It’s been smooth sailing in FanningSparks’ world for the last five years. But, suddenly, we hit rough waters!
More accurately, cybercriminals hacked the website. Then I discovered the company who created the website theme (the formatting and presentation layer) is no longer in business; the blog content is taking up too much space and needs to be optimized; and the hosting company suspended the account.
Visitors who tried to access www.FanningSparks.com last week might have seen a blank screen with a “suspended page” and a ”Contact Support” message. It was a very real reminder of the many years I spent working in IT. Yep… we ran aground!
As a result, I spent countless hours learning about malware (software created for malicious purposes), how to resolve a compromised site and, most importantly, how to prevent a future infection. In the final outcome, the blog was reactivated after four days and is now protected by professional malware cleaning services. FanningSparks has a clean bill of health and is back in business. Readers can again access the blog without concerns.
This unfortunate turn of events got me wondering why a cybercriminal/hacker would bother infecting a blog like FanningSparks since none of the typical incentives seem to apply. Here’s what I’ve learned.
1. Hackers Steal User Data
Cybercriminals often try to steal data, especially credit card and sensitive personal data, from online users.
FanningSparks never requests or stores sensitive personal information. In fact, FanningSparks only asks a visitor to enter a name and email address if they wish to 1) sign up for email notifications or 2) leave a comment. There is no shopping cart, no online purchasing, and no commercial aspect and thus no personal financial data is collected.
2. Hackers Insert Malicious Links in Comments
Cybercriminals sometimes use spam bots to generate comments on a blog/website. They include links in their comments to entice other readers to visit their spam website and sign up or enter credit card data.
The FanningSparks blog does invite readers to enter comments on blog posts but I personally review every comment before it becomes visible. This means I’m able to weed out comments with malicious links hidden in them and, believe me, there are lots of unsavory and some downright disgusting comments that never get published.
By the way, it’s best practice to avoid links found in comments or, at the very least, examine them very carefully before clicking on them.
3. Hackers Deface Websites
Cybercriminals sometimes deface websites to promote their own messages. “A website defacement can be thought of as electronic graffiti because a cybercriminal … will change the visual appearance of the targeted site. Typically, these attacks are motivated by religious or political reasons.” explains SiteLock in their article Why Would Someone Hack My Website?. Fortunately, FanningSparks was not defaced.
4. Hackers Insert Malicious Pop-Ups or Ads
Cybercriminals can infect pop-up windows or on-page advertisements. This malware is designed to entice readers to click these areas and unknowingly download malware or be taken to a spam website.
FanningSparks is ad-free: unlike most blogs, there are no advertisements displayed on the blog—not in the page header, not in the middle of a post, not in a sidebar. Nor are there any pop-up windows… none!
Experts recommend steering clear of pop-ups or ads that appear unprofessional, contain spelling or grammatical errors, or make outlandish claims such as free merchandise or miracle cures.
5. Hackers Redirect Users
Cybercriminals can infect websites with “a type of malware that redirects users from a legitimate site they thought they were visiting and points them toward an illegitimate one instead.”
I visit the FanningSparks blog nearly every day and, to the best of my knowledge, the FanningSparks URL has never been redirected in this way.
6. Hackers Hold Websites for Ransom
“Ransomware is a type of malware that holds a computer or network’s information hostage until a ransom is paid … ransomware can encrypt critical documents, PDFs, spreadsheets, and other files on your local machine. Once these critical files are encrypted, you’ll get an alert notifying you that decryption will occur once you pay a ransom.”
The FanningSparks blog has received a few, unconvincing emails demanding money to avoid having the website shut down, but, thankfully, it hasn’t fallen prey to this type of situation. Again, because the website has no commercial purpose, it would hardly be worth the effort to orchestrate such a crime.
Experts warn victims of ransomware that “There’s no guarantee you’ll regain access to the encrypted files after paying the ransom, and it’s best that you work with local law enforcement to discuss the next steps.”
There’s more work to be done behind the scenes, but bottom line, readers of the FanningSparks blog can continue to read the blog with confidence. The blog website is back online with a refreshed theme and a new, deeper level of malware protection. Hopefully, we’ll enjoy smooth sailing for a few more years!
More Info
All this talk about cybercriminals deliberately trying to trick users with malicious software, spam websites and data theft could cause someone to never go online again. But fortunately, there are steps users can take to safeguard against these situations. There’s a wealth of valuable information available from trustworthy online resources. Here are a couple articles I found helpful:
. The Real Simple online article, How to Shop Online Safely, offers a straightforward explanation with 5 tips to shop online more safely.
. For a more in-depth explanation, check out the online article, How to Browse the Internet Safely: 10 Tips, from the Swiss Cyber Institute. “Internet safety means being knowledgeable about the nature of the potential threats that you could face while browsing the Internet. It is time for you to focus on the positive facet of digital life and learn safe web browsing security tips.” states the article before sharing 10 tips for using the internet more safely.
The online article, Why Would Someone Hack My Website?, by SiteLock was referenced in the writing of this blog post.
Today’s Takeaways
1. It’s important to stay current and be aware of potential threats when using the internet.
2. Research best practices and take recommended actions.
3. Be vigilant and stay safe while browsing or shopping online.
Comments are closed.