Blog
Outsmarting a Hacker: Password Pitfalls and Protection
February 27, 2013
We’ve all been guilty of it— creating a password that’s easy to remember and using it for multiple sites. How else are we supposed to keep track of the dozens of sites we use on a daily basis?
Unfortunately, as we are forced to manage these number, letter, and symbol combinations in our brains, hackers are becoming more efficient than ever. As computers advance, hackers can work quickly and in groups to easily access private information. In fact, a recent Ars Technica article details hacking advances and reports that a PC running a single AMD Radeon HD7970 GPU (nerd talk for a fancy video graphics card) can try, on average, 8.2 billion password combinations per second.
So while we think we’re smart for creating intricate passwords, it seems impossible to outsmart the computer. According to the 2012 Norton Cybercrime Report, 40% of internet users do not use complex passwords or regularly change their passwords, and nearly half of users have been asked to change a password because their account has been compromised.
What’s the Worst that Can Happen?
Nobody wants to believe they are a target for being hacked, but we’re all vulnerable. Consider this– when you create a username for a site, you’ll often use your email address as a login. Next thing you know, you have a generic username on your most used sites, and your passwords may be extremely similar.
Let’s take a look at some hacks:
1) Burger King’s Twitter
Earlier this month, Twitter revealed that 250,000 accounts had been hacked. Then on Feb. 18, the Burger King Twitter was hacked, and the user that gained access announced that Burger King was bought by McDonalds
After a few hours the account was taken down, but the cause has not been identified. It just goes to show that even someone who can’t spell (note: “Fredom is Failure”), can find a way to infiltrate an account.
When a personal Twitter account goes under attack, it can be an easy-fix, but in the case of Burger King, it could have quite the negative impact on their reputation.
2) Emergency Alert System (EAS)
Recently television viewers around the Great Falls, Montana area heard this emergency alert:
“Civil authorities in your area have reported that the bodies of the dead are rising from their graves and attacking the living. Follow the messages onscreen that will be updated as information become available. Do not attempt to approach or apprehend these bodies as they are considered extremely dangerous.”
The message occurred during a broadcasting of “The Steve Wilkos Show,” airing on the CBS affiliate KRTV station. It’s been reported that a hacker broke into the EAS and affected at least four television stations.
Duane Ryan, director of programming at a New Mexico affected station KENW, admitted that the station did not change the default username and password that they received with the EAS computers, making the station an easy target for the zombie alert.
3) Wired Writer, Mat Honan
Last year Mat Honan, a writer for Wired Magazine, had his entire digital life wrecked by a hacker who was able to gain access to almost everything he had online. His experience illustrates to many the dangers of having so much private information online and the ability of hackers to exploit weaknesses in customer support systems.
In his case the vital bits of information were gained by talking to customer representatives for Apple and Amazon. Both companies use different information for verification and make some information available once you have been “verified.” Amazon gave the hacker the last 4 digits on his credit card, which they then used to verify with Apple that they were the account holder. From his Apple account they were able to erase all the data on his iPhone, iPad, and MacBook as well as gain access to his Gmail and Twitter accounts. The hacker claimed to want to expose the weakness and while he did that he also destroyed family photos, work documents, and much more.
How Can I Protect my Accounts?
It seems impossible to create a password that won’t come under attack, but there are some tips that can help keep your accounts secure:
- Create a unique username and password combination for all your sites.
- Use a minimum of nine characters when creating a password and have at least one uppercase letter, one number, and one symbol.
- Try using a randomly computer generated password.
- Use a password management app like 1Password or PasswordSafe. These will help you maintain a unique password for your sites and make it easier to remember to change your password every few months.
- Avoid keeping documents with a list of all your password and usernames. If that’s found then it’s pretty much over for you. Instead, keep a handwritten copy of your passwords that is much less likely to be compromised.
But if it does happen to you…
While it’s impossible to know when you’ll be hacked, there is always the chance that it could happen. If you realize you have been hacked, monitor the activity on all major sites to make sure it’s not across multiple accounts. A site like Should I Change my Password can help you determine if your email has been compromised. You’ll want to go through and change your passwords on compromised accounts, monitor your credit reports (just in case), and make sure you revoke access to third-party accounts by looking over your settings and permissions.
