Not actively maintaining your WordPress site? That lackadaisical approach may have lead to the Mossack Fonsec breach.
What damage could a hacking incident could bring to your business…?
The devastating impact of an un-maintained WordPress site.
The widely publicized Mossack Fonsec data breach has exposed sensitive information for high profile clients with catastrophic consequences for Mossack Fonsec and their clients.
WordFence’s investigation of this high profile hacking has identified an ‘innocent’ out of date WordPress slideshow plugin was the point of entry (ie the ‘exploit’) hackers used to gain access to Mossack Fonsec’s computer system. From here the hackers also hacked into the organisation’s email server and so to 4.8 Million emails.
Hackers are everywhere!
Closer to home, this week my PC’s personal firewall alert ‘lit up’ when reviewing a website. It turns out that a ‘Mass Injection’ ‘trojan’ in another website linked to the site I was reviewing tried to compromise my PC. Wow! I didn’t even visit the remote site and it was attacking my PC! Thankfully I had a good personal firewall installed. The client representative didn’t…
Is a hacked website a business priority?
I immediately advised the client representative, but got a rather complacent response to my recommendation to immediately shutdown their website.
I was concerned about protect other website visitors from potentially having their PCs hacked, and also protecting the client’s liability in case this happened. Prospective clients visiting your website might remember your business if you crash their PCs, but will they do business with you anyway? – Maybe not…
Hackers damage your business, not just your IT
With hack attacks on the increase including ‘ransomware’ – where you have to pay to unlock your hacked computers or file servers – now is the time to take action to review your business exposure, should you loose your computer systems, file and email server or even your website.
Hack attacks create business liabilities
Consider your liability should your computer systems or website spread virus/trojans. Infecting your client’s computer network may not be good for the ongoing business relationship… You could even end up in a litigious situation.
WebSite Concierge Services
Succinct Ideas provides high performance, ‘hack hardened’ website hosting and website maintenance services to help avoid embarrassing and potentially commercially disastrous situations like Mossack Fonsec data breach.
Contact me to find out more.
A soapbox moment
Wouldn’t it be nice to have so much income that I’d consider offshore tax ‘shelters’… Hmm. If Ive got that much money do I have to rip off the tax system to get even more?
Robin Hood Hackers ?
Most hackers or hack attempts seem to be digital vandals. But then this hack target are tax cheats… Who is doing wrong? Maybe there’s a well-meaning ‘Robin Hood’ hacker out there exposing unjust activities. If there are, they are certainly the minority amongst hackers.
What are governments doing ?
Its notable that Mossack Fonsec’s tax evasion strategies operate globally and it seems their business model was known to governments and tax enforcement agencies around the world. Immoral but legal…
If the same level of zeal was applied in policing these schemes as is used in scrutinising small business and individuals, wouldn’t the tax burden surely be eased for everybody? I was stunned to see recently circulated data on how little (some) corporations contribute to the local tax…
Wouldn’t the increase in tax funds from solving this issue take pressure off our political masters? Couldn’t they then concentrate on ‘real issues’ rather than the ongoing political pantomimes about finding budget for essential services?
It seems I’m just another dumb small business owner and don’t understand…
How to remove toxic backlinks
/0 Comments/in Penguin, Backlinks, Rank Penalties, SEO, SEO Tips /by petePenguin 4 arrival imminent?
/0 Comments/in Penguin /by peteSpeculation is rife that Penguin 4 will rollout any day now…
Read more on removing unnatural backlinks
My new SuperPower – ‘Hacker Vision’
/0 Comments/in Website Hack Prevention, Hacks, WordPress /by peteI’ve gained a new SuperPower – I can see hackers attempting to break into websites. No I wasn’t bitten by a radioactive spider or zapped by an alien – all I had to do was install the WordFence plugin for WordPress.
…and now that I see the enormous amount of hacker activity, it’s frightening!
