Mass Automated Hack Attacks Targets Small Business Sites

Written by Dynamic Presence - July 21, 2018

Small Business Sites Are The Real Targets

We’re just a brick and mortar business with nothing important in the website for anyone to grab. Why will anyone want to hack in?

Probably the most straightforward thoughts from some business owners.

True enough but when mass automated bot attacks are in action, every website that’s index in the search engines is a live target.

Overview: The Automated Process To Hack

  • Constantly scanning the web for venerable websites lacking in site security measures and big in footprints
  • Launch automated attacks repeatedly until the bots gain control of the website
  • Malicious scripts injection for malvertising, cryptocurrency mining or whatever purpose

What Do These Hackers Want?

It can be anything from pure entertainment to monetary gains. Previously, the most common type of internet attacks was website defacement – Leave their mark on the homepage.

Website defacement is damaging to your brand online

Website defacement is damaging to your brand online

Recently and growing in volumes.

Sneaky redirects to some porn or gambling sites for affiliate dollars; to turn your sites into zombies for DDOS attack or for crytocurrency mining. Take a step further, takeover sites may also be the touch point to infect your visitor’s devices.

In fact most business owners are totally unaware their converging brand presence aka website has already been intruded for shady activities.

Real Case eCommerce Reference

Local business eCommerce website with marketing & advertising activities get script injection. Their website visitors who fall under a filter got redirected to an unrelated offer page.

Like most business owners, they’ll never know their site has been compromised if not for an email alert from one of their advertising channels – Adwords.

Adwords Subtle Warning and Temporary Suspension

Adwords Subtle Warning and Temporary Suspension

They tried to resolve on their own and ran their eComm site through Free Website Malware Scanner and nothing malicious gets detected. They knew this wasn’t the real case and soughed our help.

While the malware cleanup process and eventual site security measures were done up pretty quick at first response time, the business lost some running marketing & advertising dollars in other channels.

Most important, they have to recover from reputation damage and this equates to resources.

What’s Next?

Prevention is better than cure. While it’s impossible for our sites to be 100% safe from hacking intrusions, what we can do is to start laying the grounds to prevent these mass automated attacks.

Implementing site security layers and active monitoring should be included in your business growth online.