Protect yourself from email/text scams

Nothing is quite as maddening as feeling scammed, and online scammers are getting better and better at deception, leaving us feeling more and more vulnerable every time we shop, bank, or do any online transaction.

The fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information is called a phishing scam.

Remember, a scammer’s goal is to steal your credentials and your money — and they do not discriminate! Kids, adults and seniors are all at risk.

Not only is this frightening, but it is against the law.

Take back your power.

Let’s take a look at ways that you can identify a scam and protect yourself as much as possible.

Spoofing scam

Ever received an email that SEEMS to come from a known and trusted source, like your bank or one of your online accounts?

Trust your gut.

When you click on that link, it will re-direct you to a false website — that looks just like a trustworthy one. Even the best branded websites are easy to duplicate.

If you were to sign in with your login credentials on this website, you’ve just given a scammer access to your online account!

Let’s say you get an email from customerservice@paypa1.com.

WAIT.

Did you fall for that or did you already catch it?

At first glance, the sender reads as a PayPal employee, but upon closer examination, they’ve just swapped out the “L” in PayPal with the number “1”.

If you didn’t see that and followed the link using your Paypal credentials, you would be handing over to a scammer your login and password to your Paypal account.

The best way to protect yourself from scams like these is to NEVER click inside an email unless you are expecting the email. The same goes for any text messages that encourage you to click on a link.

Be suspicious! Never click on a link in a text or email unless it was initiated by you.

Warning email or text

Scammers are good at sounding the alarm.

Another angle they use is to send you an email or text message warning you that your computer has been compromised in some way and that you should immediately click on the link provided (How convenient!) to minimize any damage.

Don’t fall for it! It’s a scam.

Links like these will likely lead you to a fake website created for the sole purpose of capturing sensitive information about your online accounts.

Threatening email

Sad to say, Scammers are shameless when it comes to getting you to respond. They will even resort to frightening threats which actually seem legitimate and are intended to scare you into action.

Usually, they come from an anonymous source and are intimidating.

Because they are anonymous, they cannot be verified, resulting in a general feeling of unease — as if you are being watched. Here is an example of that:

Note that they have even added blackmail into the mix.

Anytime someone asks for money of any kind, including Bitcoin, beware. It’s probably a scam.

If you receive something like this, delete it immediately and/or report it to the FBI’s Internet Crime Complaint Center (IC3).

Prize scam

It’s only human nature to get excited about winning a prize or large sum of money, and unfortunately, scammers leverage this.

If you receive an email announcing that you’ve won something and in order to claim the prize you must enter some details about your identity, think twice.

Stop. Think again.

It is so easy (and delightful) to fall prey to the idea of being an online winner, but don’t be fooled. There is no big prize.

Here again, the only way to protect yourself is to delete the email or text. Here is one example:

Refund scam

The bar just got lower.

The refund scam targets a person’s moral compass and sense of justice by luring them into divulging sensitive personal information like login credentials and identity details.

This scam might begin with an apology for having wronged you, adding that a refund for the overcharge awaits you. By simply “clicking here” you can claim your rightful reimbursement.

Don’t do it! The whole story is a ruse.

Virus scam

In these times of computer attacks by means of viruses, this insidious tactic is a common one.

And who are you to question it? Who wants to risk getting contaminated by a computer virus? Many people have a peripheral understanding of what a computer virus is — but not an in-depth one — so, this is how they exploit your weakness.

Upon receiving an alarming message like this, your first instinct is to get rid of the virus immediately!

These fraudulent notices come with a link that may ask you to download an “antivirus software” to remove the virus. This is tantamount to handing a thief the keys to your house and giving them permission to “fix” the problems in your house.

Do it and you may end up compromising your computer. Any sensitive personal or login information stored in your computer is now in the hands of a low-life, clever cyber criminal.

