Hacked

...now browsing by tag

Website Security – Has Your Site Been Hacked?

Tuesday, December 15th, 2009

Everyday I hear about another friend of mine whose website has been hacked into. It seems like website hackers are more and more prevalent. The ironic thing is that, at least looking at percentages, many of us as website owners still aren’t taking the necessary steps to keep our sites secure.

The biggest reason why our websites are getting hacked into is because of what I call “unreasonable indifference.” We know that security scanning, like that offered by Trust Guard, can look for over 30,000 vulnerabilities that hackers can and often do use to compromise our websites. But few of us do anything about it.

It’s like knowing that if we don’t brush your teeth, they will all rot out, and still not brushing our teeth! We know that vulnerability scanning can find issues and will give PCI Compliant reports for us to repair with our hosting companies, keeping us safe from hackers. It’s time we grab the toothbrush and start brushing! In other words, it’s time we contacted Trust Guard and started scanning our sites on a daily basis.

Hackers continue to find ways to compromise our websites’ files and folders. We can keep our sites safe by scanning them for vulnerabilities that hackers use. When hackers see that our sites are scanned on a daily basic by Trust Guard, they are more likely to turn away and try to hack into someone else’s website.

Trust Guard Security Scanned Seals are like having signs on our lawns and front doors stating that we have a 24 hour alarm system. These seals, when displayed at strategic places on our websites will decrease the number of outside attacks. To me it just makes sense. If we have a website, it needs to be scanned. And the most inexpensive, most effective, most convenient way to scan our sites for vulnerabilities against hackers is through Trust Guard – The Leader in Website Security and Verification. Don’t be another of several friends who have told me that their website was hacked into!

Posted in Website Security | No Responses »
Tags: Hacked, Hackers, Outside Attacks, PCI Compliance, PCI scanning, security scan, Vulnerability Scanning, Website Security

What It Means To Be PCI Compliant

Tuesday, November 24th, 2009

I was asked the other day if getting a PCI Compliant Website Security Scan from Trust Guard was all I needed to do to acheive PCI Compliance. The answer is no – heck no! There are several aspects of PCI Compliance that the Security Standards Council has created through their Data Security Standard. Vulnerability Scanning from Trust Guard is just one area of compliance as outlined by the payment card industry. To see other areas of need, you can look at this chart, or this page on passwords, or here for a PCI Compliance Table. You can also read the book: Acheiving PCI Compliance: A Guide For Understanding And Complying With Data Security Standard For Merchant Levels 2, 3, and 4.

Posted in PCI Compliance | No Responses »
Tags: Approved Scanning Vendor, Become PCI Compliant, Data Security Standard, Hacked, Hackers, Outside Attacks, PCI Compliance, PCI Compliant, PCI scanning, security scan, Security Standards Council, Vulnerability Scanning, Website Security

Hey, Mr. Gullible, Stop Sharing Your Password!

Tuesday, October 6th, 2009

In our never-ending attempt to keep our offline businesses and online websites free of inside and outside attacks, we must never lose sight of the benefits associated with effective passwords.

Sure, anti-viruses protect computers before they go online, and once online, SSL certificates serve their purpose. Security scanning and verification services such as Trust Guard not only keep hackers away, but also let online consumers know that sites that display trust seals are safe. However, effective passwords will protect most areas that online hackers and office troublemakers want to infiltrate.

Much of the “hacking” that is going on in the business world today is from people that work in the same office! The all-too-common statement: “Hey buddy, I need that file, what’s your password?” is penetrating the once-protected personal and professional documents of the gullible and trusting.

The Payment Card Industry (PCI) requires that website owners assign a unique ID to each person with computer access, then requests that they set a private password. As with any computer action, knowing who is accountable is critical when it comes to handling credit card transactions. And how can you know who is responsible if you’re sharing passwords? For more on PCI compliance requirements and the PCI’s Data Security Standard (DSS), visit www.pci-compliance.us.

The act of sharing passwords has gotten more people in more legal and financial problems than any other business issue. If an important file or folder is taken, using your password, how will you show that you didn’t take it? If something is done wrong by someone else, like compromising a document, or transferring accounts comprised of financial or monetary data, and it is done with your password, it is extremely difficult to prove that you were not involved.