WordFence has revealed that my client’s sites are being peppered almost continuously from would-be hackers across the globe, and the chances are, so is your website.
Here’s just a couple of the hack strategies being used to break into sites based on the Wordfence firewall reporting:
Brute force attacks
Attempts to guess a userid and password and log into the site. Some hackers have managed to lock onto a login ID’s and now are trying 1,000’s of different password combinations to break into the site.
The lesson here is to:
Trolling for known exploits
I can see hackers also probing sites for ‘known exploits’ such as the Revolution slider exploit which very publically brought Mossack Fonsec’s tax
avoidancebusiness to its knees Read more hereThe lesson here is to:
Keep in mind that this activity is not from a person furiously typing at their keyboard, but from 100’s or even 1000’s of disassociated people who purchased and are operating hacking software. The software runs day and night, loaded with all known exploits – once it breaks into your site, who know what will happen.
Other hacker entry points
The frightening adjunct to this story is that WordFence can only sees the ‘public facing’ hack attacks to your website. As previously reported hackers are also targeting other entry points such as your web hosting account eg smtp (email) ssh (host console) and more.
If your web host is not actively managing the security of these systems your business web site is at risk of being hacked/vandalised/defaced or worse, visitors to your site unknowingly getting a computer virus infection.
Concerned? Call me.
If this is a concern for your business contact me to discuss our WebSite Concierge service.
Online Marketing Adelaide
/0 Comments/in Online Marketing Adelaide /by peteWhat is Online Marketing?
Online Marketing is the discipline of connecting a business with their prospective clients using the online medium.
Principally this involves
SEO is the process of making a website appear in Google searches. To achieve the Google ranking, the internet marketer undergoes a series actions:
1. SEO: Eliminate Google ‘issues’
Google claims over 200 factors influence the rank results for one of their searches. Google wants their users (ie people using Google) to have a good end user experience. If you site doesn’t give users this, it will not appear in searches as much as a site that does.
Google issue example – Mobile ranking
Mobile ranking is a recent example of this. Google will ‘de-rank’ a site in searches on a mobile phone if that sites isn’t ‘mobile friendly’.
Google ‘mobile usability tests‘ can be used to determine if a site is mobile friendly or not. If pages in your site fails Google ‘mobile usability assessment’ they are likely to rank less than otherwise.
2: SEO: Find your targeting keywords
This discovery process lets you find out what words your clients are using when they are searching for your products and services. Fortunately Google provides access to this information with it’s Keyword Planner tool. Here’s a simple guide for using this tool and a strategy document to help you find the best keywords.
3: SEO : Targeting your website
Targeting your site ensures Google will use it in for the searches that you now know are used by prospective clients. This process involves integrating your target keywords into the website using strategies covered in this keyword white paper.
Online Advertising
Online advertising in Adelaide has evolved from simple Adwords campaigns to sophisticated multi-channel online marketing
Google Adwords
Adwords has evolved from simple search based campaigns to now offering
Display Network advertising – image, animation and video advertising across a diverse range of on-topic websites
Remarketing – Show ads to recent website visitors to remind them of your brand or offer
Facebook
Facebook has now joined the online advertising fray with a model that is rapidly maturing. Facebook can tightly target ads using profile data.
LinkedIn
A recent entrant into online advertising, LinkedIn advertising has the ability to highly targeted business professionals
Hackers damage your Business, not just your IT
/0 Comments/in Uncategorized /by peteNot actively maintaining your WordPress site? That lackadaisical approach may have lead to the Mossack Fonsec breach.
What damage could a hacking incident could bring to your business…?
The devastating impact of an un-maintained WordPress site.
The widely publicized Mossack Fonsec data breach has exposed sensitive information for high profile clients with catastrophic consequences for Mossack Fonsec and their clients.
