Security Challenges on the Horizon for Website Publishers
If your business made it through the past year without a breach, congrats! It was a tough one for site publishers around the world. Countless records were lost and hundreds of millions of individuals had personal information stolen.
But there’s no rest for the weary when it comes to website security. At Black Raven Digital, we’re on-hand to answer your website security and compliance questions – or at least point you to someone who can.
Let’s start with a peek at what to expect in 2020 (hint: it’s a lot more of the same).
SQL Injections
If your site has entry fields (to collect email address or payment data), it’s susceptible to SQL injections. Hackers can use form fields to access or even manipulate your site’s databases. They do this by injecting malicious code into a form that makes it do something you didn’t intend for it to do, like extract your customers’ private information.
There are ways to prevent SQL injections that are fairly easy to execute if you know what you’re doing – parameterized statements and object relationship, for instance. Keeping your site up to date, configuring proper error reporting and living by the principle of least privilege are also good places to start. (No idea what we’re talking about? No sweat. we’d be happy to talk you through it).
Cross-site Scripting (XSS)
Cross-site scripting is an attack method hackers use to redirect users to sites that make it possible to steal data. The goal is to steal a login credential, or get the user to connect to a site that will allow a hacker to run malware scripts.
But that doesn’t mean it isn’t your problem. Cross-site scripting stems from a vulnerability on your site that lets a hacker inject client-side scripts. In other words, if it’s affecting your users, then it’s your problem.
Phishing
Beware of becoming a phishing victim (for instance, be suspicious if you get an email asking you to reset your password).
And beware of accidentally propagating phishing pages. Hacked websites are often used to launch phishing campaigns that deceive users – your users – into giving away sensitive information.
Make sure you’re exercising good judgment on your end, and that you’re using security plugins to protect your site and its users. And if you have questions or concerns, we’re happy to help. Security by design is one of our core values here at Black Raven Digital.
More from Black Raven
Recent GA4 Spam Attacks are Built Different: What You Need to Know
If you want to maintain accurate analytics data and make informed decisions (you do), you have to be aware of spambots that may threaten your
Your Website’s User Experience is an Extension of Your Brand
Why does UX optimization matter? When nearly every business has a website, User Experience (UX) stands as a key differentiator for a successful online presence.
The Best and Worst Ways to Engage With Your Audience on Social Media
Each step you take into social media can offer new lessons and insights into how best to connect with your audience online. But there are