|
An educated user is a safe user. We want
your experience with us to be as memorable
as possible, but for the right reasons!
Becoming familiar with how you can protect
yourself from unauthorized intruders will
help to ensure you have a pleasant stay with
Sabaiko Media. Your security is our concern.
The following will give you some background
information in phishing and help to lay out
the part you play in ensuring your web space
is safe and secure.
Phishing: Definition
According to google, phishing is the act of
tricking someone into giving them
confidential information or tricking them
into doing something that they normally
wouldn’t do or shouldn’t do. For example:
sending an e-mail to a user falsely claiming
to be an established, legitimate enterprise
in an attempt to scam the user into
surrendering private information that will
be used for identity theft. In web hosting,
phishing more often presents itself as a
website designed to look much like the login
for the site it is trying to mimic. Popular
examples include eBay phishing, Barclays,
PayPal, and Bank of America. A phishing
site will often appear to be the targeted
site. When a user logs in, the login is
stored and can be used at a later time by
the phisher for identity theft.
How Phishing Scams Get on Your Site
We understand that most people have no
affiliation with the phishing material
presented on their site. They probably
don’t even know it’s there. Most phishing
material is able to be uploaded onto an
unsuspecting client’s webpage through
insecurities in the user level scripts
running on the account.
This has no relation to server side
security. We maintain our server’s security
at the root level. If any security patches
are required at the root level, we are quick
to make the necessary adjustments to keep
our servers secure. It is up to the client
to ensure security at the user level.
Website design is an ever changing field.
Script developers are always updating their
software to include the newest features,
additional content, and most importantly of
all, security patches. It is not uncommon
for there to be security holes in popular
scripts. Once these holes are identified,
attackers can use these to compromise your
account for their own purposes. Script
developers are usually pretty quick to patch
these holes and release a new version,
however, it is up to you as an end user to
actually update your software to the latest
version. Sabaiko Media does not monitor the
content placed within user space. It is
entirely the responsibility of the client to
know what scripts they are using and ensure
they are secure.
This is how the majority of phishing scams
get present on websites. Obviously there
are other concerns. You should never share
passwords. As more people have your
passwords, there are larger chances there is
content on your site that you don’t know
about.
Make sure your password is secure.
Attackers will often utilize a “brute-force”
password hack. They will often automate a
login process and try to use all of the
words in a dictionary as the login.
Ensuring that your password is a random
string of characters and is not located in a
dictionary can help to keep your webspace
secure.
How can I prevent phishing
material/compromises?
By ensuring that you run the latest copy of
all scripts on your account, you can help
reduce your chances of being compromised.
It is your responsibility to frequently
check the software that you run and make
sure that there are no security holes.
Simply contact the author of the script if
you have any doubts.
Following the password suggestions above
will also help to ensure your account
contains only the material you personally
place on it.
Thank you for taking an active part in your
website's security and helping us to keep
our servers safe and secure.
-Sabaiko Media
|
