This is going to hurt

The latest browsers from Chrome and Firefox are now displaying a warning that says something like ‘Something’s not right here’ if they detect the existence of a nasty piece of code on your site.  They then go on to explain that ‘proceeding onto this site may infect your computer with a virus’.

If you don’t clear this message quickly you may find your site blacklisted and then all Search Engine listings will display ‘The site may damage your computer’ under the ranked listing.

That’s not something you want to see on Google right?  That can really jurt yoru business.

The Malware in particular is called an ‘html injection’ or trojan virus and it recently took out 70% of my sites in one fell swoop.  What it does is add a little bit of code to your index file (that the page that most people see when they come to your site).

This file does not do any damage itself but it does advertise your site to hackers and provides them with a back door to your system where, once inside, they can do all manner of nasty things.

Internet Eplorer will not advise you of this issue even in its latest version (9 now in beta testing).  Nor does Apple’s Safari.  So the first thing you should do is download Google Chrome (it’s free) and look at your site with it.

Blog sites such as WordPress are particularly vulnerable because, since they are so prolific, they provide a greater harvest of computers to attack.  So the people who designed this trojan made sure that it could easily infect blog sites.

What to do about it?

• Here are a couple of ideas:
• Check your site on the Chrome browser.
• If it is infected call your support guy and let him know. If you don’t have a support guy have a look at the index/default page on your site and check the last line.  If it mentions imgaa dot net or any other site that you don’t recognise delete it.
• Make sure your own computer is clean and free of malware or virus.  This may be the source of the infection.
• Make sure your blog software is up to date.
• Use a monitoring service like Sucuri (www.sucuri.net) which will monitor your site every 3 hours or so and report back to you before the site is blacklisted by Google and other search engines.  This service is less than $10/month and well worth it.

For more information on the code have a look here http://www.stopthehacker.com/2011/05/04/web-malware-faking-images/

And, for what it is worth. I am moving my blog sites off my server so the hackers cant fish around all over my server and find other vulnerabilities.

The Biggest Mistakes Speakers make with Bureaus

As a Speaker working with Bureaus effectively can be great for your business. Unfortunately many Presenters don’t fully understand the Bureaus role in their business development.

The 7 biggest mistakes that Speakers make with Bureaus are:

1. Having unrealistically high expectations (which leads to stalking!)
2. Not keeping the bureaus updated
3. Not being ‘Bureau Friendly’
4. Not sourcing every inquiry
5. No fee integrity
6. Taking a hold off without notifying us
7. Approaching Bureaus too early in the process

If you would like to avoid these pitfalls and save time then download our special free report on this link.

http://www.letsdoit.net.au/template.asp?pagename=Bureaus

Cheers

Ian

Whats next?

Ever wondered what comes after Twitter?  Here is a glimpse of the future.

What does all this mean?

Not sure about all the new terms that come with Web 2.0?  Have a listen to this
http://www.ianharvey.com.au/images/adminimages/gallery/galleryvideo/32s_SNTerms.swf

Warning – Someone is trying to steal your domain

Here is a trap for young players.

As you possibly know, if you have a web site, you will also own a domain name.  Actually you are only renting the name and you have to pay a fee every couple of years to keep that name.

Sometimes you may have the domain name registered by one company and your website built and hosted by another.  In this case you will get a bill from the registering company when your domain comes due.  Since you only pay for the domain every couple of years its likely you don’t even know the name of the company holding the registration.  And therein lies a opportunity for some less than ethical operators (italics mine) 

Check out the image below.  On first look it appears to be a bill and since the wording stresses that “You must renew your domain name to retain exclusive rights to it on the web …” you might want to quickly scratch out a cheque and make payment.

This company, Domain Renewal Group, are sending thousands of domain owners these renewal forms well before the domain is actually due and well before the current registration company would consider asking for renewal.  This renewal is not due until late Feb 2010 and the notice is sent early October 2009 fully 5 months before it is due.  They also set an urgency factor in play by suggesting that they require a reply by October 26 2009.

What is all this about?  They want to grab the registration of your domain and if you pay them they will send a request to the current registration company to transfer the domain. Sometimes they may even ask you to pay for the transfer.  Then they will market to you so they can get your hosting as well.

One of my clients received a letter like this in the mail and immediately made payment.  They (Domain Renewal Group) then sent a request for transfer.  Fortunately I have all my domains locked and they can only be released by the registrant (my client).  When I advised her the transfer details be email she called and told me she knew nothing about the transfer.  So Domain Renewal Group screwed her out of $75.00 and they do this thousands of times.  Not a bad money making scam really.

To be fair, if you read the letter and you know what they are talking about, you will not fall for the scam.  But I believe they are betting that most people will see this as an urgent bill and make payment without question. 

Where do they get the names from?  That’s the easy bit.  They are obviously using a spider of some kind to read the whois detail on all .com domains and sending an official looking ‘bill’ in the mail to start the ball rolling.

What can you do about it?

• Read everything you get
• Contact your registration company.  If you don’t know who that is then talk to your webmaster and/or check your site registration details on www.whois.com
• Have your webmaster look after both your hosting and your domain registration.

Does this look like a bill to you?