By Chris David
“We have hacked your website and extracted your databases. Our team has found a vulnerability in your site that we exploited to gain full control of all your information. We will damage your reputation, first by selling your customer information to the highest bidder, then by emailing your customers to tell them that you were at fault.”
What would you do if you got a message like this?
Recently, we received an email from a web site that we developed and host. The message claimed that the website was hacked and explained steps that we could take to get the data back. In short, the message demanded a “ransom payment” in bitcoin, or the hacker would release customer information, damage our reputation and take the site offline.
Here’s an excerpt from that email…
Our team has found a vulnerability in your site that we were able to exploit. After finding the vulnerability we were able to get your database credentials and extract your entire database and move the information to an offshore server.
What does this mean?
We will systematically go through a series of steps to totally damaging your reputation. First your database will be leaked or sold to the highest bidder. Next if there are e-mails found they will be e-mailed that their information has been sold or leaked and your site was at fault thusly damaging your reputation and having angry customers/associates. Lastly any links that you have indexed in the search engines will be de-indexed based off of blackhat techniques that we used in the past.
How do I stop this?
We are willing to refrain from destroying your site’s reputation for a small fee. The current fee is $2000 USD in bitcoins (BTC).
What if I don’t pay?
If you decide not to pay, we will start the attack and uphold it until you do, there’s no counter measure to this, you will only end up wasting more money trying to find a solution. We will completely destroy your reputation among google and your customers.
We immediately checked the website mentioned in the message. The website was NOT hacked, as the author had claimed, and NO customer information was leaked.
But, big points go to the message author for creativity and ingenuity. A lot of effort went into crafting a message this elaborate. The author/scammer probably wrote a bot program to scan sites and use the online contact forms to send many such messages. If only a few people comply with the message demands and pay the ransom, then the effort is well worth it (from the scammer’s perspective).
Even though the claims in the message were false, getting an email like this was a good reminder to review our website security. What about your website? If you have a website for your small business, what steps can you take in just a couple minutes to make sure you don’t fall prey to a scammer or hacker like this?
Make sure your website and database are regularly backed up, to another location. Depending on how often you update content, we recommend a once weekly, or daily backup.
Update your website with the latest security patches. If you use plugins on your site, make sure to check for updates at least once a month.
Periodically review all accounts that have access to your site. Remove any old or unused accounts. Also consider auditing all logins and exceptions on your site.
Your website has been hacked?
Cybersecurity is more important than ever! Do you have a website for your small business, or even just as a personal hobby? Have you ever received a message like the one above? If so, what did you do?