0345 2413052
Blog
blog
by
Telephone0345 2413052

Some nasty new emails to watch out for..

Dangerous emails
Your pc is at risk of infection if you click on a link or open an attachment  in these emails

Phishing emails on the rise again – don’t get caught!

I came across 3 new spam/phishing emails and one Trojan Horse email this week alone. I thought you need to know about them and consider yourself warned NOT to open any link or attachment.

Phishing Email 1

Apparently I’ve bought a phone from Amazon.com and this is the shipping confirmation.

I haven’t bought anything from Amazon in the States (dot com domain name) and I already have an iPhone.

What is more dangerous about this email is that it is not telling you to click the link, it just sits there expecting you to want to find out more. The link goes nowhere near Amazon and you will end up giving some criminal your Amazon login details.

Phishing Email 2

Another nasty email using the Amazon brand name is this one purportedly offering an Amazon reward card etc.

They don’t even pretend that they are Amazon and even let you know that you need to give the more details before you may get a gift card. I doubt any exist.

Phishing Email 3

Dropbox is an excellent tool for storing documents and allowing others to access them from anywhere, including you.

The link wanting me to open this file apparently shared to me from an Educational email address goes nowhere near Dropbox. Do not click this link!

Malware/Trojan Horse Email

This is another that bothered me. Apparently Companies House has had a complaint about our business. Companies House do not receive complaints about companies. They have confirmed this.

The problem is the Word attachment. Unfortunately Microsoft word can contain programming called MACROS which can install malware on your computer. Do not open the attachment if you get this.


Some definitions to help you

malware

noun
Software which is specifically designed to disrupt, damage, or gain authorised access to a computer system.

Trojan Horse

noun
A program designed to breach the security of a computer system while ostensibly performing some innocuous function.

phishing

noun
The fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.


Stay safe folks….

What is an SSL? Why do I need one?

buy a cheap ssl
Picture courtesy of Symantec

What is an SSL & Why do I need one?

SSL Certificates also known as Secure Sockets Layer (SSL) is a security protocol used by Web browsers and Web servers to help users protect their data during transfer.

Now is the time when you need to buy one and have it installed in your website. Google wants the whole Internet to be secured. We agree, but website owners need to understand what this means for them so they can purchase the correct type of SSL.

You should take advice before buying as there are many alternatives.

SSL Certificates are small data files that digitally bind a cryptographic key to an organisation’s details.

In the case of a Web browser, SSL activates the padlock symbol and “HTTPS” and allows secure connections from a Web server to the browser.

SSL is a security protocol that:

  • Protects user data during transfer.
  • Digitally binds a cryptographic key to organisation’s details.
  • Secures credit card transactions, data transfers, logon credentials, and more.
  • Provides authentication of the business and/or domain.

How do SSL Certificates work?

This is the process that happens when browser software encounters a website with SSL:

  1. The browser software (Internet Explorer, Chrome, Safari etc.) attempts to connect to a Website secured with SSL.
  2. The browser requests that the web server identify itself.
  3. The server sends the browser a copy of its SSL Certificate.
  4. The browser software checks whether it trusts the SSL Certificate. If so, it sends a message to the server.
  5. The server sends back a digitally signed acknowledgement to start an SSL encrypted session.
  6. Encrypted data is shared between the browser and the server.

That’s the technical stuff over with.

The bottom line is that Google is on the war path against unsecured websites. Your website can lose its ranking or be flagged as NOT SECURE if you don’t get one installed by your developers.

What sorts of SSL are available?

There are many types of SSL available but for the purposes of this article I will outline the three most commonly used and the types of website that they are most suited for.

  1. Domain Validated (DV) Quick, basic certificates that only need to verify that a person owns the domain they need to protect before being issued.

Used on simple brochure websites that are not one of the main marketing activities of the company. Thawte is a popular provider of these (they have others as well).

  1. Organisation Validated (OV) More robust certificates that require a light company validation before being issued.

More suited to companies whose reputation and brand are important to them. GeoTrust is a good example. (Again all major providers do these types)

  1. Extended Validation (EV) The most premium SSL certificates that require a company to complete an extensive validation process before the certificate is issued.

Ecommerce websites and others who wish to be secured by a recognisable security certificate such as Norton (Symantec). (And you guessed it, the other CA’s – Certificate Authorities – also do these).

I know that there are other providers but I’m trying to keep things simple!

Which is right for you?

That’s not an answer that I can give here as there is a conversation to be had about the most suitable SSL for your business and your business website.

If you want more advice about this rather important development, then please get in touch with us for some free advice. We can even install an SSL into your website if you need one. Call 01746 769612.

SSL Stop press: You now NEED to secure your website.

“from January 2017 Google will penalise websites that do not use a secure connection”

Website security - ssl's
Do you want your website contact form to look like this? Image courtesy of Google.
Q: Why do you need an SSL on your website?
A: Because Google will show your website as NOT SAFE if you don’t.

In June 2016 I wrote a blog article on why you should secure your website. The full article is here: www.clickingmad.com/blog/why-should-your-website-be-secured

Essentially an SSL means that communication between the website you are using and the server it is hosted on is treated as a secure connection. You will have noticed the padlock on shopping websites, for example.

All websites now need securing with an SSL, not just shopping websites.

There has recently been an update by Google.

In an update reported to me today Google has said that from January it will effectively penalise websites that do not use a secure connection.

They now tell us that they expect to be warning users not to use forms on websites that are not secured by an SSL. (SSL stands for secure socket layer) within their Chrome browser. Your website visitor will leave your website if they see this.

You have been warned!

If you want advice on what type of SSL your website needs, then please get in touch with us. All our advice is free.