Online Security: Hacking And Malware
Malware And Hacking FAQs (Information And Prevention)
What Do 'Malware' And 'Hacking' Mean?
Malware is short for malicious software and refers to any code that is intended to disable or compromise your security. Hacking refers to the process of gaining unauthorized access to a computer system (such as your personal email account, FTP login, website login, or hosting account), usually through the means of embedding malware into the system.
How Could I Get Hacked?
There are three primary ways that you could get hacked:
- Clicking on a suspicious link that automatically installs malware. Suspicious links might be found:
- In an email sent to you
- In a post on a social media site such as Facebook
- On a website page
- Insecure login credentials.
- Hacker takes advantage of a software security vulnerability.
Hackers may use various techniques such as 'social engineering' to make one of these hacking methods more effective.
How Can I Prevent Myself From Getting Hacked?
- Avoid clicking on suspicious links.
- Use secure login credentials.
- Keep all of your software up to date, such as:
- Your website software (like WordPress)
- Plugins and extensions that your website software uses
- Your personal computer's antivirus software (such as Norton Antivirus)
- (Recommended, Optional) Apply antivirus software to your website, such as SiteLock.
Important: Even when the most strict precautions are taken to prevent yourself from getting hacked, it is still wise to have a backup and recovery plan in case of emergencies. Hackers are constantly trying to develop new and unknown hacking methods, so it is best to keep yourself prepared for worst-case scenarios.
How Can I Tell If A Link Contains Malware?
The most common way a hacker will send you malicious links is through an email. Effective hackers will disguise these to make them look legitimate to encourage you to click on them. There will always be some sort of indicator to help you determine whether or not a link is safe to click on, such as:
- The email is sent from a source you are not familiar with or does not look legitimate.
- The email is sent to you along with several other individuals you do not associate with.
- The email has spelling and grammatical errors.
- The email is asking for you to click on a link to confirm payment or login information.
- When you hover over the link text, it shows a different URL than you would expect.
How Can I Ensure That My Login Credentials Are Secure?
See our Password FAQs.
What Software Am I Supposed To Keep Up To Date?
The software you use to build your website with (such as WordPress) requires regular updates to add new features, fix technical bugs, and correct security vulnerabilities. Leaving your website software outdated leaves it at risk for existing security vulnerabilities to be exploited. If your website builder utilizes plugins, make sure these are regularly updated too.
If you are using Weebly or Ecwid, we automatically keep your website software up to date for you. (Note: As of October 2020, the Weebly site builder will no longer be available to new customers.)
For your computer, always keep your antivirus software secure and up to date. Updated antivirus software can help you prevent and remove malware from your computer. If your computer gets infected, anything you access through that computer is subject to getting hacked.
Malware And Hacking FAQs (Backups And Recovery)
How Do I Know If I've Been Hacked?
Some hackers want to let you know that you've been hacked, so you may see your website replaced with a 'you've been hacked' page or something similar. Unfortunately, many hackers will not give you any indication that you have hacked, and you won't find out until your website becomes blacklisted.
You can also use a program like SiteLock to regularly scan your website so that you can detect hidden malware threats before your site becomes blacklisted.
What Do I Do If iPage Suspended My Site?
If iPage suspended your site due to the presence of malware; remove the malware in the websitescan.txt file which is usually found in /stats folder. The websitescan.txt file consists of all the files in your File Manager that are infected by Malware. Then, reply to the email you received regarding the malware suspension, or call in to notify us once infected files are cleaned up so that we may do a rescan. Once iPage detects that your site is clean, it will be unsuspended.
What Does It Mean To Get 'Blacklisted'?
Various services (like search engines and online directories) will scan to see if a website is infected with malware. If they discover malware, they will 'blacklist' the site to protect users from visiting it. The longer a site remains on a 'blacklist', the more its search engine ranking is damaged, and it may be removed from search results and directories entirely.
From a marketing perspective, getting blacklisted is one of the worst things that can happen to your website.
Suspected Compromised or Infected Website?
If you suspect that your website has been compromised or infected, please contact us. We will scan your website for any malware and email you the result. You can either remove the malware manually or get help through our website security partner, SiteLock Security.
How Do I Recover After My Site Gets Hacked?
If you regularly backup your site, restore one of your backups that was created before you were hacked. This will effectively 'undo' any changes that have occurred to your site since the backup was taken, including any malware that you have been infected with since then. Any backup you have that does not contain malware is considered a 'clean' backup, so you may need to go further back if restoring a backup doesn't remove your malware.
SiteLock's 911 Site Fix Service is another option and does not require you to have a backup of your site.
If you are skilled, you can also try to identify the malware yourself and remove it manually.
How Do I Backup My Site?