Donate to Remove ads

Got a credit card? use our Credit Card & Finance Calculators

Thanks to johnstevens77,Bhoddhisatva,scotia,Anonymous,Cornytiv34, for Donating to support the site

Website hacking

A virtual pub for off topic, light hearted pub related banter and discussion. No trainers
brightncheerful
Lemon Quarter
Posts: 2210
Joined: November 4th, 2016, 4:00 pm
Has thanked: 424 times
Been thanked: 800 times

Website hacking

#16971

Postby brightncheerful » December 20th, 2016, 5:34 pm

Mrs Bnc's favourite skin-care company's website has been hacked and her credit card possibly compromised. She has contacted her card provider and they have locked her card and will be sending her a new one. (Just think: spouse, Christmas shopping, no credit card: welcome to the real world!) Mrs Bnc who about a year ago noticed something fishy about the skin-care company website contacted them to say in future she'll buy their products from John Lewis, rather than risk a repeat of this inconvenience. This is not a small company, the only reason to sell direct is to boost its profit margin.

Hacked websites have become increasingly prevalent. Wondering why, I've obtained a report by a cyber-security company which makes interesting reading.

Apparently there are currently over 1 billion websites. Not all sites are transactional (e-commerce, on-line sales) but a growing number are. Over a third of the websites online are powered by four key platforms: WordPress, Joomla!, Drupal, Magento. WordPress is leading the open-source Content Management Systems (CMS) market with over 60% market share.

In March 2016, Google reported that over 50 million website users have been greeted with some form of warning that websites visited were either trying to steal information or install malicious software. In March 2015, that number was 17 million. Google currently blacklists getting on for 20,000 websites a week for malware and another 50,000 a week for phishing.

An analysis of >11,000 infected websites, 75% were on the WordPress platform and over 50% of those websites were out of date. The researchers have found that the fault is rarely to do with the core of the CMS application itself, but more with improper deployment, configuration, and overall maintenance by the webmasters and their hosts. For example, software extensions, plug-ins, components, modules, templates, themes, and so on.

The conclusion is that the technical aptitude required to have a website drops, the inverse will be seen in attacks (the weakest link is the webmaster). A drop off in the knowledge requisite to have a website is breeding the wrong mindset with website owners and service providers.

Yours truly tends not to stray from his preferred suppliers. Even so, something crept in between my transaction and Amazon a while back, rendering my credit card company to flag a potential fraud and block my card. Amazon said my account was unaffected, also that it couldn't possibly be them, but there is comment on-line that hackers have been getting into third party seller accounts on Amazon and diverting payments for non-existent items.

I appreciate that what I am about to say might not be to any law abiding decent honest upright citizen's liking but I have a sneaking admiration for the technical know-how of hackers and their ability to find openings or windows of opportunity. In a bygone times in rural areas it was usual for people to go away for a day or more having left their house doors unlocked but do that in towns and cities is just stupid. Mind you, some 40 years ago when living in London, I left the front door of my house slightly ajar whilst I was out for a day: entering with trepidation, gave me a shock when I realised what I'd done.

I reckon that businesses take a chance. I think they weigh up the risk that the customer will think that theft of credit card details, etc is just one of those things that customers should be expected to accommodate. Okay, there is a shortage of website-ssavvy technical people but I'm not convinced that businesses pay anything like as much attention to the foundation/structure of transactional websites as they do to the relatively superficial interface with the customer. Paradoxically, if a thief broke into one of the retailer's shops and stole some items, just imagine the outcry if the retailer were to say that the fault lay with the customer browsing and by doing so drawing the thief's attention to the goods.

One suggestion, made by a Fool I think, is to have more than one credit card and for use on-line a card with a low credit limit. The snag is how to buy anything over the limit. I hasten to add this was only when I was much younger but whenever I was asked why I carried a few hundred pounds in cash in my back pocket, I said that were my car to break down I might have to buy another one to get home. However, my favourite was reading about a woman that used her credit card to buy a £75,000 yacht for her husband, she said he never carries cash, it ruins the line of his trousers!

Return to “Beerpig's Snug”

Who is online

Users browsing this forum: No registered users and 7 guests