Written by Charlie
(No Comments)
Blog, Helpful Hints and Tips, Wordpress Tips and Tricks
Mobile Websites vs Responsive – Don’t redesign your Desktop site just yet
December 21, 2012
The buzz in the industry seems to be that responsive design is the wave of the future. Many people feel that creating a mobile site is a waste of time, for three main reasons:
- Need to create different designs for each site
- Need to update content on 2 different websites
- Additional cost for development of the mobile site
I think responsive is a great solution for a new website, but I don’t think it is essential at this point.
- iPads and tablets count as mobile devices, but most desktop sites are not difficult to use on these larger screens.
- There are some great responsive templates, but as a whole, responsive designs are simpler and less detailed than desktop designs. Also their layouts are often limited to certain styles.
- Responsive CSS is new to most developers so you will pay a premium for a custom responsive design.
The biggest reason why I feel that a responsive design is often unnecessary is because of the availability of mobile website tools that solve the biggest issues with a separate mobile site. DudaMobile will ‘mobilize’ any website. If you don’t believe me put a URL into their website and you will have a mobile website in minutes.
- Works with any CMS.
- Will allow for certain sections to be populated dynamically. Imports new content from your website.
- Allows for easy customization of your mobile website.
- The downside of this services is that it costs $10 a month.
WP Touch Mobile website
WPTouch is a mobile plugin for WordPress sites that has a great free version.
- Content is automatically updated through WordPress.
- Allows for easy customization.
- Free version works well, and does not require an attribution link.
- PRO version is available for a 1 time fee rather than a monthly payment.
There are a variety of other mobile solutions but these two options are the best we have found for solving the common issues with a separate mobile site.
- Dynamically update content. No need to update two websites.
- Choose from a variety of simple mobile templates and customize colors.
- Cheap and easy setup.
To see WP Touch in action you can see our latest projects by pulling up these sites on your phone. LuongoBellwoarLaw.com and Naturescapes-pa.com
Written by Charlie
(2 Comments)
Examples of Effective and Ineffective Facebook Ads
September 1, 2012
Writing Facebook ads is much different than other advertisements. Advertisers are pushing the limits of what is relevant to their business. The other day I saw a “click like if you like Dexter”. I was thinking this would be a Dexter page, maybe a Showtime page, but I discovered it was an Xfinity ad. Xfinity is our local cable company in case you are not from the area. We don’t recommend making your ad completely irrelevant to your business, but our goal is not to convert this person into a customer with the ad. Our goal is to get the person to like our page, then we can tell them more about what we do over time with updates. Here are some ads that failed and some that did well.
Bad |
Good |
 Clicked 1 / 100,000 Impressions |
 Clicked 1 / 2,000 Impressions |
Facebook defaults to your page’s logo when you create your first ad. For people who are just learning this often seems like a good idea, but we have never seen a successful ad that uses the company logo.
 Clicked 1 / 100,000 Impressions |
 Clicked 1 / 1,500 Impressions |
What a difference the ad text can make. We get tired of writing “click like if” but it seems to be the only thing that works.
 Clicked 1 / 20,000 Impressions |
 Clicked 1 / 1,000 Impressions |
I thought The Wedding Singer was just as good as Old School, but apparently the Wedding singer in Old School is more recognizable. This ad demonstrates trial and error when running a Facebook Ad Campaign. Sometimes quirky ads hit home, and sometimes they flop.
 Clicked 1 / 50,000 Impressions |
 Clicked 1 / 30,000 Impressions |
This last one did not perform very well, but we wanted to show an example of optimization. If you can find an image that works, varying your ad text can drastically improve its performance.
Have fun creating your improved Facebook ads. Thanks to Brandywine Valley Talent and Rick’s Auto Detailing for letting us use their ads as examples.
If you have examples of your own post them on our Facebook page and we will consider adding them to this post.