How to identify a phishing scam

In summary, here are some ways to recognize if you are the target of a phishing scam:

Intimidating emails that threaten or try to frighten you.
Check the sender’s email address — NOT just the name. The name may say “Amazon”, but the actual email address may be something like “sales_lady@gmail.com”. If the sender’s email doesn’t come from the url (website) of the company they are claiming to be from, it is a phishing scam.
If the email/text encourages you to click on a link, then chances are they are trying to get you to their fake website where you will be asked to enter sensitive information.
If you aren’t expecting an email from the company or don’t know if you have/own what they are offering a refund for, then beware! This is likely a scam.
Check for spelling and grammatical mistakes. Many of these spams come from countries where English is not their native language.
If the email claims to come from the IRS, delete the email! IRS will NEVER contact you by email.
If the email is announcing you have won an unexpected prize and the only way to claim the prize is to click on the link provided, DON’T do it.

How to protect yourself against internet scams

The absolute best way to protect yourself from falling prey to all scams is by never responding to suspicious emails. Delete them as soon as you have determined that it is a scam. TRUST YOUR GUT! If it feels phony, it probably is. If the email is authentic, they will attempt to reach you by phone or snail mail.

Only click on links in emails that you are certain are legitimate. For example, you can click on a link in an email when you have just requested to change your password — incidentally, that email will arrive instantaneously after your request.

If you are uncertain about whether or not it is a scam, ask someone you know to help you determine its legitimacy. At PureLynx, we include this service in all our maintenance plans.

If the scam is particularly vile or vulgar (blackmail, for example) or you believe it may be yet a NEW mode of deception, you can file a complaint with FBI’s Internet Crime Complaint Center (IC3).

How PureLynx can help

Online scams can involve your website. For example, if you are selling goods on your website and your PayPal account gets compromised as a result of a scam, that will temporarily render your website unable to make sales.

Or you may receive a fraudulent email claiming that your webhosting needs to be renewed, with a link taking you to a scam site which will steal your credit card number.

At PureLynx, we are committed to keeping your website at its best at all times. We go above and beyond the others — as part of our service plans, we offer that you may send us any suspicious email or text you receive and we will evaluate it for possible scams. Learn more about our services here.

What are the Costs Associated with a Website?

These days a well-built website is essential for any business. Here’s a breakdown of what goes into building a website and approximately how much each item costs.

Domain name

A domain name is a web address (such as purelynx.com) that may end in “.com”, “.org”, etc. Purchasing a domain name is generally the first thing you do when embarking on a website project. The company that you register your domain with is called a domain registrar.

A domain name usually costs $10-$20 a year. In general, shorter domain names are more expensive than longer names. And a “.com” is more expensive than other options. If the domain name you want has already been registered by someone else, you may be able to purchase it from that person for a fee.

Check out Namecheap to check if the domain name you have in mind is available.

Many people think of GoDaddy when they want to purchase a domain name. We’d recommend steering clear of GoDaddy for reasons that we will discuss in future blog posts.

Also, be wary of add-on items that some domain registrars will try to charge you for, such as domain privacy. Most of these items are unnecessary. And be sure to make note of your login credentials for your domain registrar. If you lose access to your domain name, it can be very difficult to reclaim it.

Content: text

Website content is the text, pictures, logos, videos, etc. that are on your website. You will need effective marketing text that describes your business and its offerings in a clear and inviting way. It can be difficult for a company to write its own text for two reasons:

• It’s hard to step outside of everything you know about the company and put yourself in the mindset of someone who doesn’t know anything about you and what you offer. It’s easy to miss important things that should be said because to you they are obvious.

• Marketing is a specialized skill and it isn’t necessarily a skill that every business owner has, even though they may be great at many other things.

Many website companies, such as PureLynx, offer marketing copywriting as one of its services. The cost is usually hourly and therefore will be higher if you have a lot of text needed. For example, you may have multiple locations, many services and products, etc. A good estimate might be $500 and up. If you receive a quote that is surprisingly low, you may be getting the services of someone who is not experienced in marketing.

