Phishing Scams Target Some of the Biggest Online Brands

Amazon and PayPal are the best ways to make financial transactions online. WhatsApp is the secure messaging service with end to end encryption. Everyone uses Facebook and Gmail. What could go wrong?

If you think the best-known names on the internet are safe, it’s time to think again. Online criminals are getting smarter and sometimes the bigger the brand, the more worthwhile it is to invest in a scam that will actually fool people.

In the past, phishing emails were easy to spot, with bad grammar and spelling mistakes a native speaker wouldn’t make. Today, scammers not only use perfect English, they’ve often expertly matched the logo, style and URL, so it takes a careful comparison to see the difference. Meanwhile, legitimate sales platforms, such Facebook Marketplace, are full of people trying to convince you to hand over money for nothing in return.

Don’t assume anyone online is telling the truth unless you have verification from an independent source. It takes only a few seconds for hackers to steal financial details or infect your computer with malware that will allow them to access personal information. Help protect your privacy and safeguard the entire family’s reputation with ReputationDefender’s online privacy services. We’ll tell you about system vulnerabilities before they become a problem and help you deal with leaks after the fact. We’ll also keep you up-to-date on some of the most recent scams.

Companies to Double Check

Here are 6 well-known companies that have recently been targeted by scammers.

  • Amazon – Hackers have been sending convincing receipts for products that were never purchased complete with a link to follow if you want a refund. Don’t fall for it. Open a new browser window and sign into your real Amazon account to check your orders.
  • Apple – A group of scammers have been caught trying to convince people to pay off tax debt with iTunes gift cards. The message may come as a phone call, text or email claiming to be from the HMRC, but fraudsters ask for iTunes vouchers, which can be sold or traded anonymously, to pay off the overdue tax. The HMRC would never communicate in this manner and Apple doesn’t use iTunes as payment ‘outside of official stores’.
  • Facebook – Facebook Marketplace isn’t even a year old and it’s already full of scammers. Since there is no official payment method, it’s up to buyers and sellers to make an agreement. A number of fraudulent users have been insisting on payment via bank transfer, but once the money is turned over the product is never delivered and messages are blocked. Never agree to a bank transfer with someone you don’t know well; there are too many ways this can go wrong.
  • Google –A new Gmail scam has been scarily effective, even with tech savvy people who don’t usually fall for phishing. The trap appears to be an attached file from a contact, but instead it’s an embedded image which will take you to a Google sign-in window when you click on it. The window also appears legitimate, complete with ‘One Account, All of Google’ at the top of the page. However, once you enter your login details hackers have complete access to your account and start to target your contact list almost immediately. The only way to spot this scam is by noticing a subtle difference in the URL which begins with ‘data:text’ rather than ‘https’.
  • PayPal – Look for a warning that claims there’s been ‘unusual activity on your PayPal account’. The scammers have cleverly copied enough identifying marks to make the email look legitimate, but the clicking on the link will give them access to your account.
  • WhatsApp – WhatsApp users have reported messages claiming to offer free Sainsburys gift cards in celebration of new stores opening. Unfortunately the message has nothing to do with Sainsburys and clicking on the link will install malware that allows hackers to steal information from your phone.

New phishing scams appear all the time. Learning to recognise the signs will help protect your reputation and keep your information secure. For further questions or concerns about phishing scams, contact our experts at ReputationDefender.

Redesigning Your Website? Follow These 10 Steps to Keep Your Ranking

If you’ve been using the same website for a number of years, it’s probably time for a makeover. Designing an updated site is an exciting chance to give the brand a new image, but it can be challenging as well. What if the new look doesn’t resonate with customers? What about ranking the site for key brand-terms? Are you going to have to start over with promotion for the new site?

SEO is an Important Part of Redesign

Any entrepreneur thinking about updating their website should be asking these questions. Search engine reputation management, ranking the brand’s official website high on page one of a Google search, is vital to attracting and keeping customers. At ReputationDefender, we assist business clients with building a positive reputation that will make it easy for customers to find them online. A professional, well-optimised website is part of this.

The good news is it’s possible to design a new site without losing all the work you put into the old one. In fact, this can even be a good time to fix some of the issues that are still causing problems so the updated version actually generates more traffic. However, to be successful you’ll need to put a good deal of time and effort into SEO. It might be less interesting than the more artistic elements of a redesign, but it’s worth it in the long run.

