- Globally, 30,000 websites are hacked daily.
- 64% of companies worldwide have experienced at least one form of a cyber attack.
- There were 20M breached records in March 2021.
- In 2020, ransomware cases grew by 150%.
- Email is responsible for around 94% of all malware.
- Every 39 seconds, there is a new attack somewhere on the web.
- An average of around 24,000 malicious mobile apps are blocked daily on the internet.
When I add security software (Wordfence) to clients sites they nearly always come back to me a week or so later completely freaked out due to the weekly email they get with the number of people who have tried to access their website over the last week. I now warn them this will happen so they don’t get so freaked out!
One of the lovely lady’s in my group last week posted her website link and when I went to look I was redirected to a spam website. She couldn’t replicate the problem, to which I explained that it doesn’t happen all the time so often you don’t notice until the hack gets so bad your whole website is gone. Luckily I was able to give her some advice that solved the issue quickly.
Another lady contacted me as she was getting so many issues with her website and a scan showed it was riddled with Malware, which obviously takes far more time to sort out.
So how do you know if your website has been hacked?
When you visit your website you may see that pages or posts are missing or a pop up can come up, usually saying your website isn’t secure and to click to make it secure (don’t click!!). But the most common hacks are redirections where when you go on your website it redirects you to another website.
So when anything is clicked malware files are then usually downloaded to the visitors computer that usually include keyword loggers. So when you log into your bank etc. they can see what you are typing.
First off it’s nothing personal, I’ve had people come to me with hacked websites that have yet to even install any kind of website on their domain! With WordPress (and some other builders) what happens is that hackers target vulnerabilities in certain themes and plugins (especially ones that have been abandoned or haven’t been updated for a while!) and then they randomly attack websites that have that theme or plugin.
Developers then usually come up with a security updates (as long as the theme or plugin is still being maintained) and your site is at risk until you update.
They don’t know who you are, nor do they care. They have just found their way into one site and if you use the same themes or plugins you are at risk.
How can you protect yourself?
The bad news: Unfortunately there’s nothing you can do to 100% stop people from hacking your website. But there are a few things that you can do to lessen your chances of getting hacked and setting a ‘burglar alarm’.
Firstly make sure you do the updates on your website at least twice a month (or a lot of theme or plugin developers often send emails out if there has been a security breach). This keeps things up to date so any security updates are applied – this also helps cut down on glitches on your website.
Make sure your site is backed up at least once a week (or more if you have a transactional website or post content updates regularly). You can easily do this with the free Updraft Plus plugin, that backs up to Google Drive or Dropbox. A lot of hosting companies also offer back up services. It’s really important as if your website is hacked, even if it’s fixed it can sometimes be easier to hack into in the future so it’s better to roll back to a backup of before it was hacked.
Use a security plugin such as Wordfence, that has a firewall and also offer weekly scanning services. You then get an email each week to tell you that your site is all safe or whether there are any problems.
If you are worried about security of your site and want a site health check (along with ideas and improvements for your site) then book in with me for a one to one session, which is much cheaper than fixing a hacked website!