Content: images

It may be cliché, but it still holds true — a picture is worth a thousand words. You will definitely want one or more high-quality images on your site. Professional images can be purchased from stock image companies; they may cost $25 or more for each image. Alternately, you can have professional photographs taken. Depending on what type of business you have, you may want photographs of you, your team, your storefront, and/or your products.

Creating the website

This is the most expensive and time-consuming phase of a website. It includes visual design, interaction design, and actually coding the website. Whether you get a templated website or have a custom one built, they both require plenty of input from you about your business.

You should have a good sense of your target market before you start searching for a web designer. Check out “10 tips for a successful web design project” before hiring a web designer/agency.

You can get a bare-bones template-based website for around $500. A quality custom-built site may cost $1000-$5000.

The cost of building a website depends on many factors. Check out our post How much should a website cost? for information on the various website parts that cost money.

If cost is a concern, then we have an offering that may be a fit for you. It allows you to get your website up and running with minimal effort and cost. Our 1-2-3 Go plan may be perfect for you. This plan is an all-inclusive package which includes building the website plus maintenance for the budget-conscious business owner.

Hosting

In order for visitors to view your site, it needs to be ‘stored’ somewhere on the internet. This is called hosting.

You may see some hosting charges advertised starting around $3/month. Be wary of prices this low. It is usually an “introductory rate” which will go up after your first year, often to more than the price of other webhosts. Also, rates this low usually indicate a bare-bones service &mdash one that offers little memory and disk space, and runs your website on a shared server with many other websites. This limits the software you can use, and often makes your website slow, which may cause people to abandon your site in frustration. (Note that, on your own browser, it may look like your site is fast. Your browser has cached your website locally, thus giving you a misleading impression of how fast it loads for other visitors.)

In addition, Google Search penalizes slow websites. It returns them lower downe in the search results than they otherwise would. This has the unfortunate effect of reducing your visibility online.

And finally, low-cost minimal hosting services often lack fast and friendly technical support to help you when you run into issues.

When you build your website with PureLynx, one of our services is fast, efficient hosting along with excellent customer service.

SSL certificates

No modern website should be without an SSL certificate. These security certificates are no longer just for banks or websites that require logging in. They legitimize your website so that visitors as well as other applications on the internet can trust that the communications from your website are indeed coming from your website and not from interjecting malware.

You can verify if a website has a security certificate by observing the padlock icon to the left of your website URL in the address bar of your browser. Many people will refuse to use a website that does not show the secure symbol.

When you sign up for PureLynx hosting, your SSL certificate is included for free.

Content updates

Once your website is built, you will want to keep the content current. For example, if your business changes its hours or expands into a new geographical area, you will want this information on your website. You will also want to keep your website fresh by highlighting seasonal products and sales, adding new products and testimonials, or maybe writing a blog.

Some changes are going to be simple, while others are going to be more time-consuming. Changing your telephone number would be a simple website edit; something like offering a new service, in contrast, will usually require new text and images and maybe a new page and/or menu item. When the site is changed, make sure that the new content is added in a way consistent with the site’s existing design and navigation.

Depending on how often you expect the content on your website to change, you could either have a monthly retainer service to update the site, or you can have the edits performed on an hourly basis. A monthly service may cost $45-$150 a month depending on the frequency and and complexity of the changes.

Software updates

Your car, your furnace, your health — pretty much everything needs maintenance to stay functioning. Your website isn’t any different. Continual updates are released by the various browsers, WordPress and associated plugins, mobile phone operating systems, and the many Google services (Maps, Fonts, Analytics, etc.). Failure to update your website may cause it to stop working due to compatibility issues.

In addition, an out-of-date website is very vulnerable to malware. It’s much better to prevent this from happening than to try to deal with cleaning your website after a hack. If you can afford only one type of maintenance, software updates are essential. At PureLynx we offer several monthly maintenance options, customized to your needs.

Your time

Don’t forget to add your time to this project. Even though there’s no exchange of money, the time you spend on your website will take away from other tasks.