10 Steps to Updating Your Site

If you’re working with a professional website building company, make sure you communicate your SEO needs from day one. Follow these 10 important steps to make sure you don’t lose ranking.

  • Crawl the old site. – This will give you a blueprint of the existing site’s structure, including meta data, titles, URLs etc.. You can then use this data as a roadmap for designing the updated site. To crawl your site, you will need the Screaming Frog SEO Spider Tool, or a similar type of software. Free versions of Screaming Frog are available, depending on the size and complexity of your site.
  • Run an SEO audit. – After crawling the site, it’s important to examine the data and identify errors or areas that aren’t performing well. This will help show what you need to change in the new design. Audit tools such as Woorank will do this for you, or you can manually go through the crawl-data to get a better feel for what the issues are . You’ll need analyse titles, H1 headings, meta descriptions, canonicals tags and alt-image text. Check for duplicate content, missing tags and broken links. Use Google’s analytics tools to verify how the pages are being indexed, and check speed and performance.
  • Block the test site. – Missing this step is one of the biggest mistakes you can make with a redesign. If Google indexes the test site as it’s being built, then the pages will be devalued as duplicate content when you launch the site for real. Fortunately, there’s a simple fix. WordPress and many other website-building platforms have a ‘noindex box’ which you can check to ‘discourage search engines from indexing this site’. Alternatively you can also block the site using the Robots.text file.
  • Crawl the test site. – Use the software from step one to crawl the test site. Save a copy of both crawls, the current site and the test site to use for editing.
  • Analyse and compare the data – Match up the page structure and headings that are working on the current site with corresponding elements on the test site. Fix the issues that were uncovered in the audit so they aren’t transferred into the redesign. Keep or promote pages that are working well.
  • Update URLs – If you don’t redirect the old URLs to the new site, you’ll get 404 ‘page not found’ errors. To fix this, you’ll need to first create a corresponding URL on the test site, then redirect the old address to link directly to this page.
  • Optimise New Content – Some new pages won’t have a match-up link in the old site. These will need to be optimised to use keywords in the title, URL and H1 headings. Make sure there’s only one H1 tag per page.
  • Optimise Links – Links are an important ranking factor, but it’s just as important not to overuse them. Limit yourself to links that are actually useful for SEO purposes. Use specific descriptive words in your CTAs so it will be easier for Google to index them and rank their importance.
  • Unblock the Site – Don’t forget to remove the ‘noindex’ tag before you go live.
  • Test Ranking – Once the site goes is up and running, you’ll still need to test how it’s performing for important keywords. Check Google’s indexing and analyse organic traffic. If there are problems, another SEO Audit like you did in Step 2 may be necessary to find and fix the issues.

Going through these steps will help to transfer the reputation capital you’ve worked so hard to build and that will save a lot of time and money once you start using the new site. If you are not familiar with technical SEO, consider getting professional help since this is a very important part of the process. Our experts at ReputationDefender work with new and well-established companies to make sure every update enhances the brand’s existing reputation.

Vulnerability Discovered – Why You Shouldn’t Use WhatsApp and Telegram on the Web

According to the Israeli security firm Check Point, even encrypted messenger apps like WhatsApp and Telegram can be penetrated by malware. Just this month, spokesperson Doros Hadjizenonos announced the firm had discovered a weakness in the web versions of these apps. The vulnerability allowed hackers to send a contaminated photo capable of infecting the entire account upon opening. Both companies have reacted immediately to patch the problem and users who have downloaded the latest version should be protected. However, security experts are still advising that high-risk individuals stick to the mobile version of WhatsApp and Telegram.

Encrypted Apps are the Secure Choice

Privacy and reputation go hand in hand. ReputationDefender clients include individuals and businesses working to build a positive web profile. A few personal details or a private message made public can quickly undo months of effort. With over 1 billion users, WhatsApp is the go-to messenger app and the announcement of ‘end-to-end encryption’ last year made it one of the more secure choices as well. A unique encryption key means no one but the intended receiver can unlock and read the message, not even WhatsApp itself. Meanwhile, the lesser known Telegram has been offering ‘Secret Chats’ that rely on a similar encryption key for several years.

What Went Wrong?

