Web Hosting Box

The February 2011 “Email Security Report” was recently released by German email security firm eleven. The report highlights a temporary decline in spam toward the end of 2010 accompanied by the rise of virus outbreaks and botnet infrastructures. In the history of spamming, since 2003, there has never been such an extreme fluctuation in spam volumes as witnessed in December 2010 and January 2011.

On December 25^th, 2010, spam volumes were reported to decrease by 80 percent, remaining at that level until January 10^th, 2011. On this date, spam volume significantly rose six-fold reaching the levels prior to December 25^th. Simultaneously, the quantity of virus outbreaks rapidly increased indicating some type of collaboration.

The company states in the report these two events (spam and virus outbreaks) are related and the decrease is likely to be planned by the spamming community. Spammers took the time between these two dates to rebuild botnet infrastructures while replacing lost capacities. This defends these individuals from external factors. In turn, this task was accomplished by sending massive quantities of new virus, trying to infect as many computers and servers as possible.

Prior to the Christmas holiday, spamit.com was terminated while many botnets were eradicated. This is said to be a contributing factor to the major dip in spam. Other trends were reported including:

• The US is the leading source with 11 percent of the world’s spam
• Brazil produces 8 percent
• India and Russia share 7 percent
• Germany outputs 4 percent

In addition to the drastic increase of spamming and virus outbreaks following this break in nefarious activity, the report also stated that malware levels increased by 21.5 percent in the month of January. Therefore, these three malicious activities are unlikely to be coincidental. It is more logical that this was a planned event intended to rebuild and then release a significant amount of malevolent activity on the world.

This report is a vital aspect of the internet community. These statistics prove that there are many individuals or groups collaborating to wreak havoc on internet users. It seems with the shutdown of major components that are the source of spamming, viruses and malware, the attacks increase greatly as a result. It is unlikely spam, viruses and malware will ever completely be eradicated as there is always an expert out there looking to cause problems across the globe.

Although most people are aware of the fact that their personal computer can be completely destroyed by a virus if the proper antivirus software is not used, many don’t realize that websites are also just as vulnerable to viruses. Just as a virus can infect your computer’s hard drive and utilize your computers resources, the same thing can happen to a web server that hosts your website.  If you are a serious online business owner, then you may want to consider the following information pertaining to website viruses, how they are spread, and how they can affect the success of your site.

How Websites Are Infected

There are several ways a virus can infect your website, each one requiring the hacker to gain access to the Web server in some way or another. Although this may sound like a rare occurrence, it is actually quite common, and the hacker never actually has to do any manual work to accomplish this. The hacker starts by getting an online business owner to download a virus to their personal computer. Once the virus is on the computer of the website owner, it begins logging all of the keystrokes that they type on their keyboard. When they go to log into their web hosting account, their password is cataloged into a database automatically and the account is hacked.

How Website Viruses Are Spread

Once the hacker has access to your web hosting account they are free to install malicious scripts on your web server, which can be used to spy on your traffic sources, redirect your traffic, change the content of your sites, and infect the computers of all of your site visitors.  The virus uploads itself to the web server and begins installing itself on websites that are contained on that server. Thus, website viruses are more prevalent within shared hosting plans, as a single web server can be shared by hundreds or even thousands of webmasters. In fact, the website owner never even has to have a virus on their personal computer to have their website affected. The virus spreads from site to site within the Web server itself, and is therefore is often a security issue that web hosting companies must deal with on an urgent basis.

How Can Viruses Affect My Website?

Having a virus on your website can greatly damage the reputation of your online business, and ultimately result in a significant loss of traffic. Most Internet surfers have an anti virus software installed that will warn them when they’re about to visit a website that is infected with a virus. If your website is infected, the majority of visitors will be warned not to enter your site. Even visitors that do not have anti-virus software installed may be warned not to enter your site by search engines, which frequently catalog sites that are reported to be infected. Unfortunately, the majority of Internet surfers don’t realize that the website owner is just as much of a victim as the site visitors, and instead they assume that the site owner is responsible for hosting a virus on their site.

You’ve finally decided to join the rest of cyberspace and set-up a website to begin your e-Commerce venture.  Even though you’ve prepared detailed marketing plans, and a budget analysis to track online inventory, the one thing you neglected to spend some serious time considering is choosing a creative website domain name.  In addition, it’s just as important to take proactive security measures to prevent solicitors to track your every online move following the crumbs of your domain name.

Domain Privacy 101

Regardless of how much time you’ve spent coming up with a domain name for your website, chances are that it’s already been snatched by someone else with a similar related business.  It’s always a wise decision to jot down several domain names that would be appropriate for your website just in case the preferred options are taken.  Fact:  First options are rarely available!

Competitors are notorious for purchasing related domain names simply for their own personal gains in hopes of tricking potential customers into thinking that they are actually shopping from your website.   So, always be careful of competitors’ ploys just to make a few extra bucks.

Another issue that many newbie’s registering website domains fails to realize is that their personal contact is displayed for the entire cyber world to see when your associated domain contact information that’s connected with the domain account is viewable in the WHOIS database.  Remember that domain privacy is a feature that may be added on at the time of sign-up for any domain including: com., net, org., info, biz, etc.

Consider privacy protection as a knight in shining amour for those wishing to keep their WHOIS contact information private from potential identity thieves and cyber hackers.  The way it works is that specific details of your domain account are substituted with generic information, preventing your personal contact details from being revealed in the WHOIS public database for solicited purposes.

