Social Engineering: How They Do it?

First off, I do not encourage the tactics I talk about to be used for malicious acts. A common way they convince someone to divulge information is by acting as a friend or pretending they don’t want the information you have.

Now just because someone says this doesn’t always mean they are engineering you, but it is a common way of engineering. Also, just because someone is your friend on the internet doesn’t mean they are “out to get you,” so basically, don’t be paranoid just be careful. Another technique is to befriend them and convince them you mean no harm, and eventually they will most likely tell you depending on what you are trying to receive.

Why Would Someone Do This?

There are many reasons as to why someone would want to engineer you, whether for monetary gains or for some other reason. If you are the owner of a website, server, business etc. always be careful when handing permissions or anything else someone might want to take and use to make your business their own. Many examples come from Minecraft Servers where an “Admin” or “Co-Owner” receives the FTP panel and removes the owner taking over the server. So always be weary and make sure you can trust the people you give permissions too as they may not be who you think they are, no matter how long you’ve known them.

Common Places For Social Engineering

A LOT of engineering happens over Skype, as it’s what many people use to talk over the internet and it’s actually quite easy to engineer people over this application instead of just plain chatting, but if you are engineering I wouldn’t recommend sharing personal details or using video chat. Also keep most talking out of chat and in Voice Calls, as not many people have the means to record audio but everyone can take screenshots of chat logs.

How To Stop WordPress Comment Spam

Comment spam is truly a very big problem for bloggers. We all like to write on our blog and would like to see genuine comments for the articles that we write because that is the only way of getting a good feedback of what you actually do. If you are new here and not very familiar with the term Comment Spam, here is a small introduction to what it actually is. We usually install a plug-in to get comments from viewers that can be an add-one, something that we missed out or maybe a simple appreciation for that article. Since they are putting in their comments, we also allow them to share a link to their website or blog. The problem arises when people start using your comment column to promote their links or give irrelevant comments so that they can just have more clicks on their links. This is called as Comment Spam.

Say No To Auto Publish

wordpress stop spamThe main reason spammers try to get through with your comment page is because they assume that you have set the publishing to auto-publish mode or systematic publish mode, either way the comments get published automatically before checking for spam. Auto publish or systematic publish is a big NO if you are looking to have a clean site without any spam. It is better to check the comments before they are being published. In that way, you can be sure that only genuine comments are visible in your site. General comments like, ‘I like this article’ and ‘this information is very useful’ could easily be spam. To check the genuineness of the comments, look out for comments that are linked to the content that is being commented upon.

Check The Email IDs

The email ids that are given in the comments column can give you an indication that is could be spam. Check for email addresses that have the same website but a different affiliate name. These could be spam and it is better to avoid posting the comments given from such IDs.

Use Plug-ins

There are a lot of plugins’ that are available in the market that will help you in making sure that your site is not used by spammers. WordPress Captcha is one such which is used by many to make sure that there is no comment spam. This can be of great help in reducing the automated content spam. Simple trackback validation is also a plugin that can help in tracking back and validating the real ones from fake ones. Bad behavior is also a good choice to make sure that spammers do not misuse your site. This can also be used in liaison with other spam blocking plug-ins to give an effective remedy to comment spam.

There is a catch in using plug-ins for your website. Free WordPress sites cannot have the comment spam plugins. Only a self hosted WordPress site can have these plug-ins’ that are very effective and can ensure that there is nil comment spam.

Why Would Someone Want to Hack My Blog?

We hear this all the time from clients with travel, real estate, food, etc… blogs. “Why would anyone want to hack my blog? It’s just about recipes!” We understand it might not make much sense at first, but most hackers hack a website in order to essentially steal their traffic and make some money off it. In the internet world, traffic is money, and if a hacker can hack 10 blogs each with an average of just a couple thousand hits a month, they can redirect that traffic to their site and end up with a lot of visitors. Let me explain in more detail.

Links back to their site

website hackedGoogle is the main search engine for most of the developed world, and Google ranks websites using a complex algorithm I won’t even try to figure out. But, one of the most important parts of that algorithm is the number and quality of sites that link back to a particular page. So if a hacker has a site that they sell products or advertisement on, it would behoove them to have other quality sites linking back to their site. This would move their site higher and higher in search results, and thus allow them to sell more products or charge more for their advertisements.

Hijacking your traffic

This is in some ways related to the reason listed above, but instead of just placing hidden links on your blog, some hackers will redirect all your traffic to their page or an affiliate page thereby stealing your traffic. Many people who get hacked notice it when they type in their URL on morning and end up being redirected to a page selling porn or performance enhancing drugs. This usually indicates that the hacker is getting a commission for the sales that occur, and by hijacking your traffic instead of working hard to get their own, hackers can turn a quick buck.

Get access to your paid content

If you sell a product on your website with a shopping cart and a product list and you are using software like Magento, WordPress, Joomla… it is likely that your products and prices are stored in your database. If a hacker can gain access to your database through SQL injection attacks they can change the price of your products and place orders for those products at a lower cost, sometimes as low as one cent. If your system is automated, you might not catch the change before product gets shipped out, and you must eat the difference.

