Search Advanced Search
Categories
cPanel (6)
Domain Names (2)
E-Commerce & SSL (1)
Security (4)
FTP (2)
Software (0)
WHM (1)
Search Articles
Advanced Search
Frequently Asked Questions
Search our FAQ to find resolutions to common issues.
Favorite Articles
Search Articles that you have marked as your favorite.
Our Links
Web Development
E-Commerce Solutions
Search Engine Optimization
Reseller Hosting
Web Hosting
Protect youself from Phishing

An educated user is a safe user. We want your experience with us to be as memorable as possible, but for the right reasons! Becoming familiar with how you can protect yourself from unauthorized intruders will help to ensure you have a pleasant stay with Sabaiko. Your security is our concern. The following will give you some background information in phishing and help to lay out the part you play in ensuring your web space is safe and secure.

Phishing: Definition

According to google, phishing is the act of tricking someone into giving them confidential information or tricking them into doing something that they normally wouldn’t do or shouldn’t do. For example: sending an e-mail to a user falsely claiming to be an established, legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. In web hosting, phishing more often presents itself as a website designed to look much like the login for the site it is trying to mimic. Popular examples include eBay phishing, Barclays, PayPal, and Bank of America. A phishing site will often appear to be the targeted site. When a user logs in, the login is stored and can be used at a later time by the phisher for identity theft.

How Phishing Scams Get on Your Site

We understand that most people have no affiliation with the phishing material presented on their site. They probably don’t even know it’s there. Most phishing material is able to be uploaded onto an unsuspecting client’s webpage through insecurities in the user level scripts running on the account.

This has no relation to server side security. We maintain our server’s security at the root level. If any security patches are required at the root level, we are quick to make the necessary adjustments to keep our servers secure. It is up to the client to ensure security at the user level.

Website design is an ever changing field. Script developers are always updating their software to include the newest features, additional content, and most importantly of all, security patches. It is not uncommon for there to be security holes in popular scripts. Once these holes are identified, attackers can use these to compromise your account for their own purposes. Script developers are usually pretty quick to patch these holes and release a new version, however, it is up to you as an end user to actually update your software to the latest version. Acenet does not monitor the content placed within user space. It is entirely the responsibility of the client to know what scripts they are using and ensure they are secure.

This is how the majority of phishing scams get present on websites. Obviously there are other concerns. You should never share passwords. As more people have your passwords, there are larger chances there is content on your site that you don’t know about.

Make sure your password is secure. Attackers will often utilize a “brute-force” password hack. They will often automate a login process and try to use all of the words in a dictionary as the login. Ensuring that your password is a random string of characters and is not located in a dictionary can help to keep your webspace secure.

How can I prevent phishing material/compromises?

By ensuring that you run the latest copy of all scripts on your account, you can help reduce your chances of being compromised. It is your responsibility to frequently check the software that you run and make sure that there are no security holes. Simply contact the author of the script if you have any doubts.

Following the password suggestions above will also help to ensure your account contains only the material you personally place on it.

Print  Email  Save  Comments  Notify Me  Add to Favorites 
Article ID: 10009 Article Created: 01-31-2009 08:18 AMLast Modified: 01-31-2009 08:18 AM

How well did this article answer your question? 100% 75% 50% 25% 0%

Most Recently Viewed Articles
Protect youself from Phishing
An educated user is a safe user. We want your experience with us to be as memorable as possible, but for the right reasons! Becoming familiar with how you can protect yourself from unauthorized intruders will help to ensure you have a pleasant stay with Sabaiko. Your security is our concern. The following will give you some background information in phishing and help to lay out the part you play in ensuring your web space is safe and secure. ...
What is Hotlink Protection?
HotLink Protection prevents other websites from directly linking to files on your website. ...
Register Globals & php.ini
All PHP implementations run with a default set of values for configuration variables. Such variables control properties such as the amount of memory a PHP script can use, whether to register global variables, where to store SESSION variables and much more....
phpBB3 Hardening
phpBB is a very popular, web-based forum software. As of the time of this writing, the current phpBB version is phpBB3. If you are running an older version of phpBB, we highly recommend that you upgrade your forums immediately. phpBB version 3 contains many useful features for securing your forums. As always, it's best to run the latest version of any web-based software to ensure any security holes are patched and your software can be trusted....
How do I use the Free Shared SSL?
The shared SSL is provided free of charge to all clients on our shared servers. The method for using the SSL is different depending on which server you are on. In order to access the free shared SSL, you will first need to know your server's hostname which is located in the welcome email you received from us when you first signed up. ...
Service Ports List
All of our shared servers run aggressive firewalls, closing off non-standard ports in the interest of increased security. The following is a list of standard open ports and the services associated with each of them. ...
My Site was Hacked, What Do I Do?
The security of your hosting space is a two-fold responsibility. Sabaiko as the webhost, has a responsibility to ensure that all server-side software is up to date and has all necessary security patches applied. Our Technical support staff regularly watches for security bulletins regarding your server's software. Our kernels are kept up to date, non-standard ports are closed off in our aggressive firewall, and server software is kept at the latest stable, secure version....
Maximum Email Sending Rate Limit
For performance and anti-spam reasons, all email sending is throttled to 200 emails per hour. If you attempt to send more than 200 emails per hour, only the first 200 will be successfully delivered....
What is a Remote Access Key?
WHM provides you with a Remote Access Key for allowing 3rd party scripts to access your WHM on Reseller, Virtual, or Dedicated plans. You can allow external scripts to perform a multitude of tasks from account creation, account termination, account suspensions and much more. ...
How do I login to cPanel?
When you first signed up with Sabaiko Hosting, you received a welcome email containing all the information you need to manage your service. Including your cPanel username and password. ...