What are some of the signs that your site has been hacked or compromised

Home, - Discuss the major types of attacks damage your site

Question - Imagine you are the owner of an e-commerce website. What are some of the signs that your site has been hacked or compromised? Discuss the major types of attacks you could expect to experience and the resulting damage to your site. What are the ways to prevent our e-commerce website from hackers or unauthorized access?

Answer -

There are common signs which show that an ecommerce website has been hacked. The signs are seeing a ransom ware message, receiving antivirus message which is not genuine, searches on internet are redirected, there is appearing of frequent pop-ups on site, the password of website does not work. Other signs are site is loading very slowly than a normal speed; emails from site are appearing in the spam section of customers email. Furthermore, the website can be compromised when there is cross site scripting attack. In case, if the website shows an abnormal behaviour and a negative performance than it is a sign of compromise.

The various type of attack for e-commerce websites include cross site scripting which is most common attach covering around 40% of all the attack which targets the user of the site. Another attack is the injection attack which can result in highest risk as it targets the database directly and thus business need to develop a strong piece of code for website. Phishing is another attack which can compromise the integrity. Phishing attack email and involve spoof email address and use persuasive language. Distribution denial of service attack render the website offline and site become unavailable for some visitors.

There is need to use automated security scanners which will monitor the website regularly and will provide regular notifications if the website is having any vulnerabilities. There is needed to run an initial vulnerability assessment for the website to continuously scan on the attempt of attack, security threats, and malicious attack on software. There is also need to use the ethical hacking method to check the level security if up to standard. In case if there is sudden unusual sign of heavy traffic even after no marketing campaign has been executed then it can be a sign of attempt of hacking and need to be monitored through the use of analytics to figure out the path of traffic. There is need to have a common practice of regularly checking website to notice the odd appearing on website timely and take right action to protect the website. Company can also take feedback from customers if they notice any warning signal for website or unusual activity as it will be helpful to take immediate action. Injection based attacks can be control with the help of using authentication workflow of third party to outsource the protection of data. Enough training will be provided to employees to recognize such attempts of attack like phishing attack. Company will be using content delivery network to mitigate traffic which will be properly load and scalable for huge traffic.

Leave a comment


Related :-