The times when hacking attacks were unusual and only happened to big companies are over. Hacking private people and small or medium-sized companies has become a lucrative environment for many people with sufficient IT knowledge. That is why hacking is an issue facing almost everybody in the modern world. Often companies recognize the problem when it’s already too late and valuable data (or even money) is lost. I’d like to show you how you can detect that your website has been hacked and what you can do to prevent such vulnerabilities.
1. The browser alerts you about the hack
Your website or the browser might show signals or warning screens indicating that the website has been victim to i.e. a phishing attack. In this case, it’s best to assess the problem immediately and try to tackle it before your users uncover the issue. A best practice is to establish a plan for these events that contains the following measures:
- Save and shut down the website
- Restore the website from backup
- Carry out a forensic investigation on the safety issue
2. Your hosting provider takes the site offline
Often you don’t notice that you’ve been hacked — but your provider will know! Either they have been contacted by your customers or they have their own IT security service monitoring all the websites provided. They often take down your site without prior warning. This can destroy trust on both ends of your value chain, your customers and the service provider. As soon as you notice your site has been taken down, get in touch with your service provider and inform your users timely.
3. Customers contact you
If you’re lucky, your customers won’t directly contact your website provider but rather call you up or use the contact form on your website. Of course this means that these users are unhappy with your website, but it also shows that they have enough trust in you to fix the issue. And this is your time to re-earn that trust! Show them support and try to get to the bottom of that particular problem. You might find security breaches, you would have never known about.
4. Google flags your website
Google is continuously checking up on the websites they are displaying. So if they see unusual patterns or noteworthy changes, they may exclude your website from being shown in search results. In some cases they just put a flag on your links saying “This site may be hacked” or “This site may harm your computer”. That is why it is important to search for your own website every once in a while so that you find these unattractive links prior to your customers, suppliers or other business partners.
5. The site is loading more slowly than usual
If you feel like your website is taking unusually long to load this might be because of a higher activity on the site or the whole server. Malware could be using your servers resources, so if your website takes twice as long (or even longer) to load than usual, you might want to double check for unusual activities on your server.
6. Your E-Mails are sent to spam
The number of respondents to your latest newsletter was uncommonly low? It could be because your e-mails are sent to the spam folder of your customer. When hackers send lists of spam mails via your website, it is possible that your website is put on the black-list as well, so always follow up on your marketing activities.
7. Your website is used for unwanted redirects or advertisements
This could be a sign that your website might be compromised due to a Cross-Site-Scripting (XSS) attack. Hackers try to earn money through ad impressions on targeted sites or try to sent your customers to a competitors website. Similar to unwanted redirects, hackers could try to gain a profit by hosting paid pop-up ads through your website. Visiting your own website regularly may lead to finding the problem in an early stage.
How can I avoid these problems?
Visit your website as often as possible
Always checking up on your website makes it more likely that you are the first “user” to notice something odd. Of course you shouldn’t be browsing through each site each day but you can check your loading time every day for example (and your colleagues can, too).
Listen to customer feedback
Many companies document customer feedback through an integrated CRM system that shows them, what customers did and didn’t like about their service or product. Adding some questions on IT security or whether or not the customers noticed something uncommon, can help you find existing problems with your website.
Investigate unexpected traffic spikes
Usually a peak in traffic is something great! Especially if your revenue is generated by ad impressions on your website, you should be happy about higher visitor counts. But look at your analytics with caution and figure out where your traffic is coming from. Particularly if there is no reason why your traffic is increasing (for example because marketing campaigns and traffic increases are chronically separated) these visits should be monitored.
Use automated security scanners
Let’s be honest. You have way better stuff to do than checking up on your website or justifying whether or not your traffic is coming from your latest advertisement or from unethical hackers. There are simple and cheap solutions that monitor your website continuously and send you a notification if they find vulnerabilities.
For more information on how to secure your company and measures that anyone can use you can also check out our White Paper “Security Best Practices”!