Written by Charlie
(One Comment)
How to get more Facebook Fans
August 15, 2012
If you are throwing a party don’t skimp on the invitations
Advertise. We are in the middle of a Facebook advertising campaign that has brought us a bunch of great fans at a reasonable price. Because Social Media is perceived as “free” advertising, many companies are hesitant to spend any money on advertising. Many companies choose to grow their fan base by giving away an iPad. Unless you are an electronics store this will likely attract of lot of fans that are not potential customers. Usually it is better to put that money into advertising that can be more geared towards your target market. As a B2B company with a limited ability to target small business owners on Facebook we still decided to advertise and here is why.
- Perceived popularity – As a company that offers social media consulting it was particularly important that we increase our page likes, but for any type of business people take notice of your number of likes. More likes makes the company look more reputable and popular. In order to grow your Facebook likes we have also found that people are more inclined to click “like” if they are #230 than if they are #23. It’s like a party and no one wants to be the first one there.
- Content Exposure – If you have a blog you may spend a lot of time coming up with note worthy content. If you are working on an SEO campaign, many of your blog posts may be “link bait” in the hopes that someone will link to your post and help your website rank better in Google. There is no way to pay for blog followers, but you can pay for Facebook fans. A larger fan base will give you a much wider audience for your posts, which means more links and blog readers. Its ironic how paying for Facebook advertising can help you rank better in organic Google results.
- Exponential growth – The goal of most social media campaigns is to take advantage of the easy sharing on Facebook. If someone likes or shares your post, their connections will see the activity and may start following you as well. In the best case scenarios your content will go viral and be viewed by millions. Following this logic, the start of your social media campaign will be extremely slow. If only 10 people are notified of the new article, the pool of their potential connections is exponentially smaller than if you notified 100 people. For this reason it makes a lot of sense to advertise at the beginning of your campaign to jump start your fan base and accelerate the growth of the campaign.
- Affordability – After the first week we averaged about $1 per like. So we spent $90 and gained 90 Facebook likes. If we advertised on Google adwords we might have paid $2-$3 per website visit. Although the chances of someone contacting us immediately after clicking on a Google ad are greater than someone clicking on a Facebook ad, we have the ability to keep in touch with our Facebook likes. If you publish interesting content on your Facebook page, a Facebook like will be more valuable than one shot at converting the potential customer on a website.
What you need for a successful Facebook ad campaign
- Facebook landing page to send your ads. Here is our Facebook Landing Page as well as our tutorial on how to create a Facebook landing page.
- A good set of Facebook ads. Here is how to set up a basic Facebook ad campaign. We will also be coming out with a series of posts on successful and failed Facebook ads.
Written by Charlie
(One Comment)
Helpful Hints and Tips, Internet Marketing Tips
How to set up a basic Facebook Ad campaign
August 9, 2012
Setting up Facebook ads is far different from creating ads on Search engines. Think of the difference between a person searching for a product, service, or information, versus a person who is just killing time at work on Facebook. In this tutorial we will walk you through the basics of signing up for Facebook ads as well as the basic strategy we employ when choosing images and ad copy.
Step 1: Where the ad takes you
Login to Facebook and click the small down arrow in the top right of your screen and select “Create an Ad”. You will be asked for the destination of your ad and you will see a list of pages. Although you may enter the URL of your website, we recommend using your Facebook page. Ads directed to an external URL will cost more than an ad for a Facebook page. ”Liking” an external page will show in the persons News feed, however, liking your business page will keep them exposed to new posts from your business page.
Step 2: Creating Your ad
Title: When you are advertising a Facebook page you cannot change the title of the ad. It will always be the name of your page.
Copy: Writing copy for your page is easier than you think. Our goal is to get the person’s attention and ask them to like something that everyone likes. Getting someone to read your services and buy based on the ad is unrealistic. Remember that this person is not on Facebook to buy anything. Instead our goal is get the person to like your page, then become interested in your Facebook updates that periodically appear in their news feed. We generally tell clients that 4/5 Facebook posts should be entertaining, helpful, or anything but sales jargon. 1/5 can fall into the category of shameless self promotion.
Image: The primary goal of the thumbnail image, measuring 100×72 pixels, is to get the user’s attention. You will have to get creative here and try to find something off of Istockphoto.com or maybe you have some pictures of your own. Your logo is not a good Facebook ad image.