Even for a “simple” website, you will have to devote 10-20 hours for a DIY project.

When you hire a professional web developer, you will need to spend time to describe your business to them. Allocate about 4 hours to give your web designer details about your services and products, take photos or approve images selected by your designer, comment on the design, purchase your domain name, etc.

In summary

To recap, the upfront costs for a website include:

Initial domain registration: $10-20
Creating a website: $500-5,000 one-time cost
Copywriting (optional): $500 and up
Stock images: $25 per image

And here are the common ongoing costs:
Domain name renewal: $10-20/year
Website hosting: $20-90/month
SSL certificate: Make sure this is included in your hosting charges
Software updates: $50+/month
Content updates: $50/month and up, depending on number and complexity of the updates

Call us today at (650) 346-1442 to learn about the best options for your business.

5 tips to keep your website secure from hackers

Lately, hackers have been on the news a lot. When your website gets hacked, it is a lot of work to get it back to running smoothly again. Think time, money and heartburn. The best offense against any hacker attack begins with a good defense.

Here are some things that you should be doing on your website:

1. Keep the underlying software updated.

Make sure that you are running the most current version of your content management system. WordPress, the most popular content management system on the website, puts out a new version every 3 months or so. These updates close loopholes that hackers exploit and address known vulnerabilities in the code.

We offer one-off updates and maintenance plans that regularly take care of updates.

2. Keep the plugins or 3rd party software updated.

Websites use plugins to perform specific tasks and extend the functionality of the content management system. Plugins should be updated on a regular basis. If not, the loopholes in these plugins can be exploited by hackers to gain illegal access to your website. If a plugin isn’t putting out updates, that could mean that the writers of the plugin are no longer vested in it. This increases the likelihood that the plugin could be compromised.

All our maintenance plans include plugin updates. Learn why your business needs regular website maintenance.

3. Create secure passwords.

Passwords are an easy way for hackers to get into a system especially if the passwords are easy to guess. Dictionary words are especially easy to figure out. Using a password that uses a variation of your name, your dog’s name, your street address in your password, etc. makes for a gaping hole waiting to be exploited. Make sure that your password is at least 8 characters long with at least one capital letter, one small letter, a number and a special character like @.

Learn how to create a strong password.

4. Make sure your website is regularly backed up.

Your website should be backed up on a regular basis along with the database and other related elements. This is important because if your website gets hacked, you will need a backup to reinstate your website along with all the content.

Create an initial backup of your website when it is built. After that backing up the website once a month is sufficient for websites whose content isn’t updated often.

If your website content gets updated often, then your website should be backed up every day.

5. All communications with your website should be secure.

SSL encryptions enable secure connection between web servers and browsers. Without a secure connection, your usernames and passwords run the risk of being read by hackers when you login into your website.

SSL encryption also authenticates the website. This means that the browser at the other end can rest assured that they are indeed communicating with you.

You can identify SSL certificate by the green padlock icon that will be to the left of the web address of a website (URL). This is a visual proof for the customer that your business takes security seriously.

Google’s Chrome browser adds a “Not secure” warning next to all websites that don’t use a secure connection. Such a message indicates that any communication with the website can be hacked. It is the responsibility of a website owner to provide a secure connection to their website.

If you would like us to help you keep your website secure, call us at (650) 346-1442.

Website maintenance: What is it, and why should my business care?

It’s a common misconception that once a website is built, it will run smoothly and look great – forever! Unfortunately, that’s not the case. Just like a car or a house, a website needs regular maintenance to stay functioning as intended.

But let’s face it: maintenance work isn’t sexy! Even when we understand that we need to maintain our websites, we are tempted to put it off. There may not be any obvious issues when viewing the website, so it may seem as though everything is fine.

Here are 3 important reasons why you need regular maintenance:

The web environment is a complex and constantly changing ecosystem, since new versions of its many browsers, platforms, and mobile devices are constantly being released.
Letting your software get out-of-date is a security risk, because a website that has not been maintained can succumb to hacker attacks. its content can get outdated, and user experience will suffer.
Outdated content will adversely affect user experience, SEO, and the business’ brand.

