Don’t be fooled by “phishing” emails

Yesterday an article appeared in the Toronto Star about an email extortion scam that a number of clients have called or emailed us about over the last couple of months.

Generally the emails being received go something like:

“We saw what you were looking at online.  Send money to a bitcoin account or else we will email all of your contacts with what you did.”

The email may look like it is coming from your own email address, and to make it extra convincing, it may even have one your passwords in it.*

OR

An email that appears to come from a company’s president, cfo, or other executive is sent to someone in accounting with instructions to make a special payment to a person or company.

Both of these are ‘phishing’ emails.  They are not directly targeted to you, and the senders don’t know who you are. They send millions of these emails out and some percentage of people fall for them, making it a lucrative business.

Don't fall for these fake emails

Great tools to help with SEO.

There are some excellent seo plugins for Wordpress. We typically use Rankmath or Yoast. When you’re editing a page in Wordpress they give each page a score provide feedback about how to improve the search engine optimization  of the page.If you want an independent tool for digging deeply into your sites seo, including keyword research, seo audits, competitor analysis and more, check out
SEM Rush.

 

Looking for excellent Wordpress hosting? Check out Kinsta. Easy to use, fast, and secure.

2. Use a security plugin

Wordpress security plugins can do a lot to protect your site: from blocking multiple attempts to break into your website to scanning for modified files and folders. Most are free, some have a relatively inexpensive paid Pro option which can be worth it for greater peace of mind.

We use Wordfence on most sites ourselves, but there are other great security plugins out there like Sucuri and iThemes Security Pro.

Don’t fall for them.  And don’t click on any links in them.

If you have a question about a suspicious email you’ve received feel free to contact us or your local IT provider.

See the full article at:
https://www.thestar.com/news/canada/2018/11/12/hackers-threat-pay-857-in-bitcoin-or-your-secret-life-goes-public.html

* How did they get your old password?

There have been many account hacks over recent years, think Home Depot, LinkedIn, MySpace and others.  All of those stolen passwords are available on the internet, and can be bought by the bad guys.  If you use the same password on more than one account (most people do), there is a chance you could still be using the password they have purchased.

You can check if your email address exists in the stolen password databases at https://haveibeenpwned.com, an Australian security company.