Security essentials. Part 1 – workstation

This article describes basic, yet essential security practices for end users. We at WebHostingBuzz advise all our customers to follow these simple rules.

Please, note that keeping your workstation (PC, laptop, netbook, etc) secure will also prevent certain problems happening on your websites, e.g. those caused by stolen passwords to FTP, web hosting account, website backend and so on.

We have seen several cases when user’s workstation had been infected with viruses that ‘steal’ FTP passwords. This type of malware usually works in the following way:

1. You visit some website that is infected with malware/virus. In some cases malware code is added to website pages on purpose, however in most cases these websites are victims of hackers, and website owner may not even be aware of this.
2. The virus is automatically (and usually transparently) downloaded to your PC.
3. The virus will check if any FTP client software is installed on the PC. When found, it’ll check if “Save Password” feature is being used in the software and/or if any passwords are stored.
4. If any passwords are found – the virus will send all credentials (logins, passwords, etc) to a 3rd party server which is controlled by hackers.
5. An automated FTP connection is established using stolen credentials. This connection is used to download any .html or .php files from the target server (e.g. your FTP account).
6. Downloaded files are modified by including malicious HTML/PHP code which will spreading the virus further. These modified files are then uploaded back to the target server.
7. You website will now start infecting PCs of your visitors with viruses and other malware.
8. In most cases the above fact is spotted by Google and your website will be marked with “This site may harm your computer” message. This affects the reputation and popularity of your website and will keep doing the harm until the infected content is removed.

This is one of the simplest scenarios. Imagine everything above spiced with sending SPAM from your PC or from your website, stealing various sensitive information from you and from visitors of your websites, and so on.

Good news is that most such disasters can be prevented by following a few simple rules.

1. Check for any updates available for your operating system and install them. Set your operating system to download and install updates automatically (if possible).
2. Make sure you have antivirus/anti-malware software installed and set to be updated automatically.
3. Scan your PC for viruses and malware regularly, at least once every 4 weeks.
4. Check for the latest updates available for your browser, FTP client, email client and other software you’re using and install these updates.
5. Update Adobe Flash player to the latest version and set it to update itself automatically.
6. Consider deleting all passwords stored in your FTP client, browser, email client and not using “Save Password” in these softwares. Use specialized software that stores passwords and other sensitive data in encrypted form, for example, KeePass.
7. Change your passwords (FTP, email, cPanel and other passwords) regularly. We recommend to use password generators to make passwords hard to guess.
8. Never store your passwords or any other sensitive data in text or Word documents, even in password-protected ones.

These simple steps will ensure safety of your sensitive data.