Here are a few areas that you should monitor and maintain for your website to keep functioning optimally.

Website content

Content is THE most important aspect of a website, since this is what visitors come there for.

Here are a few content areas that should be monitored:

Products: If you have new products, then your website should be hawking those. What’s the point of new products if you can’t sell them?
Features: Monitor old features and add new ones.
Company news: Use your website to announce a new office, a new team member, an upcoming seminar, or any other company related news.
Contact changes: Having old and outdated information on your website degrades user experience and will adversely affect your online presence. If you have moved or your phone number has changed, your website’s content should be edited to reflect these changes.

Software

If the software that your website is running on is outdated, chances are that your website isn’t running at its peak and it could possibly be vulnerable to hackers. New versions of software are released to fix security patches, make websites serve faster, and for a variety of other reasons. Keeping your software updated is paramount to running your website smoothly.

WordPress, our preferred Content Management System (CMS), releases a major version about 3 times a year. Many patches and fixes are released several times during the year. We would recommend that you hire a web design agency to take care of all the software updates.

If you have taken on the responsibility of keeping the software updated, remember to not just update all the software, but also check the website to ensure all parts are working as intended. For eg., if you have any forms, test them to see if they still function as expected and the emails arrive at the intended destination(s).

Backup

Every site should be backed up regularly in case something happens and the site needs to be rebuilt or reinstated. There are two types of elements that comprise your website:

Code (Javascript/PHP code, HTML, CSS, themes, plugins, other files)

Code should be backed up anytime you change or update your code, as well as any time your Content Management System (CMS) releases a new update. For example, if you use WordPress (our preferred CMS), whenever they release their new versions would be the perfect time to backup your code.

Content (Text, images, videos, audios, etc.)

The frequency of content backup depends on how often your content changes and by how much. Determine the kind of loss that you can live with, since that will influence how often your website should be backed up. At the minimum, you should backup everything once a quarter.

Link checks

It is important to ensure that links within the websites and the ones that go out of the website are working well. Bad links are a drain on your SEO karma. The links that go out of the website should be especially tested at least every quarter to make sure that these are still up and running. Your website should have a 404 page to catch any links that aren’t working within the website.

Domain name registration

The best time to verify all your information with the domain name registration company is during renewal. Check out the contact email for your domain name because this is where renewal notices are sent. Update this to reflect the email that you’d like to receive such notices, and confirm that the address is correct. Keeping these up to date is important for you to receive notifications on your domain name.

Anything not maintained will degrade slowly in its effectiveness and websites are no different. With regular maintenance of your website, you can optimize your website’s performance, make it less vulnerable to hacker attacks, and extend its life.

Call us at (650) 346-1442 to learn about our monthly maintenance plan(s).

Protect yourself online with a strong password

Going digital has its pain points. We are literally drowning in passwords. From phones to emails, from online bank accounts to social media accounts, each one requires a login and a password to enable us to use them.

Not only is your password supposed to be unique for each account, it is also supposed to follow rules that will make it difficult to guess (hack-proof). And you better, because behind the password lies all your data.

A strong and secure password is your first defense against being hacked. Be judicious about creating and saving it like you would your home key.

What you should do to create, store and access your password

Passwords should be at least 8 characters long, preferably longer.

Longer a password, harder it is to crack.

Create a password that contains capital letters, small letters, numbers and symbols.

Each addition of any of these makes it a little bit harder to crack your password.

Use a unique password for each account.

Yes, it is a pain to create and remember all the passwords. Just remember that getting hacked is a much bigger pain!

Use 2-step authentication.

Many websites now allow for a 2-step authentication. When you type in your password, the website sends your phone a text with a code that you need to enter on the website before you will be allowed access into your own account. This means, even if someone were to crack your password, they can’t get in because they wouldn’t know the code. This is one of the best ways to secure your account. When you setup your account, find out if the website allows for a 2-step authentication. If it does, enable it for your account.

