Showing posts with label security. Show all posts
Showing posts with label security. Show all posts

Wednesday, November 14, 2018

How To Secure Your Website

How To Secure Your Website

A secured website

Today we’re gonna be discussing on internet security, preferably, tips to securing your website from malicious attacks.

You probably might have been asking questions like:
  • What are the ways of securing a website?
  • How to secure your website for free
  • How to protect your website from hackers and malicious attacks

Do You Really Think Securing Your Website Doesn't Worth?

You may be thinking that hackers or rather attackers can't consider your website as one of their relevant tool. Let me tell you, no website is useless to hackers.
You may not have those sensitive info attackers are searching for but your server might be useful to them as it can be used to spread spam, malicious files or even bitcoin mining. Are you surprised?
And if you are running an online store, then your customer’s sensitive info might be at risk if all you do is selling online without paying little of your attention to your website’s privacy and security.

Here Are Tips To Secure Your Website From Attackers

Easily Detect Vulnerability Using A Website Scanner

Using a website scanner will help search for vulnerability threat and other issues running in your website’s background.
There are different kind of Website Scanners, we have the; external, internal and penetration malware scanners.

An external malware scanner functions similarly to search engine bots, they come into a website and crawl every web pages in search for malware or any malicious link available. Meanwhile, internal malware scanner will only read your website’s source code. This is because, hackers can eventually inject bad scripts into your database using any HTML Form Field element available on your website, for example, a login form. Such practice is called SQL Injection by which hackers can access either your personal/sensitive information or your customers’, modify your content or even bring down your website standard.

Penetration testers on the other hand, searches for weakness or loop hole in your website’s source code.

Always Keep Your Software Updated

You shouldn't be told this before you act. You should learn to make it a duty by subsequently checking for updates of your employed software -What am I talking about?
I mean the software you employed on your website such as CMS and your server operating system.

Updating these software will eventually block or repair any security breach initially present so hackers won’t be able to break into your website.

Employ An Automated Malware Removal

This is compulsory for every website owner as an automated website scanner will unintentionally get rid of threats from your website immediately they are detected.

A good example of an automated website scanner should;

  • Protect your database from SQL injections,
  • Prevent your website from being in search engine blacklist,
  • Notify you of any changes in file and File Transfer Protocol (FTP),
  • Secure your server ports preventing unauthorised users from accessing your site.

Tuesday, September 11, 2018

Best 10 Ways You Can Secure Your Gmail Account From Being Accessed By Cyber Criminals

Best 10 Ways You Can Secure Your Gmail Account From Being Accessed By Cyber Criminals

Read the Top Best Methods To Secure Your Gmail Account From Being Accessed By Cyber Criminals

Gmail security

I have come across several methods that can be performed to prevent your Gmail Account from getting hacked.

Gmail accounts which are controlled by Google Inc are now vulnerable to hackers and the rate at which Gmail accounts are being hijacked by hackers is to a very high extent. We all know the usefulness of Gmail accounts being one of the best Email hosting platforms that can be used to access all Google Products with all in one username and password, yet all of a sudden it's gone. Sad as it may sound but do you know that we are actually the one creating room for hackers to access our accounts?

Let's go into the proper business for today.

Top 10 Tips To Employ To Secure Your Gmail Account From Cyber Threats

1. Avoidance of Phishing Mails.

Avoidance of phishing emails

Try never to open any phishing emails which are usually found in the Spam folder. You know, spam messages are automatically moved into the spam folder for safety purpose. Though if you think the messages are not really spam, then you can view the mail and follow the link. But if the mail doesn't attract any sign of trust from you please don't try clicking on the link as it may be a way of accessing your Gmail account.

You may receive an email carrying the following headlines...

Your BVN has been deactivated.
Your Amazon Shopping has been shipped.

WARNING>>> Do not click on the provided link.

