What is a compromised account?
In this article, we will talk about what a compromised account is, what it means to you, and ways to help prevent your account from becoming compromised.
What is it?
A compromised account is an account that has been “broken” into or exploited by someone who does not have permission from the account’s owner. There are many different forms of compromised accounts, but here are just a few examples…
Security Hole in Software/Script
This is by far, the most common form of a compromised account. If your site is using a Content Management System (or CMS for short) or other forms of scripts, it is possible that the software has a security flaw that would allow outside assailants to possibly view sensitive information, edit files, or worse, see passwords.
It is also possible to send emails from most CMS systems. This, in turn, could cause reputation issues or a large number of other problems.
In addition, if the assailants have access to change files, it is very possible that they may attempt to introduce malware, ads or any other forms of bad content into your site that would affect your reputation, and in some situations, it could also harm your visitor’s computers.
Breached Account Password
This is one of the worst case scenarios as it means the assailants can access everything regarding your account. You should always take action to randomly rotate your passwords when possible to help reduce the possibility of your passwords being cracked.
Breached Email Password
This can be a very problematic form of a compromised account, as it allows the assailant to dig for email addresses (so they can sell the address, or send spam to them), as well as send emails. When assailants send emails, it very well could be possible that they are sending spam messages to thousands of people which in turn, could damage your online reputation. It is also possible that they could send emails with malware, spyware, or Trojans that could not only harm your reputation, but it could also cause damage to other people’s computers.
It is possible that some breaches may not be noticed right away by you or your normal visitors. This can happen when someone is simply attempting to gather information (e.g. passwords, credit card information, emails, etc) about you and your visitors.
It has been also known to happen where an assailant will redirect all mobile traffic while leaving normal browsers alone. This would reduce the chances of them being caught and depending on the site, may in fact be very profitable for them.
What can I do?
If you are using a CMS platform (e.g. WordPress, Joomla, ModX, etc.) the first thing you should do is update to the most current stable version available to you. CMS developers will patch security holes as they become aware, and will release an update so that you too, can seal the hole.
It is also a good idea to remove any software that is not being used (old backups, unused or forgotten beta/development sites) because again, if you don’t keep it up to date, it could introduce security holes. If removing them is not an option, password protecting the directory is a good method of preventing most security holes.
You should ALWAYS use secure passwords for each set of credentials that you have. Never use the same password multiple times and NEVER use the same password for your account/email on a MySQL user/database. This is because if an assailant is able to gain access to the file system, they would be able to see this password, in plain text, in any CMS configuration file.
For more information about passwords, please click here.
For more security tips and tricks, please see click here.