Use a password manager.

Use a password manager that can help you create and manage all your passwords. You will then need to know only one master password. There are many password managers out there. Here are a few that are popular: Dashlane, LastPass, Sticky Password, Zoho Vault, LogMeOnce.

What not to do in your password

Let’s now explore what NOT TO DO. This is a much bigger list!

Don’t use the URL name of the website.

For example, do not use “amazon” anywhere in your password for Amazon.com.

Don’t use obvious patterns.

Avoid using consecutive alphabets or numbers (For eg., abcd, 1234, qwerty, etc.). You’d be surprised how many people use these in their passwords!

Avoid dictionary words.

Passwords using only dictionary words are sitting ducks.

Do not leave your password in plain sight.

It is amazing how many people write their passwords on a post-it note and stick it on the side of their computer. Safeguard it like a key to your house.

Be smart about saving all your passwords in your computer.

First of all, do not save all your passwords on your computer. If you must, then do not use an obvious word for its filename, such as “passwords”. Be more cryptic.

Do not use your personal information in your password.

Increasingly, all our information can be found online. A password that uses parents’ names, home address, birth dates, phone numbers, etc. are easier to hack.

Do not give your password to anyone.

This must seem very obvious, but you’d be surprised how many people give their passwords to their friends for ease or so their “streaks won’t end” on certain social media accounts. If you have to give your password to a friend for some reason, remember to change it after the event.

Beware of phishing schemes.

Do not click on any links in your email unless you are expecting one. It is easy to click on a link that seems to take you to the correct website where you can log in with your login and password. Unfortunately, these phishing pages can look very much like the actual page you expect. You could be duped to enter your login and password, at which point, your account gets compromised. The best thing to do is never to click on any link in an email unless you are imminently expecting an email with a link to click.

How to create a strong password

Creating a password that is easy to remember and unique for every site takes a bit of time. Here is one way that you can create your secure password that can also be easy to remember:

Begin with a sentence like “My aunt on my father’s side is 6’2””. You could also start with a line from your favorite song, movie dialog, speech or a line from a book. Other examples are “O say, can you see, by the dawn’s early light” and “To be or not to be. That is the question”.
String together the first alphabet from each of the words and you would get:
Maomfsi6’2”
Oscysbtdel
Tbontb.Titq.
If it lacks a number and/or a symbol, add it in a logical place. For example, convert an “o” into a “0” or replace one or all ‘m’s (or any other specific character) with a ‘3’. The passwords now look like:

Maomfsi6’2” (No change needed as this password already has numbers in it)
Osc6sbtd3l (Changed ‘y’ to ‘6’ and ‘e’ to ‘3’)
Tb0ntb.T1tq (Changed ‘o’ to ‘0’ and ‘i’ to ‘1’)
Since you shouldn’t use the same password on all websites, you can customize it to each website by adding their name to this gibberish. Say, you wanted to create an account on PureLynx website. Use the first 3 letters (or last 3 letters) of the website’s name. In this case, it is “pur”. Reverse these letters. You now get “rup”. Add this to the stem of your password and you get:

Maomfsi6’2”rup
Osc6sbtd3lrup
Tb0ntb.T1tqrup
If your password doesn’t contain a symbol yet, add a symbol such as ‘#’ to the password. You now have:
Maomfsi6’2”rup (No change needed as it already has symbols)
Osc6sbtd3l*rup (Added a ‘*’ before “rup”)
Tb0ntb.T1tqrup$ (Even though this already has the period(.) in the middle, I added a ‘$’ at the end.)

These are excellent secure passwords. That doesn’t mean they can’t be hacked; it will just take a lot longer to hack an account with any of these passwords.

Check the strength of your password

For fun, check out password checker. DO NOT ENTER A PASSWORD THAT YOU USE. Enter a password similar to yours to see how long it would take to crack your password.