Another common occurrence is hackers gaining access to a password protected area of your site and getting to consume paid content for free. Sometimes the hackers will steal this data and make a similar site to yours– even selling the same content you worked hard to produce. You might not even know this has occurred, which is why it is important to take measures to prevent attacks as soon as possible.

Our next post will review the value of newsletters and mailing lists and why hackers would want to steal this information. Even if you have a small hobby blog, your traffic and resources may be worth more than you think. Now you know the answer to your question, “Why would someone want to hack my blog?” — Usually it all comes down to money.

How to prevent attacks from happening…

We can help you prevent attacks so you don’t have to worry about what vulnerabilities might be lurking in your system, and we do it at a very reasonable price. Take a look at our Website Protection plans where we review your website for vulnerabilities and address them before they can be exploited.

Best Data Storage Options for Your Business

By the time you are setting up your business, storage of data is probably the furthest thing from your mind. However, as your business grows, you will come to the realization that you need more than your hard disk and email to manage your data.

Businesses today deal with a lot of data ranging from emails to customer information and accounts. It is important to ensure that this data is stored and managed properly for the smooth running of your business. At WebsiteHostingParadise can provide you with a wide variety of options to keep your website security.

Best options for small businesses

secured storageThe data management needs of a small business will differ from those of much larger businesses. Large businesses have larger volumes of data to deal with. They also have the resources to invest in more complex and larger systems to handle large volumes of data. Small businesses have to learn to work within their means.

The following are various options that small business owners can consider for the storage and management of their business data:

Secured Servers

Servers are a great option for already established businesses and can afford to have their own servers. Servers offer a centralized location in which information can be stored. You can set up your server to ensure backing up of information from multiple hard drives on a regular basis.

Servers allow you to have full access to your data anytime you need it. You will however require an expert business IT support company to look after your server and ensure that it is working at optimum. Hiring a company to carry out regular checks on your server will ensure that it is in good working order and detect any problems early.

Cloud storage

Cloud is becoming increasingly popular especially amongst small businesses. Instead of having a computer to act as your server, you can store your data online. There are various popular Clouds available for businesses including Dropbox and Google Drive.

The best thing about Cloud storage is that information can be uploaded and accessed from anywhere in the world as long as you have internet access.

It is important to ensure the security of your data. You should therefore limit access to your information and discuss various security measures with your IT support firm.

Customer Relationship Management

Customer Relationship Management (CRM) systems are useful for businesses that have to handle a lot of data related to their customers. The CRM system will enable you to store information about your customers. You can store any details you need including their orders or reason why they have contacted you.

CRM systems come either as on-site or cloud-based systems. The cloud-based systems require no software or hardware and are accessible from just about anywhere where an internet connection is available. The on-site systems require specialized software and hardware.

Hosting

This involves storing your data on a server that you can access via the internet. You can choose to either host the website yourself or have it hosted by a third party. You can store information for emails or websites with this type of data storage.

Sharepoint

Storage of data is not effective if it cannot have proper management. This is where Sharepoint comes in. This provides your company with a centralized hub through which you and your staff can store and access information. It makes sharing information with employees much easier. Sharepoint is customizable to suit the specific needs of a business.

It is important to talk to your business IT support firm to determine which method of remote backup data storage would best suit your business needs.

How to: Remove Google Analytics Spam

Do those look familiar to you?

  • get-free-social-traffic.com
  • floating-share-buttons.com
  • www.event-tracking.com
  • site8.free-floating-buttons.com
  • video–production.com
  • sexyali.com

I’m certain you’ve noticed such referrals in your Google Analytics profile:

analytics referral spam

Today we will see what, why and how this “spam” happens. And how to clean up your Google Analytics profile by removing referral, event and search term spam.

What are we talking about here?

This is one of the spam tactics which plays on webmaster’s and marketer’s curiosity of which websites bring them traffic.

If we would to simplify the basic referrer spam it would go something like this:

  1. I make a link from my website to your website
  2. Click through that link a multiple times
  3. Your Google Analytics profile will see my website as referral. You will be interested how people clickthrough from it and visit it.
  4. ???
  5. Profit.

Why they are doing it?

To get traffic.

Most spammers just sell some low quality webmaster-targeted products. Some are affiliates that will refer you to popular websites like AliExpress.com (Asian Amazon) in hopes that you will convert to buyer immediately or later and they will get a commission.

How they are doing it?

Notice that for you to push data to your Analytics profile, no special authorization is necessary. All you need is profile’s “UA” Tracking ID, which looks like this: UA-124214-1

And it can be easily extracted from your website’s source.

Now, with popularization of Apps, there was a need to move Google Analytics beyond websites. Universal Analytics was born.

One of its features is Measurement Protocol, which:

“… allows developers to make HTTP requests to send raw user interaction data directly to Google Analytics servers”.

This is basically a robust Google Analytics API. With it you can track anything, including offline events and tie them to user’s website or app behavior. All tracking is done server-side. Great stuff.

