Two recent separate issues explained why anyone concerned with marketing and communications should also have resources at hand to deal with IT and Internet abuse issues.
In our case, my personal email address and, it appears, the company’s server have been turned into a spambot. Ouch.
I first became aware of the problem a couple of weeks ago when suddenly my email inbox filled with “bounces” of grossly spam messages. The last time this sort of thing happened to me was way back in 2004, when representatives of an Internet scammer I had “outed” on a public forum decided to respond by taking me down with something called a Joe Job. (This occurs when criminals set up things to make YOU look like a spammer, to cause your Internet service to be disabled because of spam. It’s kind of like framing someone for a crime.)
I can’t say the most recent situation is an intentional Joe Job — it is more likely that bad guys found a vulnerability in our server and are using our clean domain as a bot to broadcast their spam.
I called on my IT consultant for help, plus the technical support from our excellent ISP (Hostwinds.com) and they responded with recommendations such as changing passwords, and running malware scans on both the server and my personal computer. We discovered some viruses and nasty stuff, and the problem stopped, for a while.
Then yesterday the spam emails started pouring out again. This time, the problem has proven more challenging. There is some evidence that an outside (in the US) attacker got into our server but it is harder to figure out why. After more than 12 hours of Malware scanning, our ISP has found no problems on the server. Fortunately, at least for now, the spam seems to have stopped but I want to hear from our IT consultant that all is clear before resting.
The second story involves a contractor who sent us a news release about a moderately interesting project. We have several criteria in using news releases; the most important of which is value to the readers. (For example, we generally will not publish news releases about successful project completions, but will report on “starts” or “wins”. The reason is that downstream vendors and subcontractors may find work with a new project; a completed project only provides bragging and referencing rights for the contractor seeking the publicity.)
In this case, I asked the contractor to confirm the project’s value. The marketing representative confirmed shortly afterwards, $2 million. This isn’t a huge sum, but I had a slow news day and needed a story to fill a hole, so used the news release.
As is my policy, I will often hyperlink to the issuing contractor if the information has value to readers. In this case, again, subtrades and suppliers might want to know more about the contractor.) But then I ran into a problem. When I Googled the contractor’s name, I came up with their apparent site — but saw instead spammy “pharmacy” ads.
I emailed the contractor’s representative. She said she sees nothing wrong at her end and returned a valid link. So I checked Google again, making sure I was spelling things correctly. The pharmacy site returned to view.
After advising the contractor that the problem still seemed to be there, she investigated further and discovered that indeed Google had cached a link to an “old site” — and that site had been taken over by the spammy advertisers.
There is a fix to this problem — Google’s webmaster tools allows site owners to advise of problems like this — but the contractor probably would never have seen it without my intervention. Imagine how potential clients would have felt if they had run up against what I saw initially.
The point here is that we need to be constantly vigilant about our internet presence and behaviours. Things can happen. Spammers can try to take over your server; and you may find you allow spammy websites to take over your domain. Keep an eye out for these problems, and have resources in place so that when they occur, you can address them quickly.
P.S. I cannot overstate the value of having a responsive ISP to deal with these issues. By far I have had the best experiences with Hostwinds.com — and this isn’t a paid referral plug. Technical support issues are engaged within minutes either by live chat or rapid ticket response, and the company doesn’t push or try to up-sell expensive and unnecessary extra add-on security services.