Here, we go over how common types of attacks that can abuse a WordPress site (defacement, phishing lures, etc.) and these attacks can abuse your visitors and Google’s involvement in this process. I’ll also convey stories on clients who lost money from these attacks and the impact on their business.

1. The image part with relationship ID rId2 was not found in the
file.
Victor Santoyo
Runner
Video Game Enthusiast
Technical Sales Engineer
@sucurisecurity
@v_santoyo

2. @sucurisecurity
@v_santoyo

3. @sucurisecurity
@v_santoyo
“As website owners we have a responsibility to
1)ensure that those that interact with our websites have a safe online
experience and
2)to be good stewards of the internet by ensuring our websites aren’t
abusing its resources.”
Tony Perez | Sucuri

4. @sucurisecurity
@v_santoyo

5. @sucurisecurity
@v_santoyo

6. @sucurisecurity
@v_santoyo

7. @sucurisecurity
@v_santoyo

8. @sucurisecurity
@v_santoyo
alexiskrystina.com

9. @sucurisecurity
@v_santoyo
alexiskrystina.com

10. @sucurisecurity
@v_santoyo
alexiskrystina.com

11. @sucurisecurity
@v_santoyo
alexiskrystina.com

12. @sucurisecurity
@v_santoyo
alexiskrystina.com

13. @sucurisecurity
@v_santoyo
alexiskrystina.com

14. @sucurisecurity
@v_santoyo
alexiskrystina.com
Defacement

15. @sucurisecurity
@v_santoyo
alexiskrystina.com

16. @sucurisecurity
@v_santoyo
alexiskrystina.com
Ransomware

17. @sucurisecurity
@v_santoyo
www.facebook.cixx6.com/login/facebook/en?i=250207

18. @sucurisecurity
@v_santoyo
www.facebook.cixx6.com/login/facebook/en?i=250207
Phishing Lures

19. @sucurisecurity
@v_santoyo

20. @sucurisecurity
@v_santoyo
alexiskrystina.com

21. @sucurisecurity
@v_santoyo
alexiskrystina.com
Blacklisted

22. @sucurisecurity
@v_santoyo

23. @sucurisecurity
@v_santoyo

24. @sucurisecurity
@v_santoyo

25. @sucurisecurity
@v_santoyo
alexiskrystina.com

26. @sucurisecurity
@v_santoyo

27. @sucurisecurity
@v_santoyo

28. @sucurisecurity
@v_santoyo

29. @sucurisecurity
@v_santoyo

30. @sucurisecurity
@v_santoyo

31. @sucurisecurity
@v_santoyo

32. @sucurisecurity
@v_santoyo
What is the true cost
for website security?

33. @sucurisecurity
@v_santoyo
Ranking Restoration

34. @sucurisecurity
@v_santoyo
What Can You Do?
1. Update, Update, Update
2. Extension Selection
3. Default CMS/Config Settings
4. File Permissions
5. Hosting Response
6. Sensible User Access
7. One Site, One Server
8. Backups
9. SSL
10. Passwords mean P@s5w0rD$

35. @sucurisecurity
@v_santoyo
“As website owners we have a
responsibility to
1)ensure that those that interact
with our websites have a safe
online experience and
2)to be good stewards of the
internet by ensuring our websites
aren’t abusing its resources.”
Tony Perez | Sucuri

36. Thank you & Happy !
Victor Santoyo
@v_santoyo
blog.sucuri.net
@sucurisecurity