Search Advanced Search
Categories
cPanel (6)
Domain Names (2)
E-Commerce & SSL (1)
Security (4)
FTP (2)
Software (0)
WHM (1)
Search Articles
Advanced Search
Frequently Asked Questions
Search our FAQ to find resolutions to common issues.
Favorite Articles
Search Articles that you have marked as your favorite.
Our Links
Web Development
E-Commerce Solutions
Search Engine Optimization
Reseller Hosting
Web Hosting
Protect youself from Phishing

An educated user is a safe user. We want your experience with us to be as memorable as possible, but for the right reasons! Becoming familiar with how you can protect yourself from unauthorized intruders will help to ensure you have a pleasant stay with Sabaiko. Your security is our concern. The following will give you some background information in phishing and help to lay out the part you play in ensuring your web space is safe and secure.

Phishing: Definition

According to google, phishing is the act of tricking someone into giving them confidential information or tricking them into doing something that they normally wouldn’t do or shouldn’t do. For example: sending an e-mail to a user falsely claiming to be an established, legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. In web hosting, phishing more often presents itself as a website designed to look much like the login for the site it is trying to mimic. Popular examples include eBay phishing, Barclays, PayPal, and Bank of America. A phishing site will often appear to be the targeted site. When a user logs in, the login is stored and can be used at a later time by the phisher for identity theft.

How Phishing Scams Get on Your Site

We understand that most people have no affiliation with the phishing material presented on their site. They probably don’t even know it’s there. Most phishing material is able to be uploaded onto an unsuspecting client’s webpage through insecurities in the user level scripts running on the account.

This has no relation to server side security. We maintain our server’s security at the root level. If any security patches are required at the root level, we are quick to make the necessary adjustments to keep our servers secure. It is up to the client to ensure security at the user level.

Website design is an ever changing field. Script developers are always updating their software to include the newest features, additional content, and most importantly of all, security patches. It is not uncommon for there to be security holes in popular scripts. Once these holes are identified, attackers can use these to compromise your account for their own purposes. Script developers are usually pretty quick to patch these holes and release a new version, however, it is up to you as an end user to actually update your software to the latest version. Acenet does not monitor the content placed within user space. It is entirely the responsibility of the client to know what scripts they are using and ensure they are secure.

This is how the majority of phishing scams get present on websites. Obviously there are other concerns. You should never share passwords. As more people have your passwords, there are larger chances there is content on your site that you don’t know about.

Make sure your password is secure. Attackers will often utilize a “brute-force” password hack. They will often automate a login process and try to use all of the words in a dictionary as the login. Ensuring that your password is a random string of characters and is not located in a dictionary can help to keep your webspace secure.

How can I prevent phishing material/compromises?

By ensuring that you run the latest copy of all scripts on your account, you can help reduce your chances of being compromised. It is your responsibility to frequently check the software that you run and make sure that there are no security holes. Simply contact the author of the script if you have any doubts.

Following the password suggestions above will also help to ensure your account contains only the material you personally place on it.

Print  Email  Save  Comments  Notify Me  Add to Favorites 
Article ID: 10009 Article Created: 01-31-2009 08:18 AMLast Modified: 01-31-2009 08:18 AM

How well did this article answer your question? 100% 75% 50% 25% 0%

Most Recently Viewed Articles
Protect youself from Phishing
An educated user is a safe user. We want your experience with us to be as memorable as possible, but for the right reasons! Becoming familiar with how you can protect yourself from unauthorized intruders will help to ensure you have a pleasant stay with Sabaiko. Your security is our concern. The following will give you some background information in phishing and help to lay out the part you play in ensuring your web space is safe and secure. ...
DNS Propagation Explained
Propagation is a term you'll often hear when working with your domain's DNS settings, but what does it mean? Anytime you visit a website in your web browser, there is a lot going on behind the scenes to provide you with the requested content. When you load a webpage, your computer first attempts to resolve the domain you are visiting to an IP address. Domain names are a convention created to make websites easier to remember, but your browser needs a numeric address in order to fetch any website data. DNS is what allows your machine to make this translation....
What is the path to ImageMagick?
The path to ImageMagick may vary from system to system. ImageMagick will usually reside in: /usr/bin/...
Using FTP in Firefox 3
To start this article off, I'd like to first note that we DO NOT suggest using FireFox or any web browser for connecting to FTP. Simply put, web browsers are for browsing the web. Your refrigerator would cool your house if you left the door open, but it's not intended for that purpose. Similarly, browsers are not intended to function as an FTP client and, while they do support some FTP-like features, they are very limited in their FTP functionality....
phpBB3 Hardening
phpBB is a very popular, web-based forum software. As of the time of this writing, the current phpBB version is phpBB3. If you are running an older version of phpBB, we highly recommend that you upgrade your forums immediately. phpBB version 3 contains many useful features for securing your forums. As always, it's best to run the latest version of any web-based software to ensure any security holes are patched and your software can be trusted....
Register Globals & php.ini
All PHP implementations run with a default set of values for configuration variables. Such variables control properties such as the amount of memory a PHP script can use, whether to register global variables, where to store SESSION variables and much more....
What is a Remote Access Key?
WHM provides you with a Remote Access Key for allowing 3rd party scripts to access your WHM on Reseller, Virtual, or Dedicated plans. You can allow external scripts to perform a multitude of tasks from account creation, account termination, account suspensions and much more. ...
What is Hotlink Protection?
HotLink Protection prevents other websites from directly linking to files on your website. ...
Using FTP in Internet Explorer 7
To start this article off, I'd like to first note that we DO NOT suggest using Internet Explorer or any web browser for connecting to FTP. Simply put, web browsers are for browsing the web. Your refrigerator would cool your house if you left the door open, but it's not intended for that purpose. Similarly, browsers are not intended to function as an FTP client and, while they do support some FTP-like features, they are very limited in their FTP functionality....
What is my IP Address?
Wikipedia defines an IP address as a numerical identification (logical address) that is assigned to devices participating in a computer network utilizing the Internet Protocol for communication between its nodes. Your server's IP address is where your website is hosted on the internet....