Landing View: For best results you should create a Facebook tab as a landing page for your ad. You can see an example of our landing page, or we have instructions on how to create your own Facebook tab. Unless you are a developer, it is probably easiest to use Iframe Apps to create a landing page. If you don’t want to make a landing page you can just direct users to your timeline. When users see the ad they can click the title, which will take them to the landing page, or they can click the like button which won’t take them anywhere.
Step 3: Choosing Demographics
You will have to use common sense when choosing your demographics. We usually do business locally so we set our ads to appear within a 50 mile radius of Philadelphia, and we want to target business owners. Selecting “Small Business Owners” has an audience of 90,000 people. It sounds like a lot, but even great Facebook ads will only get clicked 1 out of a 1000 times they are displayed. In a few months our ads will have been displayed to every person in this group several times, so we will need to write new ads or widen our audience to stay cost effective.
Other options for targeting include a persons interests, their relationship status, their education, and their connections.
- Interests can be used to target pet lovers for a veterinarian, reading for an Author, or Photography for camera sales
- Relationship status might be helpful for something like a wedding band who wants to target engaged couples
- Education is a good way to target a more affluent market
- Connections can be used to target friends of people who like your page. This becomes more effective as you get more “likes” and the pool of “friends of friends” expands.
Step 4: Objective and Budget
We leave the objective set to “Like my page” because that is our objective rather than trying to call attention to particular post. We won’t go into why this causes you to pay by the impression rather than pay per click. After a few days the ad above ended up costing about 75 cents per click/like.
We suggest creating at least 5 ads to start with. Check them periodically to replace poorly performing ads with new ones. Unlike Search Engine ads these ads will be continually shown to the same people so their performance will decline over time. Depending on the size of your audience you may need to replace all of your ads each month or change your audience if their performance declines.
What is a good Click through Rate (CTR) for a Facebook Ad?
Obviously it depends greatly on what you are trying to sell, but in our experience .1 % (1 of 1000 clicks) is acceptable. We have seen ads as high as .5 %. If your ads are less than .1% we suggest coming up with new ad ideas.
Who is a good fit for Facebook ads?
Not all of the business we work with are a great fit for Facebook. If you don’t have an active news feed it is probably not worth investing in Facebook ads, but for some businesse Facebook ads can be a great investment. Remember that the more people who like your page, the more likely other people are to like it. People are more likely to be 500th person to like your page than the 25th, so sometimes a Facebook ad campaign is necessary to get your page off the ground.
Written by Charlie
(No Comments)
Blog, Helpful Hints and Tips, Internet Marketing Tips
How to fill out your free Manta Profile
April 17, 2012
With tens of millions of business profiles Manta is one of the largest business information websites on the internet. Creating a business profile or claiming an existing one is simple. If you have had any online presence with your business in the past Manta likely has a basic profile for your business already. So first step is to search Manta for your business by name. If you find it visit the profile and click the “claim this listing” link. If not you will be prompted to add a new listing. The procedure from here is the same.
Now you will need to either log in to an existing Manta account you own or create a new one. Manta asks you to give a name and how you are related to the business (owner, employee, or representative.) This will appear on the profile so it is best to use legitimate and complete information.
Then we are guided through a 4 step process to fill out the profile. First step is business name, address, and website link. Second you can add a description of 150 characters and 5 services so choose wisely. The third step allows you to choose 3 business categories. With lots profiles come lots of categories and Manta’s category match tool can be a little confusing. Make sure you double check the parent categories of your selections to find the most relevant category to your business. Step 4 is the up sale, ignore it and look for “No thanks. Continue to my profile. »” towards the bottom.
Now this is honestly a feature I haven’t used but you are prompted to import email contacts. This would help you to find people and businesses connected to your business on Manta. They support many common email services (gmail, yahoo, hotmail…) If you are setting this up for your own small business using more of the social features of Manta could be a real plus. You can choose to do this step now or skip and view your profile.
