Posted by Brad Kort on Apr 20 2017 16:47
I just returned from the HostingCon conference in Los Angeles. The keynote speech was an impressive presentation by Kevin Mitnick, the renowned hacker. It was a fascinating presentation, including gems like finding the social security number of a random audience member. It took him 90 seconds to find that, his mother's maiden name, phone numbers, addresses and more. However, my key take away is that social engineering is the number one Magento exploit. Security experts report 100% success rates in penetrating companies if they use social engineering. And, it's something you can easily protect your site from.
What is Social Engineering
According to WebRoot, social engineering is "the art of manipulating people so they give up confidential info. The types of info these criminals are seeking can vary, but when individuals are targeted the criminals are usually trying to trick you into giving them your passwords or bank info, or access your computer to secretly install malicious software–that will give them access to your passwords and bank infor as well as giving them control over your computer." Our clients rely on Web 2 Market to secure their sites because Web 2 Market Magento hosting and AbleCommerce hosting are PCI compliant. Our coding follows best practices to protect our clients' sites from hackers. We've had tremendous success keeping the bad guys out. Nevertheless, that can all be undone by your warehouse employee or office staff being easily duped by a hacker with bad intentions. The good news is that protecting yourself involves a few simple good practices.
Here are a few examples to look out for:
How do I Protect Against this kind of AbleCommerce or Magento Exploit?
The solutions are fairly easy. The trick is to follow them religiously. When you're busy, it's easy to skip the right process. But that's what hackers are counting on. Don't help them!
In conclusion, protecting your self against a Magento exploit like hackers, phishing attacks and spammers doesn't need to be hard. Think before you act. Follow good practices. Use common sense. And if you're not sure, contact us and we'll be glad to help.
-Brad Kort, MBA