Recommended: See how to recognize phishing Emails

2. Using Ugly Email

This is the type of Gmail usually used in recognizing tracking emails. To get this;
Just make a search for “Ugly Email“ in your  Google Chrome browser ( i recommend you should make the search in Chrome Web Store). Having seen the Ugly Email from your search result, just click “Add to Chrome” and a new tab will be opened.
This Ugly Email will be added to your Chrome and you can find it at the top right corner of your Chrome browser.

Now to know if your Ugly Email is rocking well, log into your Gmail account and open existing emails or even new emails and if you should ever see a nasty eye that is somehow devilish in any of the mail you opened, then you should know it is a tracking email.

3. Try Using A Secure Connection

This a very important task you must carry on when logging in your Gmail account.

Try using the secure connection that is seen as HTTPS usually before the web address.

To do this:

Go to Setting»»General»»Browser Connection or better still, you should try using VPN like UltraSurf or VPN Robot for login.

To get UltraSurf on your browser, it's an extension so just go to Settings»»Extensions, scroll down to the end and click “add more extensions”, from the displayed interface make use of the search bar by searching for UltraSurf and from your result click “Add to Chrome”.

So whenever you are browsing with the browser, your connection becomes anonymous, though you can disable the UltraSurf if you wish not to use it for some websites.

4. Always Check Filter Forwarding and POP/IMAP

You really need to take this so serious as hackers may try adding filters to your Gmail account. These filters can secretly pass on emails so long the filter remains in your Gmail account.

To be on a safer side, try getting rid of any filters that look suspicious to you.

5. Try Using Incognito.

Chrome incognito mode

This may sometimes be useful most especially when you are surfing the internet with public devices found in places like Cyber Cafe, hotel and/or others. The usefulness of this Incognito or Private browser is to help you secure your connection so as not allowing cookies to store your web activities.

Recommended: How to Protect Your Android Smartphone From Hackers

6. Google 2 Step Login Verification

Google 2-step verification

This is one of the best security provided by Google. Each time you try to log in from another device, having given your login credentials, you'll be asked to take any of the following google login verification process;
  • Text me a code
  • Provide your backup Gmail account ( if any)
  • Using google authentication app and others.

But I'm only in support of the text code as it is the safest means of verifying you are the one trying to log in. Of course, the hacker can never provide the security code sent to your device to log in.

7. Track your Account Activities

Google - My activity

This is a very important task you should always do. You should always keep an eye on your Gmail account to track every activity going on in your account.

To do this, just log in to My account and at the lower right corner of the platform, you will see “Last Account Activity” just click on details. There, you will see the devices accessing your account as well as the time and location they logged in. So if you notice any unauthorized login, all you have to do is change your password at that moment before the hacker does something else.

8. Avoid ignoring Gmail security alert.

Most of us usually make this nasty mistake of ignoring security alerts sent by Google. You should know that Google only send those security alerts when they feel it's necessary for you to update your security. It may be that they noticed something fishy concerning your account and to make sure it's not hacked, they'll send you an alert to update your security.

9. Try removing apps connected to your account

Do you know that apps are connected to your Gmail account? Whenever you use your Gmail to sign up for any third-party app, they are automatically connected to your Gmail account. Hackers can even try to connect an app to your account via play store and other means. So I recommend you should always remove unauthorized apps from your account by logging into

10. Always update your number.

Never forget to always keep your mobile number up-to-date and if you should ever lose your phone number then try getting a new one and link it to your Gmail account because that's what google will always use to send you a security code.

Other Tips include:
  • Do not disclose your password.
  • Use a recovery email, that is, a secondary email.

So above are the methods of securing your Gmail account from getting accessed by hackers. I hope I've been able to provide adequate security tips for securing your Gmail account.  Please kindly share this post with others using the share buttons provided below.

Monday, September 10, 2018

How To Effectively Recognize A Phishing Attack

How To Effectively Recognize A Phishing Attack

In the technology world today, cyber fraud is the most occurring activities performed by so many people who claim to be a computer guru. It's now as if being a black hat hacker is what tells one to be a computer wizard which is absolutely wrong.

So many devices’ users have fallen victim to this cybercrime. There are many ways to which these attacks come into your devices,  but one of the methods is via Phishing.

