How to Spot Danger Before Your Computer Gets Infected ...€¦ · Thousands of websites get infected with malware daily The End Result – Site identified with Blackhat SEO Spam.

PROTECTING YOUR BUSINESS ASSETS

@2012 Regina Smola, WPSecurityLock.com. All rights reserved. 1

A MyNAMS Presentation by Regina Smola

How to Spot Danger Before Your Computer Gets Infected, Your Site Hosts Malware, and

Your Credit Card Number Gets Stolen

BEWARE OF DANGEROUS LINKS


Pay close attention to the links you click on!

Email Spoofing (forgery) – Sender changes the From address and parts of the email header to appear as though it came from a different source.

Phishing (fake) – a way of trying to trick you to steal your private data, such as usernames, passwords, and credit card details by masquerading as a trustworthy entity. Malware Sites (viruses) – Malicious hackers inject malware onto webpages to try to infect your computer, steal your private data and infect your website.

PAYPAL EMAIL FORGERY


This email looks suspicious

PAYPAL SECURITY TIPS


Identify or resolve a suspicious activity problem

�  An email from PayPal will: Address you by your first and last names or your business name.

�  An email from PayPal won't: Ask you for sensitive information like your password, bank account, or credit card.

Help with PayPal Suspicious Activity: http://wpsecuritylock.com/paypalactivity

PAYPAL PHISHING SITE


Always check the url in your browser address bar

EBAY EMAIL SPOOF


Look for typos and things that suspicious

FIREFOX BLACKLIST PHISHING


Browser attack warnings should never ask you to download

DANGEROUS EMAIL DOWNLOAD


Beware: email attachments can contain viruses and steal your data

BANK PHISHING SITE


Mouse over links and check your status bar before clicking

FAKE AV VIRUS INFECTION


This Fake AV has tricked thousands of people!

SPAM EMAIL DANGER


Example of scam and spoofing emails

From: Bis <[email protected]> Subject: this is bad...umm, yeah

BEWARE OF UNSUBCRIBE LINKS


Only click unsubscribe links like aweber and companies you trust

Sending an unsubscribe message could put your email on numerous spammer lists.

URL REDIRECT DANGER


Could this link redirect me to a dangerous site?

What’s behind this link? http://www.dropbox.com/u/67943224/indexall.html Found 2 redirects

MALWARE SPAM DETECTED


Thousands of websites get infected with malware daily

The End Result – Site identified with Blackhat SEO Spam. This often means that it was hacked and the attackers inserted links to their own sites to increase their page rank. Site scanned for malware at http://wpsecuritylock.com/scanner

CHECK FOR REDIRECTS


Simple way to check for url redirects

FREE REDIRECT CHECKING TOOL Go to http://wpsecuritylock.com/redirectcheck

CHECK SHORTURLS


Great little tool to check Tweet urls too!

Avoid phishing, malware, and viruses by examining short URLs before visiting them. Find out where links really take you. Go to http://longurl.org

IS MY EMAIL HACKED?


Symptoms that your email is hacked

�  You're receiving email bounces (failed delivery) for message you've never sent.

�  There are messages in your Spam folder from YOU.

�  Your friends are telling you that you're spamming them.

�  You’re receiving Gmail “Unusual Activity” alerts.

CHECK YOUR MAIL SERVER IP


Take a proactive approach to fighting email fraud

If you’re email was hacked into, your email server’s IP address may be blacklisted. Go to http://wpsecuritylock.com/ipblacklist

DOMAIN EMAIL SECURITY


Help control your email spam

Enable SpamAssassin and Spam Box from your hosting cPanel

GMAIL SECURITY


Beef up your Gmail security settings

Check your Gmail Settings: Protect yourself – turn on External content and Browser connection security.

GMAIL ACTIVITY ALERTS


Turn on alerts for unusual activity

Check your Gmail Alert preferences 1.  Scroll to bottom of Gmail, click on “Details.”

2.  Scroll to bottom of popup window, click on “change.”

3.  Check “Show an alert for unusual activity.”

GOOGLE 2-STEP VERIFICATION


Increase security by turning on the 2-step log-in process

Advanced Log-In Security - 2-step verification Go to https://www.google.com/settings/

GMAIL SECURITY SETTINGS


Periodically check your Google security settings!

