I know a business that had its website hacked: Its entire customer database was hijacked and thousands of customer credit card numbers were stolen at the same time.
In the following months, the hackers did their best to steal as much as they could from this business through a number of “phishing” scams and direct email campaigns to the customers, all while posing as the legitimate business.
After months of heartache, expense and lost sleep, this company cleaned up the mess and the hackers moved on to greener pastures.
What’s the lesson for all of us?
Whether you operate a multimillion dollar ecommerce empire or generate part-time income with a small eBay or ebook enterprise, the following tips will help you fraud-proof your online business before it’s too late.
Protect Your Passwords
Never share passwords for sensitive applications such as web hosting, email, PayPal, bank accounts or anything else with anyone.
If you must share hosting passwords with web designers or programmers, change the password immediately after they complete work.
Change all your sensitive passwords on a monthly basis.
Use Proven Service Providers
Custom programming is great until someone figures out how to hack an unproven system.
When you use credit card and shopping cart providers like ClickBank, 1ShoppingCart, Authorize.net and PayPal, you greatly reduce the chances that your sensitive data will get hacked and stolen online.
A good, cross-cut shredder rates as just about the best investment you can make in online security.
Before throwing anything away, shred it.
The shredding list includes bank statements, check stubs, lists of names and emails, printed emails, and anything else that can lead someone back to you, a customer, an account or where you go or what you do online.
Fight the “Clone Wars”
Keep an eye out for illegal copies of your website posing as you or your business.
If you find someone posing as you online, the easiest way to shut them down is a direct frontal assault.
Contact their hosting company, their credit card processor, and their domain name registrar about the illegal activity. Threaten to sue them (the provider) if the illegal activity does not cease immediately.
Regularly check eBay for people selling bootleg copies of your products.
Set up automated searches to email you any time a listing gets placed with your name, product name or any reference similar to your product.
Sign up with eBay’s Vero program to get the offenders shut down immediately with a simple email from you.
What Mom Always Told You: “Never talk to strangers!”
That means never give any information to anyone via phone or email, especially if they call you.
Your bank, hosting provider, email service, ISP and PayPal already know your username and PIN number… they don’t need to call or email you to ask you to confirm it.
Never leave your physical mail (incoming or outgoing) in your mailbox overnight.
Don’t share any sensitive information with anyone who doesn’t need to know it.
Be careful of any shareware you download and use because it can contain spyware and even viruses intended to steal critical information.
Use common sense and never think you’re invulnerable to an attack that could derail your business with one little misstep.