Have You Ever Been Hacked?

“Google has detected that your site has been hacked by a third party who created malicious content on some of your pages.”

This was the message I received around Thanksgiving that sent me into a tailspin.

Hacked? Malicious? What the heck?

Turns out, my business website had been hacked. Some Sneaky Pete had hidden code advertising “cheap” drugs (like Viagra and Cialis) from foreign countries on my pages — without my knowledge or approval.

He(?) was clever, too, using a back-door approach through a file I thought I’d removed from the server.

Thank goodness, Google was more vigilant than I, warned me of the dastardly deed, and added a notice in search results cautioning folks that my site wasn’t reliable.

Wait, what?

(That doesn’t sound like something to be thankful for, does it? I mean, telling strangers NOT to trust me with their web design needs because I failed to protect my own site from criminals?!)

But, yeah, if we don’t know there’s a problem, we can’t fix it, can we?

Google graciously gave me plenty of suggestions on how to do just that (yes, they ALL involved coding), and those suggestions, plus a bit of common sense, time, and help from my hosting company put me on the right path.

I changed a bit of this, re-coded a bit of that, removed some files entirely. Practically redesigned my entire site. Changed ALL the passwords, checked and re-checked everything, and submitted a reconsideration request so Google will “serve me up” when people search for web design firms.

A few days after my request for reconsideration, I was notified that what I’d done worked — yahoo!! (Or rather, whoo-hoo!)

So, let this be a warning to you — hackers are out there, lurking who-knows-where, and they’re becoming more crafty about adding spam, pornography, ads, etc. to legitimate websites. And stuff like that can absolutely mar the reputation you’ve worked so hard to achieve.

P.S. WordPress dot com has safeguards in place so you probably don’t have to worry about stuff like this. Not like when you have a website you’ve designed yourself. Still, it doesn’t hurt to be vigilant!

Advertisements

22 thoughts on “Have You Ever Been Hacked?

  1. It never fails to amaze me that people (hackers) spend time and energy to hurt others…why? So glad you were able to take care of things. As far as code, boy, I’m lost on knowing how to do that, good thing I have an IT guy in the house!

    • You know, Suzi, I’ve read from other bloggers how viscous some of the spam comments can be — to the point of convincing good writers to quit blogging altogether — and it makes me sad. The world is a better place when we all agree to let each other have their say, regardless whether we agree with it. Dialog might never solve the world’s problems, but shooting each other (literally or figuratively) sure doesn’t work!

  2. Ooooh the buggers! I am glad you managed to get it sorted out. I am pleased to say that nothing of this sort has happened to me, although it occasionally happens to friends on Facebook and naughty pictures get sent to everyone in their address books. Which isn’t so bad, in the grand scheme of things.

  3. I bump up against this most via gmail. I’ll get those spam emails from people whose contact list obviously has been hacked. It usually comes from a yahoo address, interestingly.

    Your note about WordPress is exactly right. There are some downsides to going the WP dotcom route, rather than dotorg, but the advantages for someone like me are obvious: they police the joint. Occastionally they’ll have a glitch with servers going down, but when I think about it, that hasn’t happened for about two or three years. In the beginning, I’m sure it was growing pains.

    For my general needs, I use McAfee and Malwarebytes, and follow PrivaSecTech on Twitter. They’re usually on top of whatever nasties are going on in the world, and its convenient to have it in my timeline.

    • I’ve found the same thing with WordPress, Linda. Yes, if one has the time, skills, and inclination to police a dot-org site, go for it. The rest should stick with the dot-com version and relax that the policing is being handled. I’m still amazed at the ridiculous spam comments that fortunately never make it past Akismet — what a cool tool!

      Isn’t it scary how many untoward things folks can do from a distance to make life more challenging than need be??

  4. Brava, Debbie! Glad to hear that you were able to correct this using your expertise. And it’s ironic you posted about this today because I was skimming a blogging book in Barnes and Noble yesterday about self-hosting versus having a blog hosted for you. And it mentioned that one of the big advantages of using, say, WordPress.com or Blogger.com, and having them host it is that they safeguard against hackers, spammers, etc.

    About two years ago, someone I used to blog with who self-hosted his blog had the same thing happen to him. He got hacked. Luckily being an IT person, he was able to rectify the problem.

    I have also known many people who have had their email addresses stolen because I’ve gotten spam emails from the hackers who used their addresses.

    But I guess the Internet (even with all its wonderful advantages) has a downside too; one being hackers.

    Have a super week, my friend!
    X

    • Ron, you’re right in saying the Internet is a wonderful “invention.” It’s made it possible for folks like us — who might never have “met” in person — to connect, share thoughts, and tell stories. It’s too bad that sneaky people want to exploit that, all in an effort to make a quick buck. And I wonder how lucrative hacking really is??

      I hope my problem is corrected. It was a wake-up call, that’s for sure, and I’m grateful that Google brought it to my attention. Who knows what havoc these folks could’ve wrought, had their nastiness gone unnoticed?!?

      Happy week to you, too!!

  5. Oh, how awful! I’m glad you were able to get it sorted, but it must have been pretty stressful, especially when it’s your business. I’m afraid I stick to using things like WordPress – my techie skills aren’t up to doing my own policing. I’ve never been hacked (as far as I know), except for my e-mail address which was used to send phishing requests for personal details to all the addresses on file – embarassing since I sometimes used it for work if I was working at home, so there were several work contacts on there. Fortunately my ISP sorted that one for me, and it taught me a lesson about using stronger passwords.

    • Yikes, that must have been frightening!! I’m glad your ISP was able to help you sort things out — at first, mine wasn’t going to help, but I kept calling until I found a helpful person. No way was I going to wade through all that tech mumbo-jumbo by myself! Isn’t it awful feeling like somebody has commandeered your good name and used it for ill??

  6. You sound like you handled it with skill and speed, Debbie, which is more than I could have handled! I have little tech skills. Every now and then I check my spam folder in my email and it’s the creepiest most revolting bunch of garbage. Rotten stuff! Glad it’s all fixed.

    • My spam folder fills every time I add a new post, DD. Usually, it’s people trying to sell something, rather than the really nasty stuff. I wonder how these folks have so much time on their hands — perhaps it would be useful for them to give us some pointers?? I mean, I seem to meet myself coming and going, ha!!

  7. The person who just fixed my blog placed took my login off my page! This has made a huge difference. Nobody can get into it, except MEEE!

    xx kiss

    PS. I hope all hackers out there can’t get a night’s sleep. ASSh*les.

  8. I wouldn’t have had any idea what to do (which is probably why I’m not designing websites, haha!) Whenever I hear of something like this, I can’t help but wonder how the world would be different if they would use their creativity and persistence in a beneficial way rather than a destructive way. Guess I’ll never know, huh? Glad you got it all worked out and are “approved” again!

  9. Debbie, I’m terrified of being hacked. Yikes. At least you were able to fix it. Glad to know WordPress has measures in place to prevent this sort of thing. But still, you’re right. Better to stay on guard. Thanks for the reminder!

    • Monica, it was scary, and I must confess I feared I wasn’t up to the task of remedying the problem. Nevertheless, there are folks out there who deal with this sort of thing on a regular basis, and I’m glad I found them to help. I know we can’t legislate everything, but doggone it, there ought to be a special prison for those who deal out this kind of misery!!

  10. I’m so sorry you were hacked, Debbie. But I’m glad you were able to put everything back in order again. Seriously, what is the reward for these hackers? Isn’t there a legitimate way for them to use their skills and earn some benefit at the same time?

  11. Pingback: Guard Your Identity | Musings by an ND Domer's Mom

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s