Category Archives: Business News

Spear Phishing: Scam, Not Sport

The latest twist on “phishing” is spear phishing. No, it’s not a sport, it’s a scam and you’re the target. Spear phishing is an email that appears to be from an individual or business that you know. But it isn’t. It’s from the same criminal hackers who want your credit card and bank account numbers, passwords, and the financial information on your PC. Learn how to protect yourself.

Email from a “Friend”
The spear phisher thrives on familiarity. He knows your name, your email address, and at least a little about you. The salutation on the email message is likely to be personalized: “Hi Bob” instead of “Dear Sir.” The email may make reference to a “mutual friend.” Or to a recent online purchase you’ve made. Because the email seems to come from someone you know, you may be less vigilant and give them the information they ask for. And when it’s a company you know asking for urgent action, you may be tempted to act before thinking.

Using Your Web Presence against You
How do you become a target of a spear phisher? From the information you put on the Internet from your PC or smartphone. For example, they might scan social networking sites, find your page, your email address, your friends list, and a recent post by you telling friends about the cool new camera you bought at an online retail site. Using that information, a spear phisher could pose as a friend, send you an email, and ask you for a password to your photo page. If you respond with the password, they’ll try that password and variations to try to access your account on that online retail site you mentioned. If they find the right one, they’ll use it to run up a nice tab for you. Or the spear phisher might use the same information to pose as somebody from the online retailer and ask you to reset your password, or re-verify your credit card number. If you do, he’ll do you financial harm.

Keep Your Secrets Secret
How safe you and your information remain depends in part on you being careful. Take a look at your online presence. How much information is out there about you that could be pieced together to scam you? Your name? Email address? Friends’ names? Their email addresses? Are you on, for example, any of the popular social networking sites? Take a look at your posts. Anything there you don’t want a scammer to know? Or have you posted something on a friend’s page that might reveal too much?

Passwords That Work
Think about your passwords. Do you use just one or easy to figure out variations on just one? If you do either, you shouldn’t, because you’re making it easy for a scammer to get access to your personal financial information. Every password for every site you visit should be different, really different. Random letters and numbers work best. Change them frequently. Your security software and operating system can help you keep track of your passwords.

Patches, Updates, and Security Software
When you get notices from software vendors to update your software, do it. Most operating system and browser updates include security patches. Your name and email address may be all it takes for a hacker to slip through a security hole into your system. And it almost goes without saying, you should be protected by Internet security software, and it should always be up to date.

Be Smart
If a “friend” emails and asks for a password or other information, call or email (in a separate email) that friend to verify that they were really who contacted you. The same goes for banks and businesses. First of all, legitimate businesses won’t email you asking for passwords or account numbers. If you think the email might be real, call the bank or business and ask. Or visit the official website. Most banks have an email address to which you can forward suspicious emails for verification.

And always remember: Don’t give up too much personal information online, because you never know who might use it against you. Or how.

Reprinted from Norton Anti-Virus website.

New Specialty

Well, not really new. But now we have developed a separate business area just focused on lawyers, called NY Lawyers Online. For many years, we have worked closely with small and mid-sized law firms, so much so that this group has become a special area of expertise for us.

In conjunction with Carol Greenwald, our colleague and legal marketing expert, we have helped dozens of attorneys get more out of the Internet. Whether it is designing and developing a modern, compelling website, improving the writing (Carol’s specialty) or putting together a newsletter or blog, we understand how to help the legal profession.

Please take a look at our newest sub-division.

The SEO Process (Search Engine Optimization)

Clients often ask about SEO, how it works…does it work? How do we do it? Is it difficult?

Well, here’s a brief summary.

The goal of search engine optimization (SEO) is to make it easy for your website to be found when people search the Internet for your kinds of products and services. This is no small feat and SEO is an octopus with many tentacles, but in fact, it boils down to a very simple concept: Planting the right words in the right places on the Internet.

Google considers many variables in determining where to rank your site in their results for a given search term.  At Nexxite, we seek to master as many of these variables as possible, but for a popular search term, like “digital photography,” there are tens of millions of web pages that have that phrase somewhere, so the competition can be insurmountable. And no matter how many factors we address, it may not get you to the first page of Google. But there is hope.

What can be done?

One important thing we do is narrow the search topically and geographically as much as possible. It is much better to compete for the phrase “digital landscape photography in Montana” than “digital photography.” So, the number one priority is coming up with the right specific keyword phrases where the competition is less, but where there is still search traffic.