So now your profile has all the basic business information. There are a couple more things you can do to improve your free listing. If you have a logo to upload you should start there. You can edit your “metro area” and add a nearest landmark in the top area. Below that is a product area where you can create product/service pages with text, one image, and a link. With the free listing you can create 3 of these pages with max 250 and 3000 character descriptions, one picture, price, and a link. These are a great addition to your business profile with links to interior pages of your company website. You can see Petrillo Stone Corporation as an example of a completed profile.
Back on the main profile keep filling out as much as possible because completeness of the profile counts towards Manta’s ranking of your listing. Make sure to add a detailed business description, it can be up to 800 characters. You can add business hours and a description, again put something just for completeness.
Finally at the bottom of the profile you have a few more fields to complete. Business info can be modified here along with adding brands carried. There is an additional information space of 200 characters and another 200 for Green Initiatives. Professional memberships, certificates, and licenses can be added as well. Then its just external media links and the obligatory Facebook and Twitter links.
It might take more then the few minutes Manta would have you think but creating a free business profile here is a must.
Written by Charlie
(No Comments)
Why website training is important for web developers and customers
March 25, 2012
Some web companies make a limited effort in training their customers because they will make money off of support requests in the future. Also, some web designers still do not install a content management system and make their customers pay to update their website. This is a short sighted approach. If the cusomter has trouble updating their own website, they will be less inclined to do it. They are even less likely to update their website if they have to call their web company and pay them for support. When we need to bill less than an hour to help out with website support everyone looses. The customer feels nickel and dimed, and we don’t want to stop what we are doing for 15 minutes worth of support.
If the website development customer is trained properly they are more likely to update their website, and refer your services to others. When the website is updated more frequently is usually becomes more popular, and the company is more successful. Instead of calling you for help updating the website, the company will be calling you to add new functionality, build another website, or start on another project. This type of work is far more profitable for both parties.
WordPress Training Video: How to add photos, PDF’s and MP3′s
We are sharing this video because we want to show you the level of service we provide for our customers. For larger websites we like to create a library of training videos so that they can refer back to them when needed.
Written by Charlie
(No Comments)
Blog, Helpful Hints and Tips, Internet Marketing Tips
Why is my Microsoft Adcenter Budget being spent on the first day of the month?
March 22, 2012
Recently we had a client who’s Bing PPC monthly advertising budget was being depleted during the first few days of the month. The client had been using a small monthly budget on Bing since the beginning of 2011. What had happened was that during the year Bing had completed their search integration with Yahoo. This increase in search queries and the advertising competition that came along with it had made their monthly budget too small. What before would easily cover a month was now being blown through in a single day.
The solution was quite simple, adjust the Bing advertising budget from monthly to daily. Luckily one of the other changes Microsoft brought to Bing last year was a simplified budgeting system. This was also another factor in why the monthly budget was no longer lasting the whole month. When the changes were rolled out in mid 2011 the daily budget became the new default and monthly budgets could no longer be divided evenly across the month.
To set a daily budget in the Microsoft adCenter you must navigate to your ad campaign. Once on the campaign you will see a link titled “Edit your campaign settings” on the line below the campaign’s title.
Your choices are either a daily or monthly and for daily budgets either standard or accelerated.
Monthly budgets are really only a good choice for those with a very large budget. Google has fine tuned its spending to spread even the smallest budgets out over the course of the month. Bing has not perfected this for smaller budgets. That leaves us with a daily budget and we selected standard which evenly distributes the spending so the ad is seen throughout the day.
Written by Charlie
(No Comments)
Building a custom Facebook tab hosted on your secure server 2012
February 19, 2012
UPDATE: We resized our pages from 520px to 810px to fit the current style of Facebook.
This tutorial will teach you how to make a custom Facebook tab using an iframe that is hosted on your website’s secure server.
- We will not use static FBML which Facebook is discontinuing
- We will not use a third party app that will add a link to the bottom of your tab
This process requires that you have purchased an SSL certificate for your website so that you can create a page on https:// version of your website. If you do not have an SSL certificate you will need to follow our building an app with Heroku tutorial.
1. Create a folder in a secure directory to host your Iframe and build your tab.
Iframes should be 810px wide. Inside this directory you will have an index file. We use index.php, but other file extensions may work as well. There is certain code you must have inside the <head> tag of your web page for the tab to work correctly.
