Every week Google blacklists over 70,000 websites because they’ve been hacked and the hackers are using the website to send out malware, or they’re using the site to send out phishing attacks! Yup, over 70,000 every week!

Is your site one of the hundreds or thousands that have been hacked and are part of a hackers playground that they are using to send out malicious attacks? Before you answer “no, not my site”, ask yourself how you would know if it was!

Reports suggest that most website owners are completely unaware that their sites have been infiltrated.

How Hacks Happen

Because WordPress is the biggest platform for websites, we’re going to look at this issue of security through the lens of a WP website.
There are basically 4 ways that a hack can happen:

  1. Your hosting platform is vulnerable
  2. There is a security issue in the theme of your site
  3. There is a security issue with a plugin used in your site
  4. You’re using a weak username/password strategy for your site’s users

Hosting Platform

A vast majority of websites are hosted in a Keeper Security, makers of Keeper password manager, the 10 most common passwords in 2016 were:

  1. 123456
  2. 123456789
  3. qwerty
  4. 12345678
  5. 111111
  6. 1234567890
  7. 1234567
  8. password
  9. 123123
  10. 987654321

Come On! No wonder people are getting hacked! Let’s at least make the hackers work to get inside the site.

Don’t Kid Yourself

One of the biggest reasons that a site gets hacked is because nobody thinks that their site will get hacked!

Most of the site’s on the web don’t store credit card information or sensitive data so, consequently, these website owners feel that they won’t be a target of a hack because there isn’t anything that they think is valuable on their site.

But, as I stated earlier, your site may not have anything valuable, but just by being connected to the Internet, your site becomes very valuable in spam and phishing attacks.

Or, consider this. Do you have people signing up for a newsletter, on your site? When they enter their name and email address, are you storing that information within a database on your site? Yup, that could be valuable information to a hacker

Consiquences Of Being Hacked

What about your business? If your site is identified as sending out spam, do you know what to do? Do you know what will happen?

If your hosting company discovers the hack first, your site will be taken offline by your hosting company. And, that’s just the first step. Once your site is taken offline the real work will begin:

  • Repair and Cleanup: The damage that was done by the hacker is going to have to be fixed. Chances are really high that they will have installed, at the least, some files in your site, or at the most, they will have altered the core structure of your site. All of this has to get repaired, or if it’s too bad, your site may have to be rebuilt.
  • Decreases In Traffic: If Google discovers the hack before your hosting company, you will most likely see dramatically decreased traffic counts. This will primarily be due to your site decreasing rank on search engines. That’s right, there is evidence to suggest that Google will decrease your site’s ranking if it gets hacked. And, according to a recent survey, 45% of website owners that reported being hacked said they never got their old traffic levels back after fixing the hack.
  • Trust: One of the most important elements of online marketing is having the user trust your site. Having a site that has been hacked, especially if you’re selling products on your site, is going to create a really big hurdle to get over when it comes to trust!.

Your website’s security is more important than the attention that many businesses give it. If your site gets hacked, there could be a lot of harm done to your business for a very long time. It’s always best to be proactive and get your site’s security on your radar. Put together a process for reviewing your site’s security on a regular basis, and with some luck and a new focus you’ll be able to eliminate this from worry.

If you’re curious about whether or not Google has identified your site as having malicious code in it, here is a link to their scanner. All you have to do is enter the URL for your website, and you’ll receive a report as to whether or not Google has found malicious code on your site.