Protect your website from malicious image files

When images attack

We all love a good pic. In fact, studies show that website visitors are much more likely to hang out on a site with compelling images. When it comes to sharing on social media, whoa, nothing beats a strong visual.

But there could be danger lurking in them there jpegs.

In “The Hidden Dangers in Website Images” (check out the full post here), website security guru Neal O’Farrell provides tips for protecting your business online by carefully choosing the images you put on your website. “In their relentless pursuit of the next vulnerability to exploit, hackers have found a way to embed malware in the code that images are made of,” Neal writes.

From renaming malicious files to make them read like harmless image files, to actually hiding malware inside legit jpeg images, to changing the code in image links so unsuspecting clickers hand over sensitive info — hackers keep coming up with creative ways to make good images do bad things.

So, how can you make sure your images don’t attack?

You should check out Neal’s post for all the details, but here’s the gist of it:

  • Make sure your Web designers are taking steps to reduce risks.
  • Reduce image sizes as much as possible.
  • Control access to your image libraries.
  • Use images that represent your brand and are appropriately licensed.
  • Check links in loaded images regularly.

Sometimes it’s the stuff we never think of us that can cause us the most harm. Images on a website are for more than just breaking up text. And if you plan to use them to promote your business and goals, you can bet hackers and malware authors will try to do the same.” ~ Neal O’Farrell

You can trust this guy.

We said it before and we’ll say it again: Neal’s good, really good. The executive director of the nonprofit Identity Theft Council was recently appointed senior adviser to the Stock Act panel (a study mandated by Congress to look into the security, privacy and other implications of the Stock Act). As a member of the FCC’s Cybersecurity Roundtable Working Group, Neal also helped develop their online Small Business Cybersecurity Planning Tool.

Head on over here to read Neal’s complete post  about how to select website images that will help your business, rather than harm it online.

[Full disclosure: Neal O’Farrell is an adviser to SiteLock, a security product that GoDaddy offers (and we like him).

Andrea Rowland
A former small business owner and newspaper journalist, and a published nonfiction author, Andrea Rowland helps craft compelling communications for small businesses and web pros through her work as managing editor of the GoDaddy Garage. When she's not writing or editing, she likes to experiment with baking, travel, read, and dip her toes in the ocean.