Finally, The End of Adobe Flash

Security, Software, Web Wise

As I am typing this, 1000’s of companies across the world are actively disabling and uninstalling all instances of Adobe Flash. For Microsoft Windows 10 machines, Microsoft provided an update (KB4577586) that must be installed, to uninstall, its previously well-integrated 3rd party Adobe Flash product. Google Chrome Browsing already is removing it in its December 2020 update.

It was announced three years ago the day would come for the end of Flash, and here we are. Back in the day, I even dabbled in designing some flash components for use in websites. But luckily that was soon replaced with new web standards (HTML, CSS, JavaScript) which became the norm and are suitable for mobile devices, which Adobe Flash was not.

Some brief history for you history buffs.

The internet was once a land of text blocks and dreary backgrounds. But everything changed in late 90’s when a company called Macromedia acquired an animation tool called FutureSplash and rebranded it as Macromedia Flash 1.0.

Then In 2005, Adobe acquired Macromedia for $3.4B and set out to make it even more ubiquitous. The true downfall of Flash began in 2007, when Apple decided not to support it on the new iPhone. In 2010, Steve Jobs penned the famous open letter “Thoughts on Flash,” which laid out a viscious critique of the technology:

  • Rapid energy consumption
  • Poor performance on mobile devices
  • Security dependence on one company (Adobe) made it a huge risk

Flash simply wasn’t made for the rising mobile world. And soon, new web standards (HTML, CSS, JavaScript) became the norm.

Fast forward to 2017 when Adobe announced it would discontinue Flash. It offically ended end of 2020 (Dec 31, 2020). Just like there are still pockets of Windows 7 devices out there, there will more likely be pockets of Flash for those applications that built around it vs the other way around.

So if your reading this and you haven’t yet, make sure to install Microsoft’s update (KB4577586) and the latest Google Chrome Browser to remove the security holes, Adobe Flash provides free of charge, to Windows devices.

Password Protection Tips: How to Protect Your Investments from Online Threats

Security, Web Wise, Website Tips

Regardless if you run a business or organization, you will no doubt have a slew of passwords to gain access to various online platforms. If you’re a client of ours, you will typically have several depending on your situation and services purchased. 

For example, one login is needed for the secure client billing and account area, where you can see what services are active, purchase additional services, view invoices and pay invoices etc.. Another login may be to access your website’s CMS [ Content Management System ] so you can make updates to the website’s content to keep it fresh and updated. Another login will be used for your domain email if you have business email services active with us.  

Now imagine if you handed those logins to a hacker with mischievous intents. They could do some damage very quickly, such as defacing your website, changing all passwords so you no longer have access, sending spam email, and more resulting in a temporary suspension for all services until resolved. A costly headache for sure.  

Strong passwords [ How to create a strong password ] serve as a main line of defense for Northwoods Web Designs customers and their various login accounts.  So why are strong passwords recommended? 

Because cybercriminals have a variety of tools and techniques at their disposal to crack passwords, including the following. Fortunately, there are steps you can take to avoid falling victim to these tactics as provided below.

Keyloggers: One of the most effective tools cybercriminals employ is keylogger malware, which records what you type and sends this information back to them. Because keylogging can be used to directly steal passwords, the best way to address it is to avoid infection with such malware in the first place. Keep your system (pc & phone) up to date with security patches, use antivirus and antimalware programs, and don’t click on suspicious links that appear in emails or pop-ups.

Password dumps: Security breaches provide potential attackers with a treasure-trove of data including user IDs, passwords, birthdates and even Social Security numbers. To minimize your risk, never reuse old passwords or share them between different accounts, and change your passwords annually or when required by Ascension.

Brute force attacks: An inelegant but effective password cracking technique involves attempting to log onto an account with a list of commonly used passwords, such as 123456 and p@ssword, which unfortunately are still used by some today. For accounts that will lock users out after multiple failed attempts, cybercriminals use a tactic called password spraying, which involves spreading out their guessing attempts over a longer period of time to avoid detection. 

Complex, long passwords remain the best way to thwart such attempts. Attackers start with common passwords and phrases such as password123 or iloveyou, so avoid these as part of your passwords. Northwoods Web Designs recommends passwords that are at least eight characters in length and contain three of the following whenever possible: upper- and lower-case characters, numbers and special characters such as ! or %. 

Password resets: Another way cybercriminals bypass passwords is using the forgot password feature. To ward against this tactic, keep your account recovery information up to date. Use only confidential information as the response to security questions an account asks you to answer, avoiding information that might appear on social media sites such as your dog’s name or your favorite hobby. 

By understanding the tactics used by cybercriminals will help showcase how important it is to use strong passwords and be aware of what you may be clicking on when on your computer or phone, to assure your passwords are secure and your investments are safe. 

Have you ever been compromised before? We would like to hear your story, let us know in the comments section below.

How to Increase Purchase Conversion Rate to Buy Your Products – eCommerce Store

Web Wise, Website Tips

Launching a website to sell products is an exciting time for any business. Especially a new business. You have a product, or products, you know is great, many have told you so, and now you want to open it up to the world.

So ideally you contact us to provide you a professional turn-key eCommerce site that puts you in the right direction.

But one of the first things that new businesses find out when launching a website to sell products is that sometimes its hard to get folks to buy the products, that you know is great.

Just because you have a great product and suburb designed website, like the ones we build, there are still many factors that play into the purchasing decision of the visitors.

Even if your sales are pretty decent, it comes to a point where you view the website analytics (which we provide with our Web Care Services Plans ), and would like to increase the conversion rate.

What do you mean conversion rate? 