But this had a side effect. You can automate the heck out spamming and perform it in bulk.

This is how the process goes for the most advanced spammers:

  1. Make a Measurement Protocol request which mimics website hit from a defined referral
  2. Send is as a HTTP request from a server
  3. Repeat with next victim’s “UA” Tracking ID
  4. ???
  5. Profit.

But, the manipulations could be done for any visitor data. So step 1 could be: Event, Spam search term and even user’s browser.

And keep in mind that you don’t even need something special to come up with “UA” Tracking IDs. Google Analytics just uses progressive numbers.

So in theory, you could just hit all the existing profiles, even though most of them are abandoned. Because why not, we’re spammers anyway.

This is how fast you can make event 100 hits, all to different profiles:

analytics measurement protocol

It’s 2 lines of code in a loop using Universal Analytics for Python library.

And imagine running this on a server 24/7, or on multiple servers. Programmed by someone who knows what they’re doing.

Since most spam is done server-side, we see a caveat – most spammers don’t define which “hostnames” send the data.

Hostname of a visit exists to show what web property was used to register the hit. Basically most of your hits would arrive from your domain’s hostname. You can also see some hits from Google Translate hosts and from your local development hosts if you use any during development (127.0.0.1 or localhost).

Sample referral spam hits from undefined hostnames:

analytics spam

So, by only including Google Analytics data only from known hosts, we can easily eliminate most spam.

We can then add a few more exclusion filters to remove more advanced spammers who define clever hostnames, or have more physical robots (which actually visit your website).

Setting up Google Analytics views to filter out spam

First, make sure you or someone else didn’t try to combat spam using “Referral Exclusion List” under “Property → Tracking Info → Referral Exclusion List“:

analytics referral exclusion

This is wrong. Your should only use this when you want to remove referral information from a domain, for example when your payment processor redirects people back to the purchase. Or your “support.” sub-domain, for example.

Next thing on your to-do list will be to create a new view and call it “Unfiltered”.

We will keep this one to fall back on if we suspect that filters on our main profile are wonky.

google analytics

Assign the same settings to it as to your main view (timezone, currency, enable Ecommerce etc.), make sure “Exclude all hits from known bots and spiders” is unchecked in settings.

Including only known hostnames

Now that we have a backup view, let’s add a filter which will only allow Analytics hits from known hosts.

Go to your main View, “Audience → Technology → Network“, change primary dimension to “Hostname”, and you’ll see something like this:

analytics hostnames

Breaking it down:

  1. Your own hostname.
  2. (not set) for server side tracks that don’t define a hostname. Most spam in my case.
  3. Hits from people using Google Translate for translations.
  4. Hits from my “development” environment – when I run my website on my computer.
  5. Spammers that define hostnames. HULFINGTONPOST is my favorite.

Keep in mind that your case may have more hostname hits similar to Google Translate, if you see substantial number that doesn’t look like spam, check it out. Perhaps it’s worth including it in the filter.

Important: if you are using server side tracking for some events, some of the (not set) events will be yours. I suggest you either add hostname to context of a server side tracking call or add (not set) along with other allowed hostnames to filter.

Ok, new let’s setup hostname filter. Go to “Admin”, select your main view and go to “Filters”. Click “+ NEW FILTER”, then configure it:

analytics hostname filter

  1. Type: Custom
  2. “Include”, as we will only be including needed hostnames.
  3. Field: “Hostname”
  4. Filter pattern: regular expressions work here. You should add all your domain, sub-domains and other valid hostnames
  5. Verify & save your filter.

By including only known hostnames in our reporting we will eliminate most spam, but not all. So let’s proceed.

Referral spam

Some spammers cleverly define hostnames of their target website.

analytics referral spam

For this will will just exclude them as referrals. And we will be adding more as we discover new ones.

Keep in mind that filters won’t work retroactively, so check for spam referrals for periods after you’ve applied hostname inclusion filter. Or go to Hostnames, pick your hostname, check referrals and find the fishy ones.

And here’s the filter:

analytics referral filter

  1. Type: Custom
  2. “Exclude”.
  3. Field: “Campaign Source”
  4. Filter pattern: add all spam referral domains that are left. Use “|” between domains, don’t use spaces.
  5. Verify & save your filter.
Search term (Keyword) spam

Some spam started appearing in organic search terms recently.

analytics keyword spam

And here is a filter to remove those.

analytics search filter

  1. Type: Custom
  2. “Exclude”.
  3. Field: “Campaign Term”
  4. Filter pattern: add spam keywords, separate using “|”.
  5. Verify & save your filter.
Events spam

Most spam event would be filtered by including only known hosts, like this one:

analytics spam event

analytics spam event

But still, if you see event’s spam, here is a sample filter to filter them out.

analytics events filter

  1. Type: Custom
  2. “Exclude”.
  3. Field: “Event Action” (or Category)
  4. Filter pattern: add contents of the event.
  5. Verify & save your filter.

That’s it, enjoy your Google Analytics view without spam data.

Don’t forget to update your filters if you notice new spam referrals, events or search terms coming through.