more about the value of links here.

The infected sites I’ve stumbled over have links to extreme anti-social and/or sexually explicit sites. Apart from draining your Google PageRank, the links in this case are thankfully not visible to your visitors, but are visible to search engines.
Consequently your site runs the risk of reduced search ranking because as Google advises in its website guidelines:

“…avoid links to web spammers or “bad neighborhoods” on the web, as your own ranking may be affected adversely by those links…”

So these apparently benign links can seriously erode your website’s search ranking.

Am I hacked ?
The most important aspect of this for business owners is how to detect and resolve any of this type of activity before clients or your business is exposed to any risk.

Google’s Safe Browsing Diagnostic provides a quick and easy test to to assess the current status of your site:
www.google.com/safebrowsing/diagnostic?site=

De-hacking your site
If you find there is an issue with your site contact your web developer immediately to address it.

Normally the fix is technically simple; either removing the bad code or overwriting your published website with your offline backup
You do have an offline backup of you website haven’t you?

Declaring ‘All Clear’
You could sit and wait patiently for Google to finally decide that you have eradicated the hack, but during this time your site continues to scare off new and existing customers.

Google WebMasters Tools provides a reconsideration lodgement facility to formally advise Google you have removed the hack. I note also that Bing now has a similar process.

You will need to register your site with Google WebMasters which itself may require assistance your web developer and/or an internet marketer.
It all takes time but eventually you will get the business stealing alert message removed.

Hack Prevention
How can you prevent hacks? There is no simple answer; hackers are increasingly more sophisticated but here is a guide:

• Keep your PC’s virus and spam software up to date
• Change passwords regularly
• Store your website’s access details in a secure location
• Keep off-line backups of your site
• Monitor activity in your site
• Visit your own site occasionally

Summary
The internet provides global exposure to prospective customers as well as villains. Be vigilant and stay informed.

You can subscribe to the Succinct Update here

6 Comments »

Gawler Bookkeeper proves Online marketing really works

Categories: In the news Online Sales Opinion Tales from the trenches
June 3rd, 2009 by Pete

I was really pleased to see this story by Dean Allen from MYbookkeeping Services

Dean took some advise I provided in recent internet marketing presentation at the Gawler BEC & turned it into some international business by bringing together two of his customers, Living with Wildlife and Compliance & Competency Management

Now that’s really providing value to your clients! Well done Dean!

Read more on Dean’s blog

Tags:
No Comments »

Undercover Spam: "I visited your website and found…"

Categories: Alerts Tales from the trenches
May 28th, 2009 by Pete

A number of people have contacted me to seek advice after receiving an email typically starting with I visited your website and found it did not rank for <insert apparently relevant keywords here>.

The email finishes with an offer to get your website ranking in Google.

Client’s initial reactions are that this was a genuine pro-active service provided by the sender, and they felt some obligation to contact them and seriously consider their offer.

The harsh reality is that some software found your site, tested it against potentially irrelevant keywords and then composed and sent you that email.

There’s no caring proactive professional business person behind this; just a spammer using software to try to trick you into contacting them.

Yes, its  spam email masquerading as a proactive service from an allegedly reputable business.

The human(s) responsible are unlikely to actually know of your business; and probably don’t even know that their software sent it to you until of course you contact them.

Do a Google search and you will find that this spam has even been sent to Google themselves claiming to be able to help them improve ranking for  their website !

I think the WebWise blog best sums this up with a quote from Google:   ”reserve the same skepticism for unsolicited email about search engines as you do for ‘burn fat at night’ diet pills or requests to help transfer funds from deposed dictators.”

Tags:
No Comments »

Listen to what your website is trying to tell you!

Categories: Analytics Online Sales Organic search Tales from the trenches Website Analysis
May 8th, 2009 by Pete

I encountered a great example today of really appreciating what your website is trying to tell you.

Actually it is really what visitor activity tells you, and the only way to ‘hear’ this is through interpreting website statistics.

In this case the client had a temporary parking web page while they underwent the arduous task of implementing a new website.

Recently installed, Analytics (my fav web metrics tool) revealed that the site was attracting visitors from searches nicely aligned with this client’s business and in their target geography. Great news!

The bad news was Analytics revealed these visitors were immediately abandoning the site, apparently unimpressed with the parking page.

Until I revealed this today the business had no idea how many sales opportunities it had lost, and as you would expect, the website refurbishment is now a top priority.

How may sales leads are you loosing because you can’t hear what your website telling you ?

Tags:
No Comments »

Beware website changes that loose sales.

Categories: Principles Tales from the trenches
April 22nd, 2009 by Pete

An effective website is a work in progress.

