Clickingmad News

Watch out for this Google docs phishing email

google docs phishing email

If you have received this “Google docs” phishing email in your inbox – DO NOT CLICK ON ANY LINK.
This is another phishing attempt.
Google Docs is a great online resource allowing you to create, store and share documents, spreadsheets and other useful things. The problem is that if you click on the link in the email it goes to what you might think is a selling website.
Where does it take you?

Continue Reading…
Clickingmad News

Retailer using WordPress fined £55k by ICO.

I noticed a press release by the ICO today that is worth passing on to website owners. Particularly WordPress website owners.

It highlights the need for adequate security and good technical website development when storing clients information as not just “good practice” but as something that can become financially painful if you get it wrong.

Continue Reading…
Clickingmad News

Some nasty new emails to watch out for..

Your pc is at risk of infection if you click on a link or open an attachment  in these emails

Phishing emails on the rise again – don’t get caught!

I came across 3 new spam/phishing emails and one Trojan Horse email this week alone. I thought you need to know about them and consider yourself warned NOT to open any link or attachment.
Phishing Email 1
Apparently I’ve bought a phone from Amazon.com and this is the shipping confirmation.

Continue Reading…
Clickingmad News

What is an SSL? Why do I need one?

Picture courtesy of Symantec
What is an SSL & Why do I need one?
SSL Certificates also known as Secure Sockets Layer (SSL) is a security protocol used by Web browsers and Web servers to help users protect their data during transfer.

Now is the time when you need to buy one and have it installed in your website. Google wants the whole Internet to be secured. We agree, but website owners need to understand what this means for them so they can purchase the correct type of SSL.

You should take advice before buying as there are many alternatives.

Continue Reading…
Clickingmad News

SSL Stop press: You now NEED to secure your website.

Do you want your website contact form to look like this? Image courtesy of Google.
Q: Why do you need an SSL on your website?
A: Because Google will show your website as NOT SAFE if you don’t.
In June 2016 I wrote a blog article on why you should secure your website. The full article is here: www.clickingmad.com/blog/why-should-your-website-be-secured

Essentially an SSL means that communication between the website you are using and the server it is hosted on is treated as a secure connection. You will have noticed the padlock on shopping websites, for example.
All websites now need securing with an SSL, not just shopping websites.
There has recently been an update by Google.

In an update reported to me today Google has said that from January it will effectively penalise websites that do not use a secure connection.

Continue Reading…
Clickingmad News

What is an SSL certificate?

I often have to explain why many websites, particularly ecommerce websites need added security.

I thought therefore that the following extract from our certificate provider Thawte, would be interesting.:

“An SSL certificate is a bit of code on your web server that provides security for online communications. When a web browser contacts your secured web site, the SSL certificate enables an encrypted connection. It’s kind of like sealing a letter in an envelope before sending it through the mail.

SSL certificates also inspire trust because each SSL certificate contains identification information. When you request an SSL certificate, a third party (such as Thawte) verifies your organisation’s information and issues a unique certificate to you with that information. This is known as the authentication process.

For public web sites where customers enter credit cards or other high value information, you need to quickly show users proof of your web site’s identity and encryption. An SSL Web Server Certificate with EV turns the address bar green in high-security browsers and displays your verified organisation name, making it easy for users to trust your site”

In some technical detail (for those of us who are interested!) here is some more stuff…

“What Happens between the Web Browser and Server?
A browser attempts to connect to a web site secured with SSL. The browser requests that the web server identify itself.
The server sends the browser a copy of its SSL certificate.
The browser checks whether it trusts the SSL certificate. If so, it sends a message to the server.
The server sends back a digitally signed acknowledgement to start an SSL encrypted session.
Encrypted data is shared between the browser and the server.

SSL Fundamentals
There are 3 essential elements at work in the process described above: a protocol for communications (SSL), credentials for establishing identity (the SSL certificate), and a third party that vouches for the credentials (the certificate authority).

Computers use protocols to allow different systems to work together. Web servers and web browsers rely on the Secure Sockets Layer (SSL) protocol to enable encrypted communications. The browser’s request that the server identify itself is a function of the SSL protocol.
Credentials for establishing identity are common to our everyday lives: a driver’s license, a passport, a company badge. An SSL certificate is a type of digital certificate that serves as a credential in the online world. Each SSL certificate uniquely identifies a specific domain (such as thawte.com) and a web server.
Our trust of a credential depends on our confidence in the organisation that issued it. Certificate authorities have a variety of methods to verify information provided by individuals or organisations. Established certificate authorities, such as Thawte, are well known and trusted by browser vendors. Browsers extend that trust to digital certificates that are verified by the certificate authority.”

I think that covers it lol.

If you have any questions or would like to install some extra security on your website, let us know.

Continue Reading…