Opencart Security Scam Email

Bogus Opencart Security Email

If you get an email telling you to update your opencart installation because of a security update please ignore the instructions. DO NOT FOLLOW THE LINKS IN THE EMAIL.

The email is not from Opencart.

This email operates by extracting the FTP details ( if you have been foolish enough to leave them on the site system settings ) and then posting malicious content onto a perfectly good opencart installation. So the update causes a security issue not solve. The virus will upload code that will insert a bogus payment provider to sniff credit card details and also password reset requersts from your customers.

The emails look like this.

It will have the following content. ( links have been removed )

( the reason we have included the text is so that you can find it in a google search )

---start---

OpenCart Newsletter ⇢ Software Enhancement (E-Commerce Industry Standards)
Manage Your Store Securely and Smoother
The Purpose of this E-Mail
OpenCart provides this newsletter for the purpose of helping you to keep your 
online store at maximum security, and to help your customers at the online shop 
level to have the best experience. Based on the premise to facilitate your business
 management, we introduced this newsletter.
What should you do?
The main step to keep your online store in compliance with e-commerce industry 
standards is to maintain your OpenCart installation at the latest available version. 
Keeping your store updated guarantee the industry standard requirements.
The Update - Keep your e-commerce healthy and safe
This update will fix performance issues and improve security scripts. 
Including new encryption scheme, better scripting optimization and theme 
improvements. Log in to your admin area to start the update process. 
It will take only a few seconds!

OpenCart Enhancement Update

Registered Store: ftp.yourstore.ie

Secure NS Server: ns2-yournamed server.com

Click to Start Update ( link to https://safee-commerce.com/..... there are other versions of the email using other domains )

—end—

Action you need to take :

The action you need to take is to go to your system-settings and remove the ftp username and password from the site settings. These are only needed for uploading addons and are not required for the normal running of the site.

Here are some quick tips to making your opencart more secure.

1. do not use the user name “admin” weak usernames are 50% of the reason robots break into systems. Use robust passwords

2. remove FTP settings of FTP user and FTP password in system settings. These are only required when installing addons.

3. make sure all directories are permission 755 and all files are 644 via your FTP.

4. limit access to your admin and system direcrtory via ip address with this addon. This allows only users from set ip addresses can access your admin area.

Directions

In the directory you wish to protect, open (or create) a file called, .htaccess. (Note the dot at the beginning of the file name.)
Add the following code to this file, replacing 100.100.100.100 in this example with the static IP address you plan to allow:

Order Deny,Allow
Deny from all
Allow from 100.100.100.100

Optional: You can enter partial IP Addresses, such as, 100.100.100. This allows access to a range of addresses.

Optional: You can add multiple addresses by separating them with comma’s.

100.100.100.101, 100.100.100.102

If comma separation does not work, then enter each IP address (or partial address) on its own “Allow from” line, such as:

Allow from 100.100.100.101
Allow from 100.100.100.102

5. use captcha on all forms

6. remove the install folder. Its not needed on a production site or after the initial install.

7. rename the admin directory, you will need to update the config.php file to reflect the new location. If you have done no 4 you need to update the .htaccess files.

8. be extra careful of addons you install especially free ones. Free addons that are really cool and look like they give alot for free are usually taking alot of data too. Make sure to hand scan code of free addons.

If you require more information or unsure of what to do please Contact Us

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.