It’s often the case that site owners find out that they have been hacked after receiving a warning via Chrome — usually while trying to visit their own website.
Worse still, some owners only find out when their hosting provider takes the site offline, which means that the site will have been infected for a long time.
However, there are a variety of ways of finding out that your site has been hacked.
Take a look at some of them below, as well as how you can detect a hack before receiving an alert.
Google Chrome notification
As already discussed, Google Chrome can alert visitors if a site has been hacked or infected.
If your website has been subject to a phishing campaign, and it is detected by Google, you will see the above notice from Google Chrome.
A phishing attack occurs when a victim is emailed a URL that contains a link to your site. A hacker will therefore be using malware on it to trick the victim into taking a certain action that will reveal data or private information.
This warning tells you that your site is hosting malware after a hacker has breached its security defences. This means that your website will be infecting visitor’s computers and hand-held devices.
Your hosting provider takes your website offline
Quite possibly one of the worst ways of discovering a hack, if this happens it means that your hosting provider has received reports that your site has been hacked.
Once that a host receives such a report, it is not unusual for it to take a website offline within a matter of minutes.
Ensure to have backups of your website, as some hosting companies will immediately format an infected server or account.
It is uncommon for a host not to notify the owner once a site has been taken down.
Search results flag your site
For some time now, Google has been warning searchers of hacked websites within its search results.
Quite often it will remove sites from its listings completely, but occasionally it will offer a warning to users in the search results, and again when they click through to the website while using Chrome.
You get a notification in Google Search Console
Most websites will already have installed Google Search Console, which is especially important for receiving alerts that Google might have encountered while indexing your site.
If it is not already signed up, you can do so here.
Aside from informing you of aspects such as indexing, the console can also alert you if it detects that your site is infected with malware.
You can enable email alerts by going to “Search Console Preferences”, and you will be immediately notified if Google encounters malware on your site.
The warning will look like this:
A malware scanner informs you of issues
If you’re using WordPress, the chances are that you’re using a free malware scanner, which can also inform you of a hack.
This is probably the best method of being made aware of a breach, as you will be able to deal with it in the shortest amount of time.
Keep an eye on your emails and other alerts so that if anything happens, you can respond to it as soon as possible.
A customer gets in contact
The likelihood is that your customers will be on your site more than you, so a customer might contact you regarding a hack before Google or a hosting provider.
Whatever you do, letting your customers know that you are taking action is crucial.
Consider taking your site offline while you sort the issue.
Getting serious about detecting a hack before anyone notices
There are many ways that you can discover a hack before anyone notices, and the first way to check is by looking at traffic spikes.
If your site happens to experience a surge in traffic, although this can be good, it’s worth checking whether it is due to a hack.
This is because hackers might funnel users through your site so that they reach another infected site, rather than infect people with malware directly on your own.
If you find that your site has been receiving a lot of traffic, perform a source code scan and verify that you have not been hacked.
Monitor your website for “bot” traffic that might not be logged by Google Analytics.
Keep an eye on your site's appearance
Occasionally hackers will change text and copy on websites, so ensure to perform a regular scan on your site to check for signs of an infection.
Another sign to look for is a PHP error, which can often appear at the top of a page before the content is presented.
Use CyberScanner to detect security flaws before they become security breaches
CyberScanner searches for 98,000+ known vulnerabilities using the latest finger printing technology.
Regular checks from CyberScanner covers both active and passive issues and reviews a range of factors within databases, code, XSS, CSRF detection, path injection, and source code disclosure.
Once that CyberScanner completes a scan, it presents its findings in the form of an easy to understand report, which can be passed on to developers to resolve any ongoing issues.
Find out more about how CyberScanner works, here.