Unfortunately, in this case encryption created its own unique problem. Since the sender’s content was scrambled before upload, the app wasn’t always able to identify contaminated files. Hackers could conceal HTML code in a harmless-looking image and send it to an unsuspecting user. Opening the message in a web application would allow the malware to run immediately on the user’s browser, giving hackers access to the entire account: personal contacts, messages, images… everything.

Hadjizenonos has assured users that WhatsApp and Telegram both responded quickly and responsibly to Check Point’s warning. The input validation process has been improved to identify and block files containing malware on both web and mobile versions. As always, it’s important to download the latest updates immediately, since these often contain fixes for weaknesses and vulnerabilities that have just been discovered.

What’s Different with Web Apps?

The larger lesson is that the mobile versions of WhatsApp and Telegram are more secure than the web-based versions. Web apps use JavaScript which will input new code and overwrite functionality immediately. Mobile apps don’t support this ‘just-in-time’ compiling; changes much be downloaded and configured before installation. This means users are better protected from the type of vulnerability spotted by Check Point.

Although this particular risk has been eliminated, it won’t prevent hackers from discovering a new access point in the future. If your WhatsApp account contains data that could hurt you if it were made public, it’s best to avoid messaging on the web. Stick to mobile, where there’s an extra layer of security.

6 Tips for Better Business Blogging

Writing a business blog is an excellent way to build a positive online reputation. At ReputationDefender, we recommend blogging as a keystone strategy for all our business clients. Blog posts offer valuable information on issues related to your brand and let customers know why they should invest in your services. In addition to this, they help to build traffic to the company’s other pages, directing potential customers back to the official website and acting as fresh material to share across social media profiles.

How to Write an Effective Business Blog

So, how does one actually go about creating a business blog? What is the difference between this type of publication and a personal journal? What are the pitfalls to be avoided and how do you generate genuine readership?

Here are 6 tips that will help to answer these and other questions:

  • Brainstorm a List of Topics – Deciding what to write about can sometimes be the biggest challenge. Readers will be more interested if they feel you are invested personally, but at the same time it’s important to maintain a level of professionalism and stay focused on topics that are relevant to the industry. Write a list of questions about the company: What does it do? How did it start? What challenges do staff face on a typical day? What are your goals for the future? The answers to these questions will start to uncover a wealth of business-related blog topics.
  • Plan the Blog – Once you generate a list of possibilities, plan the first few months of posts in a way that will makes sense to readers. Include at least one company origin story that offers a window into your (or the founder’s) inspiration. A behind the scenes look at how staff serve customers on a daily basis is also helpful. From there, move on to more technical posts that focus on industry trends or specific products. If there are any special company events coming up, plan to cover them with a blog post. Stick to a regular update schedule, whether it’s daily, weekly, or monthly, so readers know when to look for new content.
  • Choose the Style – A business blog should let customers get to know you on a personal level, while at the same time remaining formal enough to generate a sense of professional authority in your field. The exact style depends on your personality, the company’s overall vibe and the type of reader you want to attract. It’s fine to employ one or several ghost writers who are able to match the style and tone you want, but make sure you personally double checks posts to avoid publishing mistakes that could cause reputation damage.
  • Create a Formula that Works – Not every blog post needs to look the same, but it helps to stick with a general formula so readers know what to expect. This will also make it easier and quicker to write the posts. Draw readers in with an engaging story. Lay-out the problem as well as how your company can fix it. Add a Call to Action sending customers to the page you want, whether it’s the company’s website or a special offer page. Add interesting details so customers don’t feel like the post is just an advertising gimmick. Numbered lists or bullet-points help to format content in a way that is easy to follow and has been proven to boost traffic.
  • Vary Post Length – Anywhere from 300-2,000 words can be an effective length for business blogging. Different readers will be attracted to different types of content, so it’s a good idea to vary length, but most typical posts should be between 500 and 750 words. Interesting content is more important than length.
  • Use Click Generating Titles – A viral headline is what will get a blog post to rank where customers will see it. Using a numbered list is one of the best ways to attract readers. Directly addressing the reader and offering a concrete promise (such as ‘how to improve your blogging ability’) has also been shown to be effective. Beyond this, using emotion-generating superlatives, like ‘amazing’, ‘inspiring’ or ‘unique’, helps to attract the reader’s attention. Don’t resort to click-baiting, since this won’t attract long-term readers and may even end up hurting the company’s reputation. Make sure the content follows through on the headline’s promise.