The content changes to reflect the evolution in your business; your offerings, even your target clients. But sometimes changes can quite innocently have a catastrophic impact on your website’s sales effectiveness.

Let’s examine which changes to your site can impact its sales effectiveness:

« More »

No Comments »

Adwords phishing – Now the Russians are at it!

Categories: In the news Tales from the trenches phishing
November 6th, 2008 by Pete

As almost everybody knows there’s been some unscrupulous use of Chinese domains (.cn) to try to scam AdWords users and we’ve reported on this previously.

I know that numerous people have been caught out ! 

Yesterday with, Teri’s help I encountered my first Russian phishing attack, then lo and behold one pops into my inbox this morning so they are out there…

No Comments »

*Warning* AdWords ‘phishing’ continues

Categories: AdWords Alerts Tales from the trenches phishing
June 18th, 2008 by Pete

Please be aware that I’m still regularly hearing reports of people who have received AdWords ‘phishing’ emails.

These appear to be genuine communications from Google asking you to renew your AdWords account or update your AdWords payment details, but are in fact scams cleverly designed to steal your credit card details.

You can identify the bogus emails by carefully rolling your mouse over the link in the email to view the popup tooltip; then carefully examine the domain details.

The phishing emails typically link to a Chinese domain which is dot cn (i.e. .cn) rather than the domain it appears to be.

Please be vigilant and under no circumstances enter your credit card details. If you do, then contact your bank immediately to freeze your credit card.

If you receive a phishing email, forward it to phishing@google.com so the folks at Google can do something about stopping these thieves.

If you are in doubt about your AdWords account’s status you can check it online. Once your AdWords account is established, the only time you should have to re-enter payment details is when your credit card expires.

If in doubt, don’t click.

No Comments »

The Holographic website – A search disaster

Categories: Organic search Tales from the trenches Website Analysis
June 5th, 2008 by Pete

Recently I stumbled over a holographic website.

It looked like it was there, but it was really just a ghost, or at least that’s what Google thinks.

As I usually do, I quickly review sites for attendees from my “Tune your website for Salesâ€? presentations, and on this occasion the business had found they just didn’t seem to rank in any searches.

At the time we discussed the popularity of their relatively common business name, and I assumed that it was a typical case of organic competition. What a surprise I got !

« More »

No Comments »

Communication. What to do before your sitemap disappears.

Categories: Tales from the trenches
April 24th, 2008 by Pete

I had an interesting experience recently when Google Webmasters Tools failed site’s verification.

So what’s new you ask :) ?

 

On further investigation the website’s sitemap and robots.txt had disappeared too.  Arrghh ! Then when I tried to FTP into the site and this failed as well I new something was really amiss.

 

The long and short of it is that the client’s IT guy decided that the site should be moved to another web host… The tool he used to migrate the website must have assumed that websites only consist of html & jpg files and didn’t copy the sitemap, the webmaster authentication files, and robots.txt

 

I must admit that a webmaster verification file may look a lot like a corrupted file name in the heat of the moment so I’d be wary about it too if I didn’t know what it was about.

 

Next time GoogleBot visited the site it couldn’t find the sitemap registered for the domain and threw up an error. In the meantime Google Webmasters Tool was baying about site verification.

 

Its not the first time my work has been mangled by over-enthusiastic web developers &/or IT guys, but I have to confess to being pretty low key about it all

 

There was no permanent damage in this case, and on reflection the sitemap etc would have needed to be missing for quite some time before was some rnkaing ramifications.

 

I guess the lesson is that websites ARE becoming more sophisticated environments and there are several parties who should be consulted before adhoc changes are undertaken…

 

The other lesson here is to not assume.

As they say, to ASSUME is to make an ASS out of U and ME.

No Comments »

Does SEO tweaking attract Spam ?

Categories: Tales from the trenches
April 24th, 2008 by Pete

One of the dark consequences of a successfully ranking website appears to be that it not only attracts the attention of prospective clients but also exposes the website to spammers as well.

In our experience business sites previously untroubled by spam, find themselves receiving unwanted Spam attention after receiving a dose of SEM.

Before you leap into the fray with that accusational tone – no we haven’t listed the sites in spammy directories or undertaken anything remotely blackhat, grotesque or underhanded.

 

The sites in question have had some SEO tweaking; been registered with Google, Yahoo and Live’s WebMasters Tools or equivalent and are now running an AdWords paid search campaign.

 

Suddenly they become spamming targets.  I guess it does force the Webmaster to take steps to prevent email addresses from being harvested off the site…

 

If you’ve got a thought on why this may be the case I’d love to hear from you.

No Comments »
« Older Entries