Category Archives: Security

Enhancing Website Security for Your Peace of Mind

Hosting, Security, Website Tips

At Northwoods Web Designs, we are committed to ensuring the security and reliability of our client’s websites. As part of our ongoing efforts to provide our clients with the best possible website services, we are sharing some crucial items included in our Website Care Services to enhance your website’s security.

SSL Certificates: At Northwoods Web Designs, we prioritize the security of our clients’ websites. That’s why we implement Secure Sockets Layer (SSL) certificates to establish a secure connection between our clients’ websites and their visitors. By having an SSL certificate, we ensure that any sensitive data transmitted through our clients’ websites, such as personal information or credit card details, remains encrypted and protected from potential hackers.

Regular Updates: We understand the importance of keeping our clients’ websites secure. That’s why we proactively monitor and apply regular updates to our client’s website software. By keeping plugins, themes, and CMS versions up to date, we minimize the risk of potential vulnerabilities that can be exploited by attackers. You can rest assured knowing that we prioritize the security of our client’s websites by promptly checking for updates and applying them to protect against potential security breaches.

Website Backups: Our client’s peace of mind is our priority. That’s why we regularly back up our clients’ websites to ensure their security and reliability. In the event of a security breach or website malfunction, our recent backups allow us to quickly restore our clients’ websites to their previous state with minimal data loss or downtime. With our reliable backup system in place, our clients can focus on their business while we handle the security of their websites.

Spam and Malware Prevention: We take proactive measures to protect our clients’ websites from spam and malware. Our team deploys effective spam filtering and malware scanning techniques at both the server and website levels. By regularly scanning and cleaning our clients’ websites, we minimize the risk of potential security vulnerabilities and keep their websites running smoothly and securely.

Regular Security Audits: At Northwoods Web Designs, we are committed to providing our clients with the highest level of security. That’s why we conduct regular security audits and vulnerability assessments for our clients’ websites. By proactively identifying potential loopholes or weaknesses in our clients’ website security infrastructure, we can swiftly patch any vulnerabilities and keep their websites secure. Additionally, our penetration testing allows us to simulate real-world attacks to ensure that our client’s websites are protected against potential threats.

Requiring Strong Passwords: One of the simplest yet most effective ways to protect your website is by using strong passwords. We require strong passwords when accessing our technologies such as our Client Billing Area, or the Website Portal Dashboard where website edits are completed by our clients. We require using a combination of uppercase and lowercase letters, numbers, and special characters.

With Northwoods Web Designs, you can trust that we prioritize our client’s website’s security and take the necessary measures to benefit their online presence.

Interested in our Web Care Services Plans? We currently have availability and would love to welcome you to join our family at Northwoods Web Designs. With our top-notch website maintenance and hosting services, you can rest assured that your website will be secure, optimized, and running smoothly. Join our community of satisfied clients and experience the peace of mind that comes with knowing your online presence is in capable hands. Don’t miss this opportunity to elevate your website’s performance and security. Contact us today and become a valued member of the Northwoods Web Designs family.

Don’t Be Scammed – Ignore The Internet NetWORX Spam Letter

Security, Spam Hall Of Shame
4

If you own a domain name or someone has it registered on your behalf you will probably come across these devious letters in the mail.

They come from fraudulent domain registrars others who prey on people who don’t fully understand the domain registration service or directory listings in full.  So send letters in the mail about something expiring like your domain name or similar and request payment before “renewal” of something is up.

And because they know businesses and nonprofits are busy, many simply send these in the mail to their accounting folks (I know actual clients who did) to get paid.

We get asked about these from our clients, which tells me they have clearly deceived their letters pretty well to try to trick some domain owners into thinking a domain renewal invoice.

So I first wrote about this other iDNS mail letter a couple of years ago, but my clients and myself are still receiving these. Which is a problem. Why? Because it means many of you are still falling for the scam and paying these fraudulent scammers 300-500% higher cost to own the registration to your domain.





Why is this considered Spam? Because its unsolicited (you didn’t ask for it) and is a fraudulently deceiving letter, making you think the worlds going to end if you don’t transfer your domain name to them. In which after they own your domain name registration, they can jack your price higher/hold your domain hostage to force you to pay.

So we want to provide this information to protect you, whether you have registered your domain name with Northwoods Web Designs or some other provider. Here is the word for word mailing that you may receive. Hoping you are finding this from searching, ultimately protecting yourself from this spam company.

You can even fight against this by filing a BBB complaint. Here is the link to file a complaint against Internet Networx and read other complaints filed against this company.

These companies who send these letters, such as NETWORX,  attempt to convince you into transferring or renewing your domain using their service. Which on average is 500% above the market rate for domain name services. 


Read More

WHAT ARE PHISHING EMAILS? – BE AWARE!

Email, Security, Spam Hall Of Shame
Leave a comment

Northwoods Web Designs would like to make you aware of PHISHING EMAILS. Please be aware and do not click links in emails automatically. You have to do some investigative work to make sure it is from whom it states it is from. Unfortunately, there are so many scammers out there that pose to be someone when they are not. They are continually coming up with ways to scam you. The purpose of phishing emails is they want you to click the link, it brings you to a site and they will ask questions to obtain your information.  

