UPDATE: I’ve recently written several posts about WordPress security, which you can read here:

• How to know if your WordPress site has been hacked.
• How are most WordPress websites hacked?
• Let’s Go Phishing – How a thoughtless click almost costed an event planner her Website.

I recently Googled my client’s sites and saw this awful message:

I didn’t design their site, I was hired for maintenance and marketing consulting. I thought that this must have to be some kind of mistake on Google’s part, but I looked through the site files and found 3 malicious files that were put there by what was indeed a hacker. They even left a calling card.

Luckily I found it and removed it before more damage was done, as it appears that whatever they wanted to do hadn’t been executed yet.

But this goes to show…your site is NEVER too small to be hacked.

This wasn’t some major e-commerce conglomerate, and it wasn’t even a site that handled credit card information…but that doesn’t mean it is too small to be hacked.

“Why would someone want to hack my little old site?”

1. To show that they can.
2. To gain access to your saved passwords and the saved passwords of your clients and use them elsewhere on the Internet (bank logins, etc.)
3. To gain access to other, more important and sensitive, parts of your site.
4. To turn your site into a virus, attempting to infect everyone who visits it.
5. To hold your site for ransom…shutting it down and putting their own message up until you pay hundreds or even thousands of dollars to have it released.

These are serious threats, and no site is too small.

Here’s what you should do right now:

1. Be sure to have good STRONG passwords for everything involving your site. It’s also a good idea to not use the same passwords elsewhere online. I know that’s a pain in the butt, but with many browsers saving your passwords for you, it’s a lot easier now than it used to be.
2. Consider installing an SSL certificate which will encrypt data transfers on your site (as well as increase your Google rankings and boost conversions).
3. Consider purchasing Cyber Liability Insurance. This ensures that if your site is hacked and data is stolen from your customers, you are able to cover your liability.
4. Get your site fully checked for malicious code, malware, and security vulnerabilities which is something I can do for you. Click here to request a check up now.

Site hackings are scary stuff, for sure. This is the first time I have had to deal with a real threat personally, and I hope it doesn’t happen to you. Please don’t hesitate to reach out with any questions.