Start a conversation Sign in
Start a conversation
  1. Eicra Soft Limited
  2. Knowledgebase
  3. Billing Question

Phishing - Preventing phishing your Identity and Finances


What is phishing?

Fraudsters send fake emails or set up fake websites to trick you into disclosing your username and password. This practice is usually referred to as "phishing". 

Typically, fraudsters try to trick you into providing your username and password so that they can gain access to an online account. Once they gain access, they can use your personal information to commit identity theft, charge your credit cards, empty your bank accounts, read your email, etc.



There are a few things that need to be cleared in terms of terminology : 


1. Hits - this simply refers to the number of 'elements' loaded on your site. If one page has five images in it, viewing that page once adds 6 hits (one page + five images).
2. Impressions - the number of times all the pages on your site are seen (also simply called pageviews). Impressions are sometimes referred to as 'hits' which can cause confusion.
3. Uniques - the number of people that visited your site.

So to clarify, if I visit your website, look at two pages, and each page has 5 images on it, then your stats increase by one unique, two page views, and 12 hits. Tracking on your site can be either done server-side or remotely. With server-side statistics, log files are used to generate visitor information. This is usually much more accurate than remotely hosted solutions. In such cases, you usually have to add some javascript to your site. 

 
This javascript is then used to track visitor data. If your host provides it (and many do), server-side statistics are a good solution. Otherwise, companies like Site Meter can be used to remotely track your visitors.

How can I prevent it?

Phishing mainly occurs exploiting the vulnerability of software installed on your domain.

Here is how you can prevent it:

Always keep the software installed on your domain up to date.

  • Upgrade the software whenever a new version is released.
  • Remove any outdated scripts or application installed on the domain.
  • Directories with 777 permission are world writable and easily exploitable. The permission of the files should be 644 and the directories should have 755 permission.
  • If you have any folder owned by the user "nobody" or "apache", please correct the ownership of it.


How can I remove the blacklist once the site is affected?

Once your site is blacklisted by anti-phishing organizations, only those organizations can remove your site from their blacklists.

Remove all phishing-related files and scripts immediately from your website. Once removed, you will have to wait until the blacklist time runs out. They will normally remove the blacklist once the phishing activity on your site has been stopped.

Choose files or drag and drop files
Was this article helpful?
Yes
No

  1. Support-Agent

  2. Posted
  3. Updated

Comments