In this particular example they are making it appear that it is to upgrade (so you think it is something you already have). Do not click the link but hover over the link (in this image the link is the orange button that states, auto increase storage space), you will notice it has nothing to do with Northwoods Web Designs, it may appear something like this:
.i.ie >> 24livenewspaper.com/third/?url=http://infoquota.eurofharma.com.pe/harma/index_hash.php
However, it may not be this clear, it may just be mistyped or misspelled so you have to check very closely.

If you are ever in question about an email that appears to have been sent by us, contact us (or whomever it states it is from, to verify) before clicking any links that the email contains.  

Finally, The End of Adobe Flash

Security, Software, Web Wise

As I am typing this, 1000’s of companies across the world are actively disabling and uninstalling all instances of Adobe Flash. For Microsoft Windows 10 machines, Microsoft provided an update (KB4577586) that must be installed, to uninstall, its previously well-integrated 3rd party Adobe Flash product. Google Chrome Browsing already is removing it in its December 2020 update.

It was announced three years ago the day would come for the end of Flash, and here we are. Back in the day, I even dabbled in designing some flash components for use in websites. But luckily that was soon replaced with new web standards (HTML, CSS, JavaScript) which became the norm and are suitable for mobile devices, which Adobe Flash was not.

Some brief history for you history buffs.

The internet was once a land of text blocks and dreary backgrounds. But everything changed in late 90’s when a company called Macromedia acquired an animation tool called FutureSplash and rebranded it as Macromedia Flash 1.0.

Then In 2005, Adobe acquired Macromedia for $3.4B and set out to make it even more ubiquitous. The true downfall of Flash began in 2007, when Apple decided not to support it on the new iPhone. In 2010, Steve Jobs penned the famous open letter “Thoughts on Flash,” which laid out a viscious critique of the technology:

  • Rapid energy consumption
  • Poor performance on mobile devices
  • Security dependence on one company (Adobe) made it a huge risk


Flash simply wasn’t made for the rising mobile world. And soon, new web standards (HTML, CSS, JavaScript) became the norm.

Fast forward to 2017 when Adobe announced it would discontinue Flash. It offically ended end of 2020 (Dec 31, 2020). Just like there are still pockets of Windows 7 devices out there, there will more likely be pockets of Flash for those applications that built around it vs the other way around.

So if your reading this and you haven’t yet, make sure to install Microsoft’s update (KB4577586) and the latest Google Chrome Browser to remove the security holes, Adobe Flash provides free of charge, to Windows devices.

Password Protection Tips: How to Protect Your Investments from Online Threats

Security, Web Wise, Website Tips

Regardless if you run a business or organization, you will no doubt have a slew of passwords to gain access to various online platforms. If you’re a client of ours, you will typically have several depending on your situation and services purchased. 

For example, one login is needed for the secure client billing and account area, where you can see what services are active, purchase additional services, view invoices and pay invoices etc.. Another login may be to access your website’s CMS [ Content Management System ] so you can make updates to the website’s content to keep it fresh and updated. Another login will be used for your domain email if you have business email services active with us.  

Now imagine if you handed those logins to a hacker with mischievous intents. They could do some damage very quickly, such as defacing your website, changing all passwords so you no longer have access, sending spam email, and more resulting in a temporary suspension for all services until resolved. A costly headache for sure.  

Strong passwords [ How to create a strong password ] serve as a main line of defense for Northwoods Web Designs customers and their various login accounts.  So why are strong passwords recommended? 

Because cybercriminals have a variety of tools and techniques at their disposal to crack passwords, including the following. Fortunately, there are steps you can take to avoid falling victim to these tactics as provided below.

Keyloggers: One of the most effective tools cybercriminals employ is keylogger malware, which records what you type and sends this information back to them. Because keylogging can be used to directly steal passwords, the best way to address it is to avoid infection with such malware in the first place. Keep your system (pc & phone) up to date with security patches, use antivirus and antimalware programs, and don’t click on suspicious links that appear in emails or pop-ups.

Password dumps: Security breaches provide potential attackers with a treasure-trove of data including user IDs, passwords, birthdates and even Social Security numbers. To minimize your risk, never reuse old passwords or share them between different accounts, and change your passwords annually or when required by Ascension.

Brute force attacks: An inelegant but effective password cracking technique involves attempting to log onto an account with a list of commonly used passwords, such as 123456 and p@ssword, which unfortunately are still used by some today. For accounts that will lock users out after multiple failed attempts, cybercriminals use a tactic called password spraying, which involves spreading out their guessing attempts over a longer period of time to avoid detection. 

Complex, long passwords remain the best way to thwart such attempts. Attackers start with common passwords and phrases such as password123 or iloveyou, so avoid these as part of your passwords. Northwoods Web Designs recommends passwords that are at least eight characters in length and contain three of the following whenever possible: upper- and lower-case characters, numbers and special characters such as ! or %. 

Password resets: Another way cybercriminals bypass passwords is using the forgot password feature. To ward against this tactic, keep your account recovery information up to date. Use only confidential information as the response to security questions an account asks you to answer, avoiding information that might appear on social media sites such as your dog’s name or your favorite hobby. 

By understanding the tactics used by cybercriminals will help showcase how important it is to use strong passwords and be aware of what you may be clicking on when on your computer or phone, to assure your passwords are secure and your investments are safe. 


Have you ever been compromised before? We would like to hear your story, let us know in the comments section below.