Keep your password safe. Whether it is locked up in a physical or online safe, in a personal binder that never leaves you, or in your head, you should keep your password in an environment where others won’t be able to locate it.

In addition to making an individualized password and keeping it private, you should make it at least seven characters long. Shorter passwords are easy to steal from passersby. It should contain upper and lower case letters, numerals, and special characters. The more you mix up the password’s numbers, letters, and special characters, the better. One of the numbers or special characters should be in the second through sixth position (not first or last).

Change your password often – no matter how safe you think it is, and make it significantly different from prior passwords. I had a boss once who told me that he had the same password every month, but only changed the last numbers of it to reflect which month it was. I think “tootrusting11” was the password he used for November! I do not recommend using his system.

Do not use a common name or a common word as a password, and refrain from using your own name or username. Spouse, children, and pet names are also ineffective. Thousands of documents have been stolen or compromised by passwords like “password”, “business”, and “Ultimate Frisbee”. Wrongdoers have guessed passwords including the company’s name or industry – and surprisingly, their guess was right.

In short, along with keeping your website’s SSL active and performing PCI scans through Trust Guard, you should create unique passwords, change them often, and keep them private. Stop being Mr. Gullible.

Posted in PCI Compliance, Website Security | No Responses »
Tags: Become PCI Compliant, Hacked, Hackers, Outside Attacks, PCI Compliance, PCI Compliant, PCI scanning, security scan, Vulnerability Scanning, Website Security

Security, Privacy, & Business Identity are Huge Concerns

Tuesday, September 29th, 2009

Build Trust – Increase Conversions

To increase conversions and get more sales, you want to establish the highest level of trust that you can. Trust Guard does this by addressing the three major concerns your visitors have:

SECURITY – Is your customers information safe? Do you use SSL to protect private information as it’s transferred from user to server? Do you have PCI Scanning to protect your website from hackers and vulnerabilities?

PRIVACY – Do you protect your customers’ privacy? Do you respect their information and will you keep it confidential? Is your Privacy Policy accurate and up to date?

IDENTITY – Who is behind your website? Is your company’s address, phone number, and email displayed on your website? Has this information been verified by a 3rd party?

If these concerns are resolved professionally and effectively, your site and data will be protected, you will build trust with your customers and add credibility to your website. Most importantly, it will increase your website’s conversions and sales! The most effective and easiest way to do this is by adding Trust Guard seals to your site.

Your customers will instantly know that your website has been evaluated, verified, and/or scanned by a reliable 3rd party when you add our seals to your website, and they will buy from you with confidence!

Posted in Website Security | No Responses »
Tags: Hacked, Hackers, Outside Attacks, Trust Guard, Trust Seals, verification seals, Website Security

Article on PCI Compliance

Friday, September 25th, 2009

If you would like to see the ezine article on PCI Compliance about Harold’s first conversation with The PCI Compliance Guy, go to PCI Compliance and Harold the Hacked Part 1.

To become a member of Trust Guard and start growing your business by keeping your site safe from Hackers, click here: GROW MY BUSINESS!

Posted in Harold the Hacked, Website Security | No Responses »
Tags: Hacked, Hackers, Outside Attacks, PCI Compliance, PCI scanning, Vulnerability Scanning, Website Security

My First Conversation with Harold

Wednesday, September 23rd, 2009

Good Morning!

Today I spoke with Harold. You might not have heard of him yet. He is only one in thousands upon thousands whose website was hacked into.

We just became the best of friends because I set him up with PCI scanning with Trust Guard. When visitors see his seals, more of them will become his clients!

I recommend that you do what Harold is doing and learn as much as you can about PCI Compliance – whether or not you process credit cards on your site!

Posted in Harold the Hacked, Website Security | No Responses »
Tags: Become PCI Compliant, Data Security Standard, Hacked, Hackers, Outside Attacks, Payment Card Industry, PCI Compliant, PCI scanning, Trust Guard, Vulnerability Scanning, Website Security

PCI Compliance

Keep your site safe from Hackers