The phishing attack is the most used method for hackers to gain access to one's social login credentials or even your bank account details.

You might have received emails from scammers containing links such that when visited, will automatically redirect you to a scam web page that looks similar to an existing popular website. For example, the redirected webpage might seem to be facebook login page, asking you to input your facebook email, or phone number or username, and password associated with your Facebook account, claiming to be partners of the Facebook team.  And immediately you input those credentials of yours, it will automatically find its way to the attacker, thereby granting the hacker access to your facebook account and might steal any relevant information found on your Facebook account. The same thing is applicable to Emails, where you will be asked to renew your email via a link that will be sent to you.

So for this, I’ve published this discussion and reading it through will help you prevent yourself from all these cyber attacks. All you have to do now is to read them carefully.

You may be wondering, what is Phishing attack?

The phishing attack is a type of cyber attack in which an attacker sends a spam link such that when visited, will open a webpage that will look the same as an existing and popular website page, it may even be social websites or any other.

Now haven known what Phishing attack really is, you now need to know how to detect their spam message whenever you see them.

How do I identify Phishing attack?

Identifying them is quite easy and needs no technical procedure. Read the methods below.

Identifying their emails:

Identifying phishing emails is very easy. At first, you will need to do the following.

» Check the source of the email, I mean their email address, their addresses are never real. Most times they use email addresses that are similar to a popular email address owned by a company ( it may be a bank, Place of work ) or a social network.

For example, you may receive an email from the email address >>>> or instead of  which is said to be the official email address for GTbank Nigeria.  You can only identify their fake email address only if you know the actual address they tried to copy.

» Most times their messages contains forceful language which is the number two proof to detect phishing attack. These scammy and forceful languages can be seen in their emails, forcing you to input some kind of your details in relation to what they are trying to steal from you. But these forceful languages are often seen on their webpage where they redirected you to, they mostly use pop up messages forcing you to input your credentials.

So you have to be aware of this!

Recommended: How to protect your Android from hackers

Check if the email contains grammar mistakes and misspelled words.

Most of their emails contain grammatical misspelled words, though not all are perfect phishing attackers does this mistake often.

Note: You may also receive phishing link via your phone message inbox. Like the one I received some time ago, I was told that my BVN has been deactivated, and a link was provided to reactivate it and I was threatened that if it exceeds 72 hours, they will have my BVN permanently deactivated. Isn't that a scam?  Yes, it is because only the bank you are operating on has the right to send such message with no threat, and if they were to give you a link, then it should be their official website and not others.

So be aware of these tricks used by phishing attackers to keep you and your credentials protected.

Recommended: How To Secure Your PC From Hackers

Please share this with others too using the share button given below.

Saturday, September 8, 2018

How To Temporarily Lock your PC If An Unknown User Tries To Guess Your Password

How To Temporarily Lock your PC If An Unknown User Tries To Guess Your Password

Still on privacy protection matters, today we shall be revealing to you some ways of securing your PC from physical access by an unknown user. Last week on this blog, we dealt with some security tips on how to protect your PC from floating malware/viruses and other malicious content which may download itself into your PC from the internet and I mentioned about subsequently downloading of your System (PC) update and setting up a strong antivirus.

But what if the bad egg you are trying to prevent from bursting into your PC is designed by a neighboring friend near you? This is why you need not to only employ cyber (internet) security but also setting up a physical privacy of your PC like what this post is talking about.

Set up your PC to automatic lock when someone tries to guess your password. There could be many ways to achieve this, but this post governs two safe methods.

How To Temporarily Lock Your PC From Unknown/Unwanted Users

Method 1. Command Prompts (CMD)

The Command Prompts (CMD) is always there to help you communicate with your PC on what you want to be configured, and this is done by serving it some command lines.

Step 1. Launch the Command Prompt Windows on your PC; to do this, go to startup menu and search for Command Prompt (CMD) or from your desktop interface press Windows Key + R simultaneously to pop up the “Run Window” and input “CMD” in the text field and hit “Enter” from your keyboard

NOTE: CMD or Command Prompt window is always dark, be sure you are running Command prompt window before proceeding to the next step.

