Book a Complimentary Strategy Session or call now (602) 900-8998

Spam E-mails From SEO Companies: What You Need to Know

by Leave a Comment

Spam photo

You’ve probably gotten them before: unsolicited e-mails that warn you about problems with your website or other aspects of your online presence. Frequently, the sender will detail “errors” that sound serious:

  • I couldn’t find your business in Google’s search results or your business was not on the first or second page of the results
  • Your competitors are outclassing you on these keywords
  • You have negative reviews on Yelp/Facebook/yellowpages.com and we can help you remove them and get more positive reviews

Some may be from legitimate SEO companies, but the vast majority contain either malware or phishing scams designed to get you to give up access to your website and/or financial information and hack their way into your email listings that contains vital informations about your customers/clients.

How We Are Addressing These “Errors”

We work with our clients to increase their revenue with constant, incremental digital marketing efforts. With their improved online presence comes stronger SEO results and most importantly, more leads for their businesses.

Though these spam e-mails can be alarming in tone, our clients can rest assured that we’re on top of their digital marketing:

  • We are always working on raising the profile of our clients’ businesses in Google search results. Moving up in the rankings won’t happen instantly, but the successes will be sustainable and our methods will be ethical and in line with Google’s recommendations.
  • Ranking for keywords is very important, and we focus heavily on it. More than simply ranking for just any keyword, however, we’re working on getting client sites ranked for keywords that are relevant and will get them leads.
  • Negative reviews are hard to take and do impact the reputation of a business, but simply removing themwhich many review sites won’t let you do, anywayis likely to garner our clients an even more negative response and may make it seem as though they’re dishonest or unable to take criticism. It’s much better for them to respond in a measured and transparent way, doing all they can to address the concern. Then people can see that the business takes responsibility for mistakes and addresses customer concerns promptly, which does a lot to soften a negative review.

What You Can Do

Unfortunately, it’s impossible to stop the flow of these kinds of e-mails entirely. If you receive e-mails like this, we recommend marking the e-mail as spam so that you don’t receive more from this person or entity. 

And if something you read seems to deserve investigating, please reach out to us. We have up-to-the-minute expertise in all things web and are happy to do research or give you the background you need to feel secure about your online presence.

The True Damage Caused by a Website Hack

by Leave a Comment

damage caused by a website hack

Finding out your site is hacked can be more than an annoying. According to new research conducted by Wordfence, a company that offers a WordPress security plugin, a hacked site can damage your search engine ranking for the long term—even after the site is cleaned up.

Here’s what else Wordfence’s survey uncovered about the damage caused by a website hack:

If Google knows your site is hacked, you will see a bigger drop in traffic

Sites that were flagged by Google as being hacked saw a 77 percent drop in traffic compared to the 45 percent average drop in traffic of hacked sites that weren’t flagged by Google.

What you can do: Check your website often. If you do get hacked, clean up the damage quickly before Google takes notice. If you don’t your site may continue to suffer from the attack.

If Google alerts you to the fact that your site has been hacked you can follow their steps to get back on your feet and then ask them to review your site. Unfortunately, the process of being reconsidered by Google can take up to a few weeks.

Even after you clean up your site, things don’t return to normal right away.

You would think that once you have cleaned up your site and secured it, things would return to normal. But the Wordfence survey found that less than half (about 40 percent) of people whose sites were hacked were able to restore their sites to normal within a day.

Since many individuals and businesses depend on their websites to generate leads, drive sales and connect with customers, this can be a real problem. Any time that your site is down can translate to lost profits and damage to your company’s reputation.

A hacked site can be expensive.

Of the hacked website victims surveyed, 14.4 percent paid a professional to return their site to normal after an attack. Also, since hacked sites can damage your search engine ranking, potential clients and customers might not be finding your site, leading to decreased sales. And you can’t forget about the cost of your own time spent dealing with a hack. Wordfence found that the average cost of a hacked site is $2,518.

What you can do to mitigate the damage caused by a website hack.

If you’ve been hacked, Wordfence has an online guide to help you clean up your hacked site and another one for returning your site to its former SEO glory.

The best way to ensure that your site doesn’t suffer long-term search engine ranking is to make sure it doesn’t get hacked in the first place. It might seem easier said than done, but the vast majority of website hacks could have been prevented. In addition to toughening up admin access and network security, make sure that you are protecting your site against common types of attacks such as cross-site scripting, distributed denial of service attacks, and leaked information. It’s also important to keep your site backed up at all times. That way if you do get hacked, you can restore your site to the most recent back up.

Wordfence has a plugin for WordPress that you can use to scan for hacked files and monitor what visitors to your site have access to. There is a free option for the plugin, but that version won’t give you access to many of the features that make the product useful.

If you don’t manage your company’s website, talk to the person who does and ask them what steps they are taking to make sure your site isn’t at risk. And regardless of whether or not you handle your own website, keep yourself in the know about what’s going on in the world of hacking. Hackers are coming up with new ways to wreak havoc all the time and if you are educated about the attacks that are happening to other companies, you will be better equipped to protect your own.

 

At regenuity, we know the damage caused by a website hack can have direct implications for your business. That’s why we stay up to date on information about the latest ransomware, malware and internet scams. We specialize in building and re-designing websites for companies that want to improve their online visibility. Give us a call today at 602-900-8998 or book a free strategy session so we can start helping you get the results you want from your online marketing efforts.

What you need to know about Locky, the latest ransomware targeting businesses

by Leave a Comment

Locky Virus Targeting Businesses

You work hard to keep your business running smoothly, so we want to keep you informed of things that could potentially be detrimental to your work. There’s a new type of ransomware virus called Locky that has been making it’s way to thousands of computers over the past few weeks.