Personal Domain Security in the Home

In today’s Google-ish world, with just a few mouse clicks it’s virtually possible to knock on someone’s front door across the globe.  WHOIS search works much the same way as it generates personal names, physical addresses, and occasionally phone numbers based on personal web domain names.  Many individuals are acquiring a private domain registration to prevent annoying telemarketers and other unsolicited material.  The same is also true for entrepreneurs working from home.

Private domain registration is typically used in households in lieu of businesses ventures.  The greatest advantage of private domain registration is to protect your family’s or home-based business’ identity.  After the initial registration process of setting-up the domain name, essential personalized data is replaced with “proxy” domain register information.

Whether protecting your personal assets in the office or at home, domain privacy is a security vital tool to prevent cyber hackers from wrecking havoc on your business affairs!

For business owners leaving the doors to their stores wide open without proper security measures in place is no different than online business owners leaving their websites vulnerable to looters and thieves.

If You Build It, They Will Steal

The act of stealing website content is becoming such an issue that it’s now commonly referred to as “website hijacking.”  This increasingly sinister phenomenon is most detrimental to e-commerce website and other online business ventures.

As a business owner with an online venture to ensure that your website is protected against outside elements, encryption is the solution.  Encryption allows you to “lock up” the essential components of your website that you may not even realize are exposed to cyber thieves.

Typically, there are three main reasons website content is hijacked:

• To harvest e-mail addresses for spam purposes
• To copy design and layout content and code
• To reveal and/or steal payment method links to be circumvented/stolen

Harvesting E-mail Addresses

It’s a global consensus that spam is excruciatingly annoying.  It’s even more of a nuisance when spam bots stealthily invade your website with the intentions to seek information, steal e-mail addresses and destroy your company’s reputation simply by storing hijacked e-mailed addresses in a database with malicious intent to flood customers with spam.

While many tech savvy customers are able to distinguish between spam scams and legit e-mail messages; unfortunately, for many others, they unknowingly fall prey to costly scams.  Each year millions of dollars are embezzled when cyber criminals steal customers’ credit card information and identities are snatched by manipulative spam e-mails forwarded to e-mail addresses obtained by website hijacking.

Spam is not only an issue for customers, but it’s an even greater headache for business owners.  Spam is also responsible for:

• Loss of productivity for your staff;
• Loss of valuable server resources;
• Loss of revenue when important e-mails get lost in the shuffle.

Copying Design and Layout

Setting up your web host account and website requires many resources including time and money.  Although it takes days, if not weeks to complete the initial setup, however, you may be surprised to learn that it takes less than five minutes for your website content and source code to be hijacked with just a few simple mouse clicks.

Online entrepreneurs soon discover the answer if they don’t “lock up” the doors to their website’s content.  Open HTML source code is easily accessible with a few clicks, and the process of hijacking is as simple as copying, and pasting.  Often Java Scripts are installed to thwart potential cyber thieves from lifting code as the scripts block code from being viewed; however it’s only the first step as it doesn’t protect from software based queries.

Pocketing Payment

Not only can a thief steal credit card information from customers; thus tarnishing your reputation, hackers can also alter your source code diverting payments to their own accounts, leaving you a responsibility to provide products or services to your customer without receiving payment.  Encryption is a definite necessity in any online business venture, especially when protecting customers’ credit card information

“The Lock”

By using available software tools to encrypt website code prevents information from being hijacked.  Encryption is extremely effective against all  types of informational breaches, including software queries and spam bots. The idea being, even if thieves access the source, the code will be indecipherable.

Basic HTML encryption tools are readily available online for free.  For novices, encrypting may sound complicated, however, it’s relatively quite simple.  Once you find an online HTML encryption tool, simply copy your existing code into the tool and it generates a secure encrypted code within minutes.

Season shopping generates tremendous additional traffic to ecommerce stores. As a result, many cyber criminals see this as an opportunity to scam the unsuspecting public. Online shopping is simple, fast and convenient. Sites like Amazon.com are popular places to complete your holiday shopping list. To capitalize, some hackers have created customized, fake receipts for their users.

The users take these receipts and bring them to Amazon stating they never received their product, thus asking for refunds. If sellers are not quick to check the fake transaction, they could ship the items out to these cyber criminals without them every paying for the merchandise. Due to the chaos that accompanies the holiday season, now is the best time for crooks to dupe unsuspecting retailers.

Unfortunately, phony receipt generating software is available for free on the internet. As a result, many individuals are going to try to achieve fake merchandise by utilizing this program. The Amazon Receipt Generator.exe program is not new, in fact it has been circulating for a few months. The software creates fake HTML receipts sent to retailers. The interface is easy-to-use by providing a form that can be filled in to generate the receipt.

Required information includes:

• The date of the order
• The item name
• The order number
• Price
• Address information
• Country of origin

Once the “Generate” button is clicked, an HTML file of the receipt is generated and looks exactly like an Amazon.com receipt. The software does an excellent job of producing an exact replica of the receipt so the scam has the potential to work effectively.

There are methods retailers can do to check details and avoid being scammed. First, double-check with Amazon to ensure the order number is valid. Second, in the payment information section, payments made by Visa may have a few extra digits added to the credit card number.

This program has spawned many similar receipt-generating programs to begin circulation. However, simply check the main details of the receipt to avoid being scammed. Organized and vigilant retailers will be able to avoid such scams. It’s those that do not take the time to check the records that will have a problem.

This program is so simple yet is causing so many issues in the online retail industry. Although this should not affect Amazon’s reputation with customers, it could cause a problem with the retailers in the Amazon Marketplace trusting the company. Hopefully this is resolved so the merchants can return to selling without additional worry.