Protect Yourself from Phishing!

  An educated user is a safe user. We want your experience with us to be as memorable as possible, but for the right reasons! Becoming familiar with how you can protect yourself from unauthorized intruders will help to ensure you have a pleasant stay with Acenet, Inc. Your security is our concern. The following will give you some background information in phishing and help to lay out the part you play in ensuring your web space is safe and secure.

  As defined by Wikipedia, phishing is the act of tricking someone into giving up confidential information or tricking them into doing something that they normally wouldn’t do or shouldn’t do. For example: sending an e-mail to a user falsely claiming to be an established, legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. In web hosting, phishing more often presents itself as a website designed to look much like the login for the site it is trying to mimic.  Popular examples include eBay phishing, Barclays, PayPal, and Bank of America.  A phishing site will often appear to be the targeted site.  When a user logs in, the login is stored and can be used at a later time by the phisher for identity theft. 

  We understand that most people have no affiliation with the phishing material presented on their site.  They probably don’t even know it’s there.  Most phishing material is able to be uploaded onto an unsuspecting client’s webpage through insecurities in the user level scripts running on the account. 
  This has no relation to server side security.  We maintain our server’s security at the root level.   If any security patches are required at the root level, we are quick to make the necessary adjustments to keep our servers secure.   It is up to the client to ensure security at the user level. 
  Website design is an ever changing field.  Script developers are always updating their software to include the newest features, additional content, and most importantly of all, security patches.  It is not uncommon for there to be security holes in popular scripts.  Once these holes are identified, attackers can use these to compromise your account for their own purposes.  Script developers are usually pretty quick to patch these holes and release a new version, however, it is up to you as an end user to actually update your software to the latest version.  Acenet does not monitor the content placed within user space.  It is entirely the responsibility of the client to know what scripts they are using and ensure they are secure.

  This is how the majority of phishing scams get present on websites.  Obviously there are other concerns. You should never share passwords.  As more people have your passwords, there are larger chances there is content on your site that you don’t know about.

  Make sure your password is secure.  Attackers will often utilize a “brute-force” password hack.  They will often automate a login process and try to use all of the words in a dictionary as the login.  Ensuring that your password is a random string of characters and is not located in a dictionary can help to keep your webspace secure.

  By ensuring that you run the latest copy of all scripts on your account, you can help reduce your chances of being compromised.  It is your responsibility to frequently check the software that you run and make sure that there are no security holes.  Simply contact the author of the script if you have any doubts.
  Fantastico now offers automatic email notifications when a new version of your software is available. If you have installed any scripts through Fantastico, you can configure the server to send you an email everytime one of your web scripts has an update available. To view a demo on how to Setup Fantastico Email Notifications, please see our Video Demo:

Setting Up Fantastico Email Notifications

Thank you for taking an active part in your website's security and helping us to keep our servers safe and secure.

Acenet, Inc.