WordFence’s investigation of this high profile hacking has identified an ‘innocent’ out of date WordPress slideshow plugin was the point of entry (ie the ‘exploit’) hackers used to gain access to Mossack Fonsec’s computer system. From here the hackers also hacked into the organisation’s email server and so to 4.8 Million emails.
Hackers are everywhere!
Closer to home, this week my PC’s personal firewall alert ‘lit up’ when reviewing a website. It turns out that a ‘Mass Injection’ ‘trojan’ in another website linked to the site I was reviewing tried to compromise my PC. Wow! I didn’t even visit the remote site and it was attacking my PC! Thankfully I had a good personal firewall installed. The client representative didn’t…
Is a hacked website a business priority?
I immediately advised the client representative, but got a rather complacent response to my recommendation to immediately shutdown their website.
I was concerned about protect other website visitors from potentially having their PCs hacked, and also protecting the client’s liability in case this happened. Prospective clients visiting your website might remember your business if you crash their PCs, but will they do business with you anyway? – Maybe not…
Hackers damage your business, not just your IT
With hack attacks on the increase including ‘ransomware’ – where you have to pay to unlock your hacked computers or file servers – now is the time to take action to review your business exposure, should you loose your computer systems, file and email server or even your website.
Hack attacks create business liabilities
Consider your liability should your computer systems or website spread virus/trojans. Infecting your client’s computer network may not be good for the ongoing business relationship… You could even end up in a litigious situation.
WebSite Concierge Services
Succinct Ideas provides high performance, ‘hack hardened’ website hosting and website maintenance services to help avoid embarrassing and potentially commercially disastrous situations like Mossack Fonsec data breach.
Contact me to find out more.
A soapbox moment
Wouldn’t it be nice to have so much income that I’d consider offshore tax ‘shelters’… Hmm. If Ive got that much money do I have to rip off the tax system to get even more?
Robin Hood Hackers ?
Most hackers or hack attempts seem to be digital vandals. But then this hack target are tax cheats… Who is doing wrong? Maybe there’s a well-meaning ‘Robin Hood’ hacker out there exposing unjust activities. If there are, they are certainly the minority amongst hackers.
What are governments doing ?
Its notable that Mossack Fonsec’s tax evasion strategies operate globally and it seems their business model was known to governments and tax enforcement agencies around the world. Immoral but legal…
If the same level of zeal was applied in policing these schemes as is used in scrutinising small business and individuals, wouldn’t the tax burden surely be eased for everybody? I was stunned to see recently circulated data on how little (some) corporations contribute to the local tax…
Wouldn’t the increase in tax funds from solving this issue take pressure off our political masters? Couldn’t they then concentrate on ‘real issues’ rather than the ongoing political pantomimes about finding budget for essential services?
It seems I’m just another dumb small business owner and don’t understand…
Adwords Ads disappear from Google’s right hand margin
/0 Comments/in AdWords /by peteAdWords competition just hotted up significantly!
No right hand column ads
What does this mean for your online campaign?
Is it the end of ‘budget bidding’ ?
Conclusion
AMP is now key for mobile SEO
/0 Comments/in AMP /by peteAMP diagnostics now in Search Console
Google Search Console (previously ‘WebMasters Tools’) has released a new section under Search Appearance dedicated to AMP diagnostics.
If its in Google Search Console it Matters to SEO
My strong suggestion is that as Google’s SEO toolset now has these AMP settings, AMP is no longer some fluffy geek concept, but in fact should be seriously considered to maintain or improve your business website’s mobile ranking in Google going forward.
Mobile ranking is important for Onlines Sales
There’s very few market segments where mobile is not critical to online sales and for a while now Google ranks mobile searches and desktop searches independently. So if your marketplace uses mobiles when searching, then ideally your business site should maximise its mobile ranking to be seen by prospective clients.
Of course you could just throw money into online advertising to compensate for your website’s poor organic position too….
AMP = Fast Mobile = Google Goodness = Sales
Google has made it abundantly clear that fast is good so expect to see AMP compatible mobile searches to float to the top of search results and non-mobile compatible, and non-AMP sites disappear into the ranking depths.