<meta property=”fb:app_id” content=”‘ . AppInfo::appID(YourAppID) . ‘” />
<script>
function popup(pageURL, title,w,h) {
var left = (screen.width/2)-(w/2);
var top = (screen.height/2)-(h/2);
var targetWin = window.open(
pageURL,
title,
‘toolbar=no, location=no, directories=no, status=no, menubar=no, scrollbars=no, resizable=no, copyhistory=no, width=’+w+’, height=’+h+’, top=’+top+’, left=’+left
);
}
</script>
<!–[if IE]>
<script>
var tags = ['header', 'section'];
while(tags.length)
document.createElement(tags.pop());
</script>
<![endif]–>
You can include Javascript, PHP and other types of code within your page. Remember that any files you reference in your code must also be hosted on the https:// part of your website.
2. Set up your app in Facebook Developers
Go to https://developers.facebook.com/apps/ and sign up as a developer if you have not already. After clicking the “Create New App” button the configuration can be a bit tricky.
- App Domain – Your website’s domain name, not the URL of your app files.
- Website - Not sure why, but you have to fill this in with your domain name or you will get an error when saving
3. Add the tab to your Facebook Page
After you create the app, you will see the AppID at the top of your page.
Find the meta tag in your web page files, paste in your App ID, and upload the updated file to your server.
<meta property=”fb:app_id” content=”‘ . AppInfo::appID(YourAppID) . ‘” />
Now to activate the app you will need to paste a custom URL into your browser.
https://www.facebook.com/dialog/pagetab?app_id=YourAppID&next=https://www.YourDomain.com/YourSecurceFolder/
Replace the YourAppID with your app id, and the https://www.YourDomain.com/YourSecurceFolder/ with the URL of your secure folder. It will prompt you to choose which page you want to add the tab to and then you are good to go. You can continue to update the contents of your secure folder and the changes will be reflected in the Iframe.
Resources
See our app in action - http://www.facebook.com/RollOffDumpsterDirect/app_483295611703552
Download our source code - http://www.boomvisibility.com/files/iframe-template.zip
Facebook Tab Tutorial - https://developers.facebook.com/docs/appsonfacebook/pagetabs/
Facebook Apps Dashboard - https://developers.facebook.com/apps/
Written by Charlie
(No Comments)
Why we don’t like the Yelp review filter
February 13, 2012
For restaurants and products there is rarely a shortage of reviews, good and bad. The average restaurant has far more reviews than the average contractor or repair shop. The only reason someone would be compelled to write a review for a service business is after a negative experience. For that reason service businesses often resort to asking customers for reviews after positive experiences to balance out the bad. Unfortunately Yelp prohibits businesses from asking for reviews and can filter them if they think you might be doing so.
It doesn’t take much to figure out which reviews have been fabricated. I can usually read through a list and figure out which reviews are written by friends and employees because they are overwhelmingly positive, and often not very specific. I think someone would rather read 10 questionable reviews, than give the user no information at all. Filtering the most questionable reviews in a list of 50 makes a lot more sense than filtering 5 of 5.
For these reasons I think the Google places, online yellow pages, and the other local business directories are a better choice for service businesses than Yelp.
Why the reviews filter is unfair
Distinguishing real reviews from fake ones is a nearly impossible undertaking. There are basic restrictions, for example not being able to sign up for multiple accounts from the same IP address. Also, I don’t think the business owner account can write a review for his own business, but after that it becomes very difficult.
Many reviews are filtered because of the status of the user account. If user signs up for an account and posts a review it will be filtered unless they continue to use that account to review other businesses. I have heard of other companies that will have their employees “season” Yelp accounts. They have people use these accounts under fake names so that they appear to be very active Yelp accounts. Then they collect testimonials and post them using these accounts.
Furthermore, there is no effective way to prevent business owners from asking for reviews. If a business creates any sort of offline effort to ask for reviews there is no way Yelp could be aware of that. Yelp should not penalize business for actually getting customers to post reviews, rather than hiring someone to “season” accounts that can be used to get by the filter.
Written by Charlie
(No Comments)