How we do it – on your website

We (or you) set up your website to be optimized for the right keywords. The following is a list of website optimization tasks:

  1. Identify web pages to optimize. The right pages to optimize are those relating to your specific products and services that people might search for. There is no need to optimize a contact page or a page of testimonials, for example.
  2. For each of these distinct pages you wish to optimize, identify a “universe” of plausible search terms, up to five for each area.
  3. Research the phrases to identify first and second best choices for each practice area. Google Webmaster Tools contains an application to help with this research. Good phrases have significant search volume and not too much competition with other websites.
  4. Create separate web pages for each separate topic or category with meaningful URLs. In other words, don’t simply create a web page with the file name web_gallery_2.html. Instead name it something like montana_mountain_landscape_gallery.html.
  5. Create and insert title tags, description tags, and keyword lists in meta tags for each page.
  6. Create new visible text on each page, incorporating keywords for each page. At a minimum, the dominant keyword phrase for each page should appear as the first readable text on the page in an H1 tag.
  7. Create internal links from keyword phrases on other pages in the site back to the main page where the subject is presented.
  8. Create and insert ALT tags for any graphics on these same pages. Use keywords in the tags wherever possible.
  9. Submit the site to the major search engines.
  10. Monitor results over subsequent months and adjust keywords as needed

Elsewhere on the Internet

And that’s just for the on-page SEO.  Then there is the rest of the Internet. A key variable is the number and quality of links to your site from elsewhere (other websites, blogs, articles, etc.). It is easy to link within your own website, but how do you get links from other locations on the Internet? Wherever possible, you want appearances in other appropriate and reputable websites with keyword links back to your website. Again, this can be a challenge. You have to give people a reason to want to link to your website.

Here are some things you can do:

  1. Write or call owners or webmasters of other relevant websites (the bigger and more important the other website, the better) and ask them to link to your site. You may have to offer a reciprocal link back or a link to a specific useful article you have on your site or blog.
  2. Write comments or articles that appear on other people’s blogs
  3. Write articles for online publications in your field. Always insert a link back to your site, from a keyword(s) in the article.
  4. Become active with your own Facebook, Twitter and LinkedIn accounts (Similarly, insert links back to your site.)
  5. Issue press releases, news, success stories and other announcements online.
  6. Try to get published in local papers and magazines that also have an online presence.
  7. Create and promote a video. Post it on YouTube with relevant keywords and post it on your own site.

Remember, for all the above, it is critical to link back to your website.

Those are some basic ideas. There are many more things you can do (or we can do for you). They all take work, but if you want more people to see your website, these steps can make a big difference.

What is a “Modern” Website?

We are often asked to create a “modern” or “state-of-the-art” website, but what does that really mean? We put together our thoughts on the subject and came up with a number of characteristics that we feel define today’s websites.

First and foremost, modern websites are responsive. Because over half of Internet traffic worldwide is now on smart phones, rather than desktop computers, websites must be built to be readable on these much smaller screens. Gone are the days when you had to pinch the screen on your phone to expand the text so you could read it. Today’s websites adapt to whatever screen they are viewed on so they are easily read and navigated on any device.

Most newer websites are designed to fill the full screen width. Newer sites are rarely set inside a box with a white or colored (or patterned) field surrounding them. This tends to create a more immersive experience for the viewer.

More and more websites utilize motion. Simply put, people love videos. Bandwith has gotten so much greater in recent years that loading time is no longer a major problem on most computers and phones. Of course, a very slow loading site is not good, so huge videos are not recommended, but certainly a video up to 50 Meg or so is fine. And it isn’t just videos, it is motion of any kind that people look for nowadays. Motion graphics, small animations, tastefully used (and not over-used) are increasingly popular.

Next is interactivity. Websites are far more effective if they can capture and retain viewers. One way to do this is to involve them in an active website experience. So, clicking and downloading an article, turning pages to read a story, playing a game, getting a free product sample, or completing a form are just a few of the techniques modern sites are using to engage visitors.

Good design never goes out of style, though tastes do change. You always want harmony, balance, attractive use of color and fonts, all presented in a consistent manner from page to page on a website. And these features will always be needed, but it is safe to say today’s design has its own unique features (sort of like fashion in clothing). Less is more, especially on the home page. It seems to us that use of white space, rendering a pagemuch less dense visually, with less text in general, is increasingly common. And smaller fonts are more favored of late as well. Speaking of fonts, modern websites can use Google fonts which allow for much more variety than we saw in the past.

Another design shift has been toward the use of a single impactful image on the home page. Rather than many distracting and competing visual elements, one image creates a strong central experience that encourages the visitor to enter and learn more.  It is about creating a single mood with less confusion.

