Most of the time, you don’t know until it’s too late.
If you’re not familiar with website security, it can be difficult to know if your website has been hacked or not.
Your website has suddenly been acting odd. It’s slow, unresponsive, and glitchy. Something seems off, but you shrug your shoulders and move onto “bigger and better things.” Until one day, you get a phone call from a customer that says when they go to your website, it shows a bunch of advertisements for casinos or something much more embarrassing.
Or, someone Google’s your business and on Google there is a warning that says this website may be compromised. Not the best of first-impressions.
Or maybe, someone can’t even visit your website because their antivirus program like Norton won’t allow them.
“Bigger and better things” have now reached your doorstep.
If the above scenario happens, you’re obviously behind the eight ball. This means that your website has been hacked or has had malware on it for some time. Not a new issue.
There are companies out there where their entire job is to find websites that have been compromised and put them on a list, appropriately called a “blacklist.” These blacklists are used by third-party security companies to verify if a website is safe or not.
Your website is also most likely on a blacklist if the above scenarios ring true.
I’ve seen countless numbers of hacked website, and we’ve cleaned up more than I can remember.
I remember one specifically, where there was a website that was hacked that had an identical looking PayPal website on the server. Why? Because they were sending out fake PayPal emails saying they needed to “click here” to change their password or login to their account to see a secure message. These spam emails linked to the PayPal website clone. The PayPal clone looked identical to the PayPal website, so unless you looked at the URL, you’d have no idea. People of course type in their information and that information is sent to the hacker. Nice, huh?
Another tricky example. They don’t want you to notice, so they’ll track IP addresses of administrators that login to the website and not show them the ads/malware/hacks. These users won’t see any of the malware, redirects or changes. This can make it hard for the owners/managers of the website to detect if they don’t have a professional monitoring the website.
Another trick up their sleeve is to not show ads/malware/hacks to those that access the website directly. If they type in the URL of the website, rather than search on a search engine. This is important, because they don’t want your current customers or anyone else familiar with your business to let you know. These types of hacks often aren’t discovered until you notice your website is on a blacklist. They only show the malware to those that come from a search engine. Again, these guys want to get the most bang for their buck and if you never know the malware is on your site, they are still in business.
Now that you have that information, let’s see some tell-tale signs of a hacked website.
Signs That Your Website Has Been Hacked
Now, keep in mind that you’re not going to always see these errors. A hacker or malware needs to be hidden and undetectable. In the past, people who would hack a website would make their presence known. They’d put up a “this site’s been hacked by (their name)” or they’d just take down the website. The problem with that is that the owner of the website would immediately know their site had been hacked and fix it. That doesn’t help the hackers or malware’s cause, if they want to money off their adventures. So instead, they fly in the shadows. The longer their malware stays on your website, the more likely they can accomplish their goals (remember the PayPal website clone?).
A hacked website is generally sluggish, but that’s not always the case. Maybe your website doesn’t load as quickly as it once did, and you tend to see random, strange errors.
The website may have strange errors. Your login page occasionally doesn’t work, or it doesn’t work at all. A very common occurrence with hacked WordPress websites.
Lots of Bandwidth
A jump in the bandwidth your website is using is generally a sure sign that something is wrong. Unless your business has gotten a boost in attention, lots of bandwidth suddenly could point to an issue.
You may notice some strange code or content that you never created living on your website. This is a sure sign someone has the keys to your website.
If you’re using a Content Management System (CMS) like WordPress, you may notice plugins that weren’t installed before. This could be a cause for concern.
Your Website Doesn’t Look Right
Does the website not look like it used to? Are there new
elements on the page that you didn’t create?
Most likely it won’t be this easy, but if there are popups and advertisements that are showing up when you’re viewing your website that’s a dead giveaway.
Decrease in Traffic
Your analytics data may show that your website is getting a lot less traffic. If you have a drop in traffic, you should look into this. There may be a redirect on your website sending people who try to go to your website to another website or your website is on a blacklist. Thus, search engines are not showing your website in their results or if they are, there is a hacked message disclaimer (show screenshot).
There may be administrator accounts that have been removed or new administrator accounts on your website.
Hire a Professional to Monitor Your Website
If you’re getting into the weeds with a hacked website that has malware on it, you probably have better things to do.
Let us clean up your hacked site and manage it so you don’t run into this mess again.
Thank you for reading!