Most of the time it will be obvious to you that your website has been affected – either someone will tell you that they have read something unsuitable on it or, in severe cases it simply will not function properly.
However, cyber-attacks are increasing both in terms of their frequency and sophistication. One of the ways in which your business can unknowingly be affected is a type of spam called ‘content injection attack’.
A hacker will identify a security vulnerability and insert malicious content onto your website replacing or adding to your legitimate content. They will then ‘cloak’ the content so that it isn’t visible to the human eye.
If search engines detect content they believe to be spam on your blog or website it will affect your rankings – in some cases, they could de-list your website entirely.
Fortunately, Google’s webmaster tools provide 2 ways for you to check and see if you have been affected:
- Security Issues – robots regularly scan your site for signs of content injection attacks and will report anything suspicious within the security issues section
- Content Keywords – google lists, from highest to lowest frequency, the main content keywords it associates with your website. Regularly check this list for any unusual keywords that bear no relation to your site content.
Not signed up to Google Webmaster Tools? Visit this link to get started today.
What preventative measures can you take to minimise the chance of becoming a victim to a Contact Injection Attack?
- Ensure your version of WordPress is up to date.
- Implement good password management. Make sure it is unusual (the longer the better) and frequently change it
- Avoid using ‘Admin’ as your user name – please refer to this article if you need to learn how to change this
- Keep your wordpress version number hidden – use a simple plugin to do this.
Around 80% of cyber security attacks could be prevented with simple risk management, so take action by applying some of the simple measures listed above.