Placing all your important elements above the fold is a long-established principle, but things are changing. Today, almost everyone is accustomed to long scrolls thanks to mobile devices. The technique works especially well for sites that want to lure users through storytelling, and you can still mimic a multi-page site by breaking the scroll into clear sections. But remember while scrolling down is fine, scrolling across is never desirable.

That covers our brief summary of the current state of “modern” websites. I’m happy to discuss any of this in more detail if you are interested. Feel free to call or write me.

Cures Can Be Painful. Try Prevention.

The Internet is a treacherous place. It is full of evil, greedy people trying to steal your identity, your money or your website. Certainly the two most common places they attack are your website and your email. I want to discuss both briefly and give you some tips to protect yourself.

Your website

Recently, one of our new clients, an attorney, had her website hacked. It was taken over by a Chinese company using the site to sell cosmetics. Needless to say, that was a far cry from the dignified image she had been presenting. Google got wind of the hack and blocked the site so that a big red malware warning appeared when anyone went to her site.

Another client, a pet products company, had their site hijacked and every time you went there, you were redirected to a Brazilian pornography site. That’s even more embarrassing than cosmetics you aren’t selling.

WordPress sites, especially those with forms, are particularly vulnerable. Our lawyer client had a WordPress site that another firm had built for her. The pet products people had a lot of forms using PHP on their site. (We didn’t build that site either. We just rescued them.) Forms are very vulnerable to hacking if they are not protected. The above-mentioned lawyer had a contact form on her site and that was likely how the hacker got in.

What you can do

If your site gets hacked, first you have to clear up the problem. Then you can take steps to help insure that it doesn’t recur. When your site is hacked, bad files have been inserted and they must be removed. This can be simple or very difficult, depending on how good the hacker was. For the pet products company, the files were easy to find and delete. But for the lawyer, it was much harder. The offending files were placed in numerous locations, some of which were in “hidden” directories. Or they used innocuous file names and were included among very large sections of hundreds of good files. We had to run several analytic tools, working with the hosting company and Google, to try to identify and remove them. In the end we could not get them all. Nobody could.

Even if we had deleted all the offending files, Google still requires three weeks to remove the malware warning. So at best, the reality is the website will be down for over a month. But in this case, it was irreparable. We are now rebuilding her site from scratch. That’s what i mean by a “painful cure.” The new site of course will have many more protections in place than she had previously.

We have found in our fourteen years in this business that sites using the language PHP and those using WordPress are more vulnerable than a straight HTML site. So we recommend that if you have a WordPress site, get it encrypted. This is done by purchasing something called an SSL certificate from your hosting company. The certificate generally costs around $40/year and it makes it much more difficult for hackers to get in. Secondly, if you have online forms like a contact form on your site, another step you can take is to add a “capcha.” You’ve seen these graphics at the end of a form where you have to type letters or numbers to prove you aren’t a robot. That feature makes it harder for hackers to break in via the form.


Email is the other great source of cyber attacks. We are all subject to email scams that make it easy to click the wrong thing. These scams are pervasive and insidious. Lately, they often seem to come from someone you know or a company with which you do business. The threats they pose vary considerably. Their goal can be relatively benign (though still annoying), like trying to get you to buy drugs or other products. Or they can be much more dangerous, like getting into your bank account, stealing your identify or permanently crashing your computer. They can wreck lives and costs thousands of dollars.

What you can do

Watch out for links and attachments, especially any link that contains a “php” or “exe” extension. You can usually see these file types if you hover your mouse over a link in an email. Do not click on those links. They are programs that will run on your computer and they can be very destructive.

Another giveaway is poor English. Many of the email scams originate overseas. They are getting smarter, but they still often misuse English slightly, with odd phrasing or word choices, misspellings, etc. Also, legitimate organizations like your bank or the IRS will never ask you to send them your account information or social security number. If you think a request is genuine, you should always check with the institution. Don’t use the links or forms in the email. Finally, take advantage of the spam filtering that comes with most email systems. This is a setting you can choose to stop suspicious emails. It is well worth missing the occasional legitimate email to protect yourself from the hundreds of illegitimate ones.

Long-Time Clients – Ten Years or more!

Nexxite has been in business since February, 2002. We have worked with hundreds of clients and some have been loyal customers for ten years or more. I truly appreciate your on-going allegiance and I wanted to take the opportunity to recognize this group. It is truly a pleasure to work with all of you!

  • Alan Radom (Radom Photo Imaging and Artisan Photo Restoration)
  • Chris Kole and Fikre Ayele (Cotton Bride, Chris Kole Couture)
  • Cindy Levitz (Acupuncture and Health)
  • D & F Agency (formerly Doscher Farrell Insurance)
  • Douglas Golden (Mainline Rail Management)
  • Fran Heller, Marketing Expert
  • Jan Wolpert (Wolpert Associates)
  • Kim Sherman, Composer
  • New York Theater Scene
  • Paul Stockschlaeder, Attorney
  • Ron Gartner, Performer
  • Sharon Way Howard, Artist
  • Tara Dawn Bach-Martinez and Victor Martinez (Totally Designed Body)
  • Uday Singh (Industrial Hygiene Consultants)

Thank you.