Step 2. In the CMD window, type in the command “net accounts”. This command would list your current password policy of your PC. By default, the password policy is set as “lockout threshold: Never”; this implies that your user account will remain unlocked regardless of how many times you filled your password incorrectly.

You can modify these default settings by implementing the below commands on your Windows PC

Step 3. Exit the previous command prompt and relaunch (re-open) a new one and input the command “net accounts/lockout threshold:3”. This is an example, if you input exactly the command, it would set up the incorrect password filing limit to 5 times and once it exceeds 3 failed trials, your Windows PC would be locked.

Step 4. At default, the lock duration after exceeding the number of incorrect password fillings is set to 30 minutes. To change this, you should open and type in the command prompt the following command “net accounts/lockout duration:15”. This would set your PC to lock for 15 minutes after exceeding the configured number of trials. You can change the “15” in the command line to whatever number you may find comfortable.

NOTE: The set time is always in minutes.

Now you are done configuring your PC to lock after a limited failed user login attempt. This would help lock out spies/unwanted users from your PC.

Should you come across any difficulty prior to this method? Look down for the next method👇👇👇

Method 2. Using Local Security Policy

The Local Security Policy could help you accomplish the command on your PC. Follow the below steps to get it done.

Step 1. Open your start menu, type “local security policy” and open the app. Note that it's a system (desktop) app

Step 2. Navigate to Security Settings>>>Account Policy>>>Account Lockout Policy

Step 3. Doubleclick on “Account lockout threshold” and enter the number of invalid login attempts you wish to set and click OK. By default, the account lockout duration is set to 30 minutes, so click OK again to save the change in lockout threshold.

Step 4. If you wish to modify the lockout duration, go back and double-click on “Account lockout duration” and modify the time.

You are done!
I believe this second method is much easier to execute than the Command Prompt which seems much like you are writing a program, hahaha….

Well, the above are the two best methods that can be used to set a temporary lock on a user account on windows PC after exceeding the configured number of invalid login attempts. Cheers...

Monday, September 3, 2018

How To Secure Your PC From Hackers

How To Secure Your PC From Hackers

Today, I'll be revealing to you the best ways of securing your PC from threats. Previously I published a similar post on how to secure your Android device from cyber attacks, but that will not be enough if you work with some security tips on your Android device and such you do not apply on your PC; its similar to not securing both devices.

There's need of securing both your Android and PC devices being that you most times connect these devices to a particular network or via USB cables. However, the security tips you use on your Android device is not too different from what you should employ to your PC.

How To Secure Your PC From Prying Eyes

1. Keep Your Windows Up To Date (System update)

I used to be very stubborn to this instruction. You should know how annoying it may be when updates keep rolling on to your PC within a short while and you are humble enough to download those updates which can never be less than 1GB.
But the truth must be told, this system updates help improve your PC performance and its complexity against security threats. Downloading a system update may help fix any security flaw or bug is found in your PC or may even bring in new features to help safeguard your PC from threats like Malware/viruses/Trojans which hackers subsequently take as their tools for penetration.

2. Always Check Your Windows Event Viewer

The Windows Event Viewer on your PC will tell you the current activities running by either physical or network execution as well as when your PC was last used

  • Go to Start and search for “Run” then you launch, or alternatively press “windows key + R”

  • Input the following “eventvwr.msc” and hit Enter.

  • Open the System (Windows) log to view a set of currently used data with their specific date and time. This will enable you to keep track of the activities running on your PC.

3. Set Up An Antivirus/Anti-Malware Program

To get high-level security on your PC you should have at least one Antivirus software/tool installed to help you look for any security threat and action will be taken thereafter.
I will always recommend Avast Antivirus and Windows Defender; these programs have helped me a lot, sorting and removing threats (hacking tools, viruses) from my Windows 10 PC.

The above three tips will help you secure your PC from cyber attack. If you eventually get a new PC, we recommend you should first install/setup an Antivirus program running and updating your Windows should be your next step before thinking of connecting to the web.