Google Security Checklist – Highly recommended! Take a few minutes to check that your Gmail security measures are up to date. Go to http://wpsecuritylock.com/gmail-security

EMAIL FRAUD PROTECTION


Take a proactive approach to fighting email fraud

Free tool to help identify “real” emails from over 1,500 senders, including PayPal, numbers banks and popular websites (ebay, amazon, etc.). Truemark icons show up next to messages that have passed a two-step security check to verify the sender. Go to http://www.iconix.com System requirements are limited, but they’re working on updates.

STOLEN PASSWORD CHECKER


Has your password been stolen and shared?

Check to see if your password has been stolen and shared on multiple hacker databases. Go to https://shouldichangemypassword.com

STRONG PASSWORD TIPS

Generate Strong Passwords

1.  Use a minimum 15 characters.

2.  Combination of upper and lowercase letters, numbers and symbols. WordPress suggests the following symbols: ! " ? $ % ^ & ).

3.   Never use the same password twice.

4.  Don’t use your name, website name, your kids name or dictionary words.

Built-in strong password generator


Make your passwords hard to guess! !

My Favorite Password Manager

LastPass: http://lastpass.com

WP Password Generator:

http://wpsecuritylock.com/password

AUTO SCAN FOR MALWARE

Put your website on automatic scanning for suspicious activity.

Sucuri’s Web Integrity Monitoring service detects unauthorized changes to your website, DNS, whois and SSL certificates. They’ll scan your website for malware, viruses, spam and security issues and notify you if something is found. Go to http://wpsecuritylock.com/sucuri

I highly recommend this service and use it on all my sites. No webmaster should be without it! Use my discounted affiliate link above and save. @2012 Regina Smola, WPSecurityLock.com. All rights reserved. 27

Make your passwords too hard to remember! !

GOOGLE WEBMASTER TOOLS

Add your site to Google Webmaster Tools for important information about crawl errors and malware warnings found on your domain.

Go to www.google.com/webmasters/tools


Use an email address that you check often !

THINK BEFORE YOU CLICK


Link Safety Tips - Ask yourself these questions.

�  Do I trust the email sender? And did it really come from him? (See http://wpsecuritylock.com/messageheaders)

�  Is the text link shown the same as the hyperlink? (Mouse over the link and look at your browser’s status bar.)

�  If I click this link will it redirect me to parts unknown? (Check http://wpsecuritylock.com/redirectcheck)

�  Is my firewall on and anti-virus program(s) running?

�  Does the site have malware? (Free malware scanner at http://wpsecuritylock.com/scanner)

REPORTING RESOURCES

�  Report Malware and Phishing Sites to Google http://wpsecuritylock.com/googlereport

�  Report Skype Scams http://www.facebook.com/SkypeVirusHelp

�  Report Email Scams, Fraud and Phishing http://wpsecuritylock.com/reportemail

�  Report Internet Crime to the FBI http://wpsecuritylock.com/reportinternetcrime


Help each other stay protected by reporting Internet Crime !

JUST THE TIP OF THE ICEBERG

More Security Training to come! I’ve Been Hacked: Security Tips to Help Protect Your Online Business Free Webinar Thursday, April 5, 2012 – 8pm Eastern Go to http://nams.ws/ibh Learn security tips and tools you can use to help protect your computer, website, and online accounts.


Good news! Get more security tips on 4/5/2012

REPLAY AVAILABLE

MyNAMS Offers 17 Ways To Get Better Training, Content And Tools For Your Online Business Today If you’re creating a totally online business or looking for a new channel to increase your offline revenues, then the MyNAMS community IS for you. Become a member at http://nams.ws/regina Save 85% off your membership with coupon: MYNAMS85


Get the replay of this webinar and a whole lot more!

THANKS FOR COMING

Let’s Connect

Ø  My Site: http://nams.ws/secure

Ø  Facebook: http://facebook.com/wpsecuritylock

Ø  Google Plus: http://wpsecuritylock.com/gplus

Ø  LinkedIn: http://linkedin.com/in/reginasmola

Ø  Twitter: http://twitter.com/WPSecurityLock

Ø  Skype: wpsecuritylock

Ø  Phone: (815) 200-9775


I’m so glad you spent this time with me!

How to Spot Danger Before Your Computer Gets Infected ...€¦ · Thousands of websites get infected with malware daily The End Result – Site identified with Blackhat SEO Spam.

Documents