Of Turtles, Tortoises and Terrapins

I have an inordinate fondness for turtles and tortoises. Always have. I’m not sure why. Maybe it is that they move slowly through life, not bothering anyone, just going their way peacefully. They have been around since before the dinosaurs, over 200 million years.

So I suppose it is not surprising that I volunteered to build a website for the Jamaica Bay Terrapin Research Project. This is a group, headed by Professor Russell Burke of Hofstra University, that is seeking to learn all they can about the Diamondback Terrapin. The DBT is an unusual creature, fond of brackish water. So he lives in only a limited number of locations along the East Coast, including Jamaica Bay in New York, Chesapeake Bay in Maryland and a few other semi-salty bodies of water. Like many other threatened animals, his habitat is disappearing as man continually builds on, drains, pollutes and otherwise removes his home. So I’m trying in some small way to help him.

Take a look at the website we created at

Special thanks to my dad who created the logo!

To Do or Not To Do

Clients often ask “Can I do my own updates to my website?”

This is a question best addressed before we build the site. At that time, we can choose to build the site using WordPress. There are trade-offs with the WordPress platform, but if doing your own updates is important, then it is the right choice. The trade-offs are typically that it is more difficult to customize the site to look exactly like you may want and when WordPress updates its versions, as it does periodically, it can be extra work for us to keep the site operating properly.

Probably of more relevance to my readers is the question “If I already have a (non-WordPress) website, can I do my own updates?”

The answer is still yes, but it is a lot more challenging. If you or someone on your staff is a bit of a computer nerd and has the time, you (or they) can learn to update your own site. It takes purchasing the Dreamweaver software from Adobe and learning to use it. Dreamweaver currently costs about $400 (or they offer a $30 monthly fee for using it “in the cloud.”) The problem is that without a lot of training in html, CSS, and other coding tools, you won’t be able to do everything and some things may not appear exactly the way you want them to. However for simple things like text changes and additions, you can usually manage those without difficulty.

An alternative that we’ve found works pretty well in some cases is to set up certain sections of a website with WordPress and leave the rest of the site as is. So for example, you might have a section where you post news items. That section could be in WordPress while we continue to handle changes to the rest of the site. Naturally, there is another trade-off. These WordPress sections will not look exactly like the rest of the site. We cannot exactly duplicate the appearance of menus, footers and other design features so they appear completely seamless with the rest of the website. But we can get pretty close.

In short, it is possible to do your own updates to some or all of your website. If you are interested in this option, please talk to us.

The New Nexxite

I don’t imagine any of you could possibly be as excited as we are about the utter transformation that Nexxite has undergone. Our team has been working all Summer and into the Fall to build our new state-of-the-art website ( It has all the bells and whistles that today’s Internet user expects. And it is fully responsive, so it looks great on any device.

But as excited as we feel about our new website, we are even more proud of the new direction Nexxite has taken. We wanted to show that we can create a brand. So we started with ourselves. We have unified our website, with new colors, fonts and graphics, a new logo, and an enhanced social media presence, Even our sister company Nexxite Services ( has come along for the ride. If you look at our new logo, you see the “n” and the two lines above it. Together, these three elements represent the different screen sizes out there. Our logo and our website and taglines present the message that your website will look great on phones, tablets and desktops, and you can “reach everyone, anywhere.”

We did it for Nexxite and we can do it for you. If you are interested in rebranding your business by modernizing and unifying your image, talk with us.

Social Media Marketing

Social media is all the rage these days. Everywhere you look people are sharing on Facebook, blogging, tweeting, posting photos on Pinterest, Stumbing Upon, Tumbling, and getting Linked In. Why? Is it just a way of socializing with the world? Or is there a practical, business application to all this Internet frenzy?

We think there is. Every business has a constituency, a community of interested parties, people who want to know about your field. It is at this group that social media marketing is aimed. This is the group in which you want to create a buzz about your business, your art, your law firm, or your picture frames. Whatever you are selling or showing, there is a group of people out there who want to talk about it. And who better to raise the subject and stimulate their interest than you? After all, nobody knows your field better than you do. You are the authority. You have interesting things to say that your constituents want to hear about and discuss.

We will talk in more depth about this subject in future mailings, but for now, it is enough to say we are doing it and we can help you grow this way.