AMP and WordPress
If your website, like the vast majority of websites today, uses WordPress implementing AMP may not as painful nor as expensive as you might think.
The folks from WordPress were part of the project that created the AMP standard and there’s already some early plugins and themes to ‘AMP up your site’.
Automattic AMP Plugin
As an experiment I’ve installed the Automattic (the folks behind WordPress) AMP Plugin in my site. You can see my previous AMP Post load as AMP amazingly fast here
Clearly there are limitations at this early stage, and the Automattic AMP plugin currently only processes posts – not pages. I’ll continue fiddling and report any relevant things here.
What should you do now?
Well I wouldn’t wait for my competitors to get their sites AMP’d that’s for sure. Speak to your web developer about what’s involved to implement AMP for your website. If they aren’t sure, I’m happy to speak to you or them to help out.
Additional reading:
AMP’ing up Website Speed for Mobiles
/0 Comments/in Internet Technologies, Rank Penalties, SEO, WordPress /by peteAccelerated Mobile Pages (AMP) is an initiative to improve page load times for mobile devices.
What is AMP ?
AMP aims to strip away some of the coding complexities – especially JavaScript – that have evolved to provide sophisticated web page functionality to provide leaner HTML which loads much quicker. The project is a work in progress, and yet to finalise how it will address a full range of current website functions such as eCommerce etc.
Page Load Speeds and Google ranking
Page load times are a key requirement on mobile devices where connection speeds vary with access to signal. Page load speed is also a Google ranking factor.
It seems inevitable that Google – one of the AMP initiative partners – will provide ranking preference to AMP compliant pages either on the basis of:
What does AMP mean for your business?
So as a business owner interested in attracting mobile visitors, the evolvement of AMP is something you and your web developer should keep a very close eye on. Early AMP adopters are likely to gain Google ranking advantages which will translate into business opportunities.
AMP Compliance Frenzy?
After the recent panic to ensure websites were ‘Mobile Compliant’ for Google’s underwhelming Mobilegeddon release in April, I can see there will be another round of web development frenzy to make sites AMP compliant to maintain or improve online commercial traction.
AMP Deployment Timing
The AMP project is clearly still evolving but there is already a Javascript replacement so I assume (somewhat naively perhaps) that simple (ie non-ecommerce) sites can be recoded to take advantage of the AMP project.
AMP and WordPress
WordPress, the world’s most popular website system have announced they are supporting AMP. If AMP can be easily deployed in WordPress it will significantly strengthen WordPress’ CMS domination.
Reading:
Using Adwords Ad Extensions? If not, why not!
/0 Comments/in AdWords /by petePaying good money to Google to show ads to attract prospective clients? Then it’s definitely worthwhile investing a couple of minutes to understand how Adwords Ad Extensions can attract more leads for you and your business.
Ad Extensions are small snippets of additional information added to your ads to encourage punters to click your Ad rather than a competitor’s. Here’s a brief video overview on Ad extensions:
Now you know more about Ad Extensions, this video shows you how to find out how well they are performing.
Cant see any Ad Extension data ? rush out and set them up now
Or maybe your Adwords Service Provider hasnt set them up for you!
Get them to do it now! Alternatively give me a call and Ill do it for you.
Be aware of BlueHost email phishing
/in Phishing /by peteEven the best of us can trip up occasionally – even techos!
A technical associate was recently deceived by a phishing email and ended up handing over his hosting details.
These devious emails look like the real thing to try to steal information from you like credit card details etc., but on this occasional BlueHost account details. See the email below – it looks real doesn’t it ?
To quick way of exposing many phishing emails is to carefully review the link to see if it actually goes where it appears to.
While the link above appears to be from BlueHost if you hover your mouse over the link, in this example the link actually goes to my-taid.ru (a Russian domain)