About 10 days ago, my main website was hacked in a Phishing scam and somewhere deep down in the file structure it was made to look like the Italian Post Office.
Now that’s bad, but it didn’t exactly scare off any of our customers. Our site still worked, it just had a parasite feeding off it.
On Monday morning I was happily going about my work when I dropped by our site and found it had been replaced by this delightful picture, plus a rather rude message in Indonesian. Then a click box appeared and when you clicked on it, it made your browser window spin around your screen and get smaller and smaller until it closed. Not really a good sign to our customers that this is a safe and professional place to shop.
Things ended up going from bad to worse as the week went on and by Thursday, my site was pretending to be Chase Bank, a 59 Billion USD American Bank. They weren’t too happy about this and had us closed down. This meant that I had to sit on the phone with my web host company at 3am trying to solve it. Just as we were getting the main website back up and running and while I was still on the phone to the webhost, I got an email from another department of the webhost closing down a second account I had with them because it had been hacked and was now trying to send millions of emails to people.
Ooops.
The method used in these last two hacks was very advanced (and quite impressive if it hadn’t been for the fact that these hackers are arseholes).
Anyway, now I have had to spend the last few days working round the clock (15-16 hours a day) fixing these security holes. One website is now up and running secured and I am just keeping my fingers crossed that with a little luck, the hackers won’t hit my second site for a few days so that I can get that one sorted as well…