It’s one of many viruses that have been targeting businesses, hospitals and police departments in recent years—and it doesn’t seem to be slowing down anytime soon. What would you do if your law firm, doctor’s office, or personal computer got hacked? Here’s what you need to know about Locky to inform your teams and keep your business safe.

What is ransomware?

Ransomware is type of virus that prevents users from accessing their files. The creators of the virus demand money in return for getting your files back, which means getting a virus like this can be extremely costly.

If you hire a professional to try to piece your information back together, the process can be just as lengthy and sometimes even more expensive than paying the ransom—which many sources say you shouldn’t do.

How computers are getting infected

The virus arrives in your email inbox and looks like an invoice. When you click on the Word document that is attached and enable your computer to open the file, the virus takes over.

Here’s an example of what one email’s subject and message line contained:

The subject line: ATTN: Invoice K-56463223

The message: Please see the attached invoice and remit payment according to the terms listed at the bottom of the invoice

A Word document with the file extension .DOC is attached.

How to protect yourself and your business

Talk with your team about this. Ransomware is becoming fairly common. Just last month, a hospital in Los Angeles was locked out of their patient medical records for more than a week. The hackers wanted $3.6 million in Bitcoin, a virtually untraceable form of payment, in order for the records to be returned.

Have a meeting with your team to talk about the dangers of ransomware and other computer viruses. Let them know that this type of crime is happening to businesses often and that it could have profound effects if it were to happen at their own workplace.

What to look out for

Tell everyone to be extra careful about opening any attachments in their inbox and to never open an attachment from someone they don’t know. If the file format of the attachment is any of the old formats for Microsoft Office (.doc for Word, .xls for Excel, and .ppt for PowerPoint) then don’t open it at all. These extensions were replaced long ago with .dox, .xlsx, and .pptx and any old file formats are a red flag.

Back things up… then back them up again

Make sure you’re keeping your files backed up at all times. Even if you don’t get a virus, you never know when your computers could be stolen or destroyed in a fire or natural disaster, so back up your items before it’s too late.

For businesses, you should have an on-site equipment back-up system that is offline and not tied to your netowork. External hard drives are a good option because the are relatively inexpensive and you can easily store them in a fire-proof safe. If your office is relatively small, you could get away with buying a 2 terabyte drive—which you can get for about $150.

It’s always best to have a back up to your back up as well—especially if your business deals with confidential data. One major breach can be enough to ruin a small business if you can’t afford to get your files back. Cloud storage allows businesses to back up their company information to a secure site online.

The Takeaway

 In Locky’s case, victims have to open the email, open the attachment and then enable macros in Microsoft Word for the virus to take over. You won’t automatically get this virus just by receiving the email, so just trust your instincts and make sure everyone at your workplace knows what to look for. If an email or an attachment looks fishy, don’t open it. And if you haven’t backed up your data yet (or haven’t done it for a while), do it now!

Tips to Protect Your Law Firm Website From Hackers

by Leave a Comment

protect your law firm website from hackersAccording to a study by Dr. Joseph B. Kuhns at the University of North Carolina, a majority of burglars said they would seek an alternative target if the presence of deterrents such as alarms, cameras, and other surveillance equipment were noted.

Similarly, a hacker is more likely to break into your website and wreck damage when there are no protections in place.

As a law firm, your clients and potential clients will quickly lose their sense of security and trust when your website has been hacked. They may start to wonder if this hack is more than what meets the eye. Has their important and private data suddenly been compromised? Unfortunately, recovering from a hacking situation is not an easy process. Fortunately, almost 97% of hacking attacks to your law firm’s website can be prevented through simple measures. Follow these few simple tips and you will be on your way to website security.

  1. Stay updated AND keep everything updated.
    1. Software updates happen for reasons. One of the main reasons being that all software has loopholes, and when hackers find those holes they are quick to abuse and exploit them. However, software developers are just as quick to fix those holes and put out updated, safer software. Ensuring that your software is up to date helps to minimize the risk of a hack. For sites using WordPress, plugins and WordPress core files are updated very frequently and need to be checked on a regular basis.
  2. Strengthen your access control and reign in your error messages.
    1. We all know that they should be complex but how many of us actually follow the rule of at least 3 capital letters, 5 numbers present every other letter, a hyphen, and an exclamation mark? Although it doesn’t need to be that absurd, a strong password for the server and website administration is a simple but crucial tip to follow. Additionally, keeping your error messages for logging in generic such as, “the username and password do not match”, keeps hackers at bay longer than a specific and revealing error message that states, “the password is incorrect” or “the username is incorrect”.
  3. Install security plugins, applications, and firewalls.
    1. There are many website security options available on the web and you should definitely be taking advantage of them. For WordPress sites there are free plugins available such as WP Security or Bulletproof Security which would need to be configured and kept updated to thwart attempts.. For other CMS platforms or HTML site there are malware detection such as SiteLock. There are also many Web Application Firewalls (WAF) that are software or hardware based that you can implement for a monthly fee.
  4. Back up your site frequently.
    1. Frequently backing up your site is for those worst-case scenario situations. As a law firm, there is a great possibility that your website contains a lot of valuable information, losing that in an instant to a hacker because the last time you backed up your site was a year ago is always heartbreaking. Instead, be prepared and back up your site DAILY in as many places as you possibly can. On-site, off-site, whenever you can.

Far too often, we’ll see law firms, who think that their site has nothing really worth being hacked for, only to find their site compromised the next day. The reality is, the majority of website hacks are not to steal your data but rather to deface your website with spam. In the end, whether it’s spam or stealing your data, a security breach is a security breach and regaining your client’s trust after one is a difficult task. Trust us, implement these security tips now for your law firm’s website, before it’s too late.