WordPress Plugins Found Hiding a Backdoor – Is Your Site Secure?

Hosting, Security, Web Wise

This is an unfortunate example of why you need a good maintenance plan for your website, such as our Maintenance +Security plans we offer.

Security issues that could degrade your site like this pop up for all types of websites powered by content management systems.  Not to scare anyone into spending money, but need to be aware and be informed of how your website may be at risk, regardless of what web company you happen to work with.

The backdoor code in all three plugins works in a very similar way by calling to a remote server and inserting content and links on the affected sites. Experts believe the backdoor code is used to inject hidden SEO spam (cloaked links) on affected sites that help improve the search engine ranking of other sites.

https://www.bleepingcomputer.com/news/security/three-more-wordpress-plugins-found-hiding-a-backdoor/




 

Beware of Phishing Attacks Pretending to be From Google or Bing

Security, Spam Hall Of Shame

Phishing attacks is typical done by email or spoofed websites , but being done by the phone is on the rise. Phishing is generally the practice of thieves trying to obtain personal information to help them use it in malicious ways.

Some customers have been reported being called and/or voicemail’s being left requesting to return a call stating they are from Google or Bing (or both).

First goal of any phishing attempt is to scare you into making hasty reactions such as telling you something bads going to happen unless you act fast. 
Read More

Beware of iDNS Domain Registrar Scam

Security, Spam Hall Of Shame

From time to time, some of Northwoods Web Designs (NWD) clients as well as ourselves, receive letters from fraudulent domain registrars.  We get asked about these from our clients, which tells me they have clearly deceived their letters pretty well to try to trick some domain owners into thinking a domain renewal invoice.

So we want to provide this information to protect you, whether you have registered your domain name with Northwoods Web Designs or some other provider.




These companies who send these letters, such as iDNS,  attempt to convince you into transferring or renewing your domain using their service. Which on average is 500% above the market rate for domain name services. 
Read More

Why Are Companies Still Getting Hacked?

Security, Web Wise

It seems to be a recurring theme lately. We either hear in the news or read on social media that some other company has been hacked.  We all heard about the big Target breach which leaked personal data of 110 million (1/3 of US population) customers.

But many other companies have been hacked as well, but don’t make the big headlines like the Target breach.  Recently Kickstarter (respected crowd funding site), Snapchat and Skype’s social media accounts are among some of the other companies joining the hack attack crowd.

There are two simple answers to why this continues to occur.

  1. Criminal hacking, AKA as Crackers, is a full-time business that operates 24/7/365. While you sleep their still working. And the focus for these “businesses” is to get real dollars in the fastest way possible.  So they focus on the most popular companies with the largest audience for greatest gain.
    Read More