According to a report from Kaspersky in March 2019, their anti-phishing system prevented 482 million attempts to visit fraudulent webpages in 2018 a 2 fold increase from 2017. (https://www.kaspersky.com/about/press-releases/2018_pr-scholars-phishing)

 

Cybercrime is on the rise. In light of these alarming stats, it is of crucial importance that internet users are careful in their internet activity and take all the necessary precautions to ensure that they do not become victims of cybercrime.

  

 

Use separate email accounts

If one email account gets hacked, this should not be automatically compromise all aspects of your online presence e.g. your banking information , social networking accounts, website registrations etc. 

 

 

Create a unique strong password 

For each of your email accounts, if someone were to break into your account, and see all your account registrations, they will test the compromised password against all the accounts which may lead to further hacks if you are re-using a password.

 

A few guidelines for coming up with a strong password:

 

·        Do not use sequential numbers or letters, e.g. 1234, abcde, qwerty

·        Do not include your personal information, e.g. your name, date of birth

·        The password must be long, if possible an average of 15 characters

·        Use a mix of characters, lower and upper case letters, numbers, symbols

 

 

Not sure how to change your email password?

No problem! Here are articles with steps included to help you:

 

 

·        How do I change my Email Password in cPanel

·        How to change my email password in Website Panel (.Net)

 

 

Let your email contacts know

Part of a hacker’s strategy is to get access to your address book with the aim of hacking others as well. Send a message to all your email contacts as soon as possible so that they know to avoid opening any emails, which is probably loaded with malware, that have come from “you”. 

 

 

Change your Customer Zone password and security question

Customers are able to access their domain’s control panels via their customer zones. It would be best to update your security question and answer if the hacker gained access via the Customer Zone. You are able to update the password here as well. 

 

 

Check your forwarding settings

It is not uncommon for hackers to modify your email settings so that a copy of every email you receive is automatically forwarded to them. Not only can they monitor your logins for other sites, but they’ll keep a watchful eye over any interesting personal information! So, check your mail forwarding settings to ensure no unexpected email addresses have been added. Don’t forget to check your email signature to ensure nothing "spammy" has been added.

 

 

·        Click here to see forwarding rules via cPanel.

·        Click here to see forwarding rules via Website Panel (.Net) 

 

 

Scan your computer for malware and viruses

This is also important. If you find anything, please ensure it is addressed, and then change your email password again. If you don’t have an anti-virus then it would be best to invest in one. Free versions have limitations to what they can scan. Comprehensive security software will provide you with an effective digital shield. 

 

 

Update your website CMS

If you are using software such as WordPress or Joomla, it is extremely important to keep these up to date. After every update, the software developers release notes which points out what security issues they fixed that existed in previous versions. Hackers will then exploit this vulnerability and gain access to your site to send emails if you have a contact form in place.

 

 

Add a Captcha

Captcha is used to prevent bots from automatically submitting forms with SPAM or other unwanted content. Google and other companies use it to prevent bots from creating multiple Gmail accounts. Users will have to enter this additional information every time they have to submit a form. If your website does not have a Captcha yet, consult your web developer to have one added.

 

 

Look out for oddly named website files

After a website has been hacked, it would be best to do a restore of the site from before it was compromised as the hacker may have left a file that will allow them to return. Immediately thereafter the site should be updated and secured. If a backup is not available, have your web developer look out for oddly named website files that does not belong in your website folder.

 

 

Re-install plugins and themes

Backdoors on a WordPress install are most commonly stored in themes and plugins. These should be treated exactly the same as your CMS and must be kept up to date as they will have their own security vulnerabilities.

 

 

Add your website to cWatch

Simply put Website Security is a protection tool for your website, web servers and web applications against the increasing sophistication of hacker threats. A complete website protection software provides early detection, immediate remediation and proactive preventive measures.

 

 

Beware of phishing scams

Never give away your personal information including passwords, users may be tricked into submitting their usernames and passwords to certain pages so that their service continues to run as normal, we will never request for users to do this. Some phishing scams are more advanced and can clone a high profile website with only slight variants to the domain name, then state then provide pages to submit personal information, such as username and passwords as well as credit cards. Each time you are asked for your personal information, alarm bells must go off, and verification checks must be completed before submitting the details.

 

 

Never click on links in emails 

If you are not expecting a link, even Spam mails attempting to sell you a product may redirect to malicious websites or trigger downloads of malware and viruses to your computer. If you receive an email from your bank, or bill payments visit the website manually, do not do the easy thing to click on the link provided, if the email has been sent by an attacker, you may be redirected to a bogus website which looks much the same as the real website.

 

 

Do not open attachments 

Do not open attachments that are sent in SPAM mail, even if the attachment looks innocent, eg a jpeg file. Filenames can be spoofed, for all you know you could be downloading an .exe file which will execute as soon as it has downloaded.

 

 

Ensure that all your devices have an anti-virus

Make sure its installed and it is up to date, and it is good practice to scan your mail as it is received or sent, you can never be too careful.

 

 

Avoid using public Wi-Fi to check your mail

While it may be convenient to use free Wi-Fi, this can be extremely insecure. There are programs called network sniffers that can run in the background from hacker’s device which can monitor network traffic. This data can be analyzed for information such as usernames and passwords.

 

Where possible use business email addresses only for sensitive information, such invoices and proof of payment, with spoofed email attacks, you can receive an email from a private email address with a legitimate sender’s name tricking you into providing sensitive business information such as bank details.

 

 

Remember that you can never be too careful, this too could happen to you!!!!!

 

 

Image result for city of joburg website hacked