Let me explain. Say in a period of a month, your website analytics shows you had 200 visitors, but you know you only had 10 customer purchases. In short this translates into you having about 190 folks that visited your site and decided not to make a purchase.

Which all honestly, that may be fine, as some may be landing on the site just wanting to know more, and are now shopping around. Eventually they may come back. Or it could be competitors checking the site with never an intent to purchase.  So take the numbers with a grain of salt.

You want to increase this conversion rate (who wouldn’t), but how?

We have compiled our tips we have provided in the past and include them below for free (some folks will charge for this marketing consultation).  So try these suggestions one at a time to validate what is working, and what doesn’t. Or implement all of them to get the most out of your eCommerce sales.

  • Make Sure You are Leveraging Sale Prices
    • Many eCommerce sites, like the ones we build, provide functionality so you can add a regular price and a sales price. Make sure to leverage them.
    • Consumers like feeling like they are getting a savings, regardless if they actually are. Its called consumer optics.
  • Temporary Decrease the Price of Product(s)
    • Competition/pricing play a major role in successfully selling like products on the market.
    • For testing pricing conditions, you can drop the prices by 25% for a period of one month and see if there is a change.
    • If you see sales increase, you may have found that your normal price is a price that folks are not willing to pay for the product.
    • One trick, is to reduce your product to fit in that price range. If your price that was not selling including 10 items, change the product to only include 7 and keep it at the 25% reduced price that seemed to sell.
  • Entice Folks with Coupon Functionality (price discounts)
    • Everybody likes surprise discounts
    • We can build in the coupon functionality into any site, where a gentle (one-time per visit) pop-up occurs either having them email for a coupon, or presenting the coupon immediately, forcing them to continue to purchase to save money.
    • Keep the pop-ups minimal, and keep in mind, many folks are utilizing mobile devices so it must be done well, and don’t aggravate the visitor with additional pop-ups, scroll things or other things. The website should sell itself as is (if built by Northwoods Web Designs).
  • Promote the Darn Thing
    • This isn’t a baseball field, just because you build it, does not guarantee they will come.
    • Want more free marketing advice? Make sure check out the Official Social media Platform Checklist for Best SEO & ROI of your eCommerce Site.
    • If your selling food products, get out and go to trade shows or the like that are related to the products you sale.
    • Get your business card out there, get the word, many of the biggest sites on the internet started from local word of mouth which drove sales online and eventually spread.

Hopefully these tips and suggestions will prove useful. If there are any additional ones you think should be added, please leave a comment.

Chrome 68 is here. All HTTP sites will be marked with ‘not secure’

Web Wise
Well, its here. On July 24th, Google officially launched Chrome 68. With new features and security enhancements, Chrome continues to leverage its market dominance to push for a safer and more secure internet. From the beginning, security has been one of Chrome’s core principles and one of the biggest changes in Chrome 68 is displaying ‘Not Secure’ warnings for websites not encrypted with HTTPS ,or those sites without a SSL  { What is an SSL Certificate?}. Nearly two years ago, Google announced that Chrome would eventually start marking all sites that are not encrypted with HTTPS as “Not Secure” as an attempt to motivate site owners to improve the security of their websites. With the release of Chrome 68, this has now become a reality. Starting in October 2018, Google plans to start showing a redNot Secure” warning when users enter data on pages that are not served using HTTPS.
Read More

Important Notice Expiration Notice For Your Domain Scam

Security, Spam Hall Of Shame, Web Wise

As we know there are people all over the world using different unethical tactics to try to obtain money from unsuspecting victims. Some do it without actually breaking the law. Such as leveraging these bogus domain expiration emails that are pouring in to unsuspecting business owners email accounts.

If you received a similar email such as the one below, and wondering what you should do, read on to find out more.

First, how are they getting all your companies information? Well that is easy, as every domain name registered displays the registrants personal email, company address, phone number to the public.

You can find your public listed information by typing in your domain name at the official ICANN Domain Name Registrar site: Unless you purchase additional services to hide it or have a reputable web firm registrar it on your behalf, its fair game.  We offer both secure domain registration options for our clients.

These folks that send these emails scrape the internet for this public information, even get triggered when new domains are registered so they have all the info needed, including your name, email address, home address and when the domain expires, which is all used against you.

Next, they add fear and limited time to the equation. The whole email structure is to capture fear that something is going to happen if you don’t respond. So the next step is to have you quickly read the headings, since they know your busy and don’t have time to read the whole thing.

They figure you know you need a domain name to properly display your website (and keep your email working), so they state its going to expire.

Here is the fine print:

This important expiration notification notifies you about the expiration notice of your domain registration for search engine optimization submission. The information in this expiration notification may contain confidential and/or legally privileged information from the notification processing department of the Domain Seo Service Registration to purchase our search engine traffic generator. We do not register or renew domain names. We are selling traffic generator software tools. This information is intended for the use of the individual(s) named above.If you fail to complete your domain name registration search engine optimization service by the expiration date, may result in the cancellation of this search engine optimization domain name notification notice.

But in reality, its a ploy to buy some type of SEO service service, which they don’t explain what that entails unlike our SEO service page.  I have tracked many of these types of emails coming from mail servers located in other countries outside the US.

So what do you do if you receive an email like this and its not from your website hosting or domain services provider? Simply delete it and/or mark it as spam in your email client.

What happens if you did fall for this and send them money for it? Technically consider it a lesson learned. As they will not provide a refund and they keep changing the company and email these come from to prevent action taken on them.

Hopefully this provides a little insight on these types of scam emails targeting specifically to business and non-profits that have websites.

Let us know if you have received a similar email or if you know of anyone who actually signed up for this in the comments below.