Has my website been hacked?
- Globally, 30,000 websites are hacked daily.
- 64% of companies worldwide have experienced at least one form of a cyber attack.
- There were 20M breached records in March 2021.
- In 2020, ransomware cases grew by 150%.
- Email is responsible for around 94% of all malware.
- Every 39 seconds, there is a new attack somewhere on the web.
- An average of around 24,000 malicious mobile apps are blocked daily on the internet.
You’re Not Alone!
When I add security software (Wordfence) to clients’ sites, they nearly always come back to me a week or so later, totally scared due to the weekly email they get with the number of people who have tried to access their website over the last week. I now warn them this will happen, so they don’t get so freaked out!
One of the lovely ladies in my group last week posted her website link, and when I went to look at it. I was redirected to a spam website. She couldn’t replicate the problem again but I explained that sometimes it doesn’t happen all the time, so often you don’t notice until the hack gets so bad that your whole website is gone.
Luckily, I was able to give her some advice that solved the issue quickly.
Another lady contacted me as she was having so many issues and glitches with her website. A scan showed it was riddled with Malware, which obviously takes far more time to sort out than preventing it happening in the first place.
So, how do you know? Has my website been hacked?
When you visit your website, you may see that pages or posts are missing or a pop-up may come up, usually saying your website isn’t secure and to click to make it secure (don’t click!!). Or you could have users being added without your knowledge or things not working as they should. But the most common hacks are redirections, where when you go to your website, it redirects you to another website.
So when anything is clicked, malware files are then usually downloaded to the visitor’s computer, which usually includes keyword loggers. So when you log into your bank etc., they can see what you are typing.
First off, has my website been hacked?Â
If yes, remember, it’s nothing personal. I’ve had people come to me with hacked websites that have yet to even install any kind of website on their domain! With WordPress (and some other builders) what happens is that hackers target vulnerabilities in certain themes and plugins (especially ones that have been abandoned or haven’t been updated for a while!) and then they randomly attack websites that have that theme or plugin.
Developers then usually come up with security updates (as long as the theme or plugin is still being maintained), and your site is at risk until you update.
They don’t know who you are, nor do they care. They have just found their way into one site, and if you use the same themes or plugins, you are at risk.
How can you protect yourself? Practical Help and Advice.
The bad news: Unfortunately, there’s nothing you can do to 100% stop people from hacking your website. But there are a few things that you can do to lessen your chances of getting hacked and setting a ‘burglar alarm’.
Firstly, make sure you do the updates on your website at least twice a month (or a lot of theme or plugin developers often send emails out if there has been a security breach). This keeps things up to date, so any security updates are applied – this also helps cut down on glitches on your website.
Make sure your site is backed up at least once a week (or more if you have a transactional website or post content updates regularly). You can easily do this with the free Updraft Plus plugin, which backs up to Google Drive or Dropbox. A lot of hosting companies also offer backup services. It’s really important because if your website is hacked, even if it’s fixed, it can sometimes be easier to hack into in the future, so it’s better to roll back to a backup before it was hacked.
Use a security plugin such as Wordfence, which has a firewall and also offers weekly scanning services. You then get an email each week to tell you that your site is all safe or whether there are any problems. Wordfence do send out a lot of emails (mostly reminding you about updates but it is SO important to check them in case they say that malicious files have been found on your website)
If you are worried about the security of your site, or if you have been hacked then please get in touch so that we can advise you of your next steps.