Even the most interesting, well-written, relatable content won’t attract readers by itself, so it’s important to promote the blog once it’s written. Run a marketing campaign across all channels including the website, social media profiles, email signature and physical location if there is one. Promote the blog at all events so it really becomes part of the company’s personae. Once you generate a regular readership, posts will rank higher and they will be seen by more people. Popular posts can generate traffic over an extended period of time, so it’s well worth the initial effort to get the ball rolling.

Online Reputation – Don’t Forget to Manage Your Review Responses

Reputation management has a lot of similarities to online marketing, but it doesn’t stop there. Building a professional website, writing blog articles, and running an advertisement campaign are all important aspects of ORM. Yet beyond this, companies need a structured plan for building lasting relationships through online customer interaction.

Reviews Are Important

At ReputationDefender, we assist clients with generating and ranking positive content, but unfortunately, a few negative reviews can quickly undo all your hard work. Today’s customers are looking for more than brand generated content. They also want to see what kind of experience past customers have had. Studies have shown that 90 percent of customers read online reviews before trying a business for the first time, while 88 percent will trust these reviews the same as an in-person or word-of-mouth recommendation. This can translate directly into profits; businesses that receive predominately positive reviews see a 31 percent increase over those that don’t, while just one negative review can cost a company about 30 customers.

It’s Hard to Control What People Say

It’s hard to control who writes reviews on the internet, which can leave business leaders feeling somewhat helpless. Customers who’ve had a very memorable experience, either positive or negative, are more likely to take to the internet to express their feelings, and since many people tend to notice negative experiences more often than positive ones, online reviews don’t often represent a good cross-section of a business’s customers.

You can change this, as we mentioned in an earlier post, by generating more reviews. If every customer writes an honest critique, you’ll likely get a lot of positive comments (assuming the business is doing a good job overall) as well as a few pointers about where to improve. But even with the best review campaign, the majority of people visiting the site will still be there to read what others say, not to contribute.

Company Responses Make a Difference

This makes it very important for businesses to participate in the conversation taking place on review sites. Responses posted directly to this page will be read by everyone. Even if you don’t change the mind of the person who originally gave your business a negative rating, you can show other customers that you take feedback seriously and are sincerely trying to do a good job. Professional responses can often make you appear the more reasonable party.

Any serious ORM campaign needs to include a strategy to manage reviews, especially the company’s responses to reviews. The wrong response can generate more negative attention than the original comment, yet the right one offers a way to undo a lot of the damage and build a better, more honest relationship with customers. Managing reviews isn’t a job to be delegated to a college intern who happens to be handy on the web. It needs to be handled by a professional, preferably someone with real experience and standing in the company.

Planning a Response Strategy

Managing reviews is just like managing other aspects of your reputation. It needs a well thought-out plan, good writing and online communication skills, and of course technical tools to avoid missing content. Your response strategy will need to answer these four questions:

  • How do you keep track of reviews? – There are a lot of review sites on the internet and even with a full-time team it’s impossible to keep track of them all. It’s easy to set up a Google Alert for the brand name and any other relevant keywords. Other software is available with more complex capabilities that will let you monitor social media sites as well.
  • Which reviews are you responding to? – Don’t just respond to negative reviews. It’s important that people who write positive feedback feel their comments are also important to you. You should aim to respond to about 99 percent of reviews, even if it’s just a simple thank you.
  • Who writes responses? – Designate a person or a team to write responses. It helps if a high ranking executive or manager responds to at least some comments so it’s obvious the entire organisation is taking part in the feedback effort. Given time constraints, it may not be possible for this person to write every response, but make sure all team members have clear instructions about the style and content expected so the responses have a similar tone.
  • How will you respond to customers who are dissatisfied? – It’s never a question of if you will get a negative review, but when. It’s important to take these comments as constructive criticism and not react defensively. Some customers may bring up real areas where the company could improve, while others may be hard to please in any circumstances. Either way, write a short polite response within a few days. Take ownership of the problem. Explain what happened, and also what action has been taken to prevent to the issue from occurring again. Compensation can be appropriate in some cases if the customer experienced a loss of time and/or money.

If you stick to your response strategy, you’ll be able to build on positive reviews and avoid sustaining too much reputational damage from negative ones.

Knowing you have the ability to dilute the effect of hurtful comments just by how you respond makes online feedback feel far less threatening.