It Looks Like SiteLock is Scamming People

Over the past couple of years we have run across a lot of bad stuff involving the security company SiteLock, from not doing basic security checks to not doing basic parts of hack cleanups to breaking websites they are supposed to be cleaning to labeling a website that is very dangerous for visitors as being “secure”. Unfortunately those kinds of things are really par for the course when it comes to security companies (it is a really sleazy industry in general). But recently we have started to see and hear more that indicates that SiteLock has gone past that and moved to more egregiously cheating their customers. Making this more of  a problem, is that they now have partnerships with many web hosts, which gives them additional legitimacy that they shouldn’t have considering the multitude of problems we have see involving them.

One of the issues that we see coming up a lot involves SiteLock charging a monthly fee to protect websites and then when the website gets hacked they want a much larger amount to clean up the website. If the website is getting hacked then the protection being paid for doesn’t seem to be actually happening or isn’t very good. There also seems to be an incentive for the protection they provide to not actually protect, since they can actually make even more money if it doesn’t work.

The other that comes up is fairly frequently is them contacting people claiming that a website has been hacked and that they can clean it, without SiteLock actually checking to see if the website is actually hacked. One example of that we were contacted about involved a website that had been actually hacked, for which the person who took over resolving that decided to start fresh, only reusing the domain name. So the website would have been clean at the point that SiteLock contacted them, which didn’t stop SiteLock from charging them for a cleanup:

When the site was hacked, the domain was blacklisted by every major blacklister, however,since I built the new site from scratch, it was clean when it went live. In spite of that, Sitelock contacted me the day after bringing the new site live that they were in the process of cleaning malware from the site and to contact them as it was going to involve manual removal and additional costs above what the plan that came with WordPress covers. They offered me two options, 300 to clean the site and submit to the blacklisters for review or 299 (in three installments) to clean the site and provide manual removal coverage for three months, after which I could continue with the scan and removal tool and add manual removal coverage for 49.00 per month from then on.

Beyond the fact that SiteLock was charging them for an unneeded cleanup, a website shouldn’t need continuing removals of malicious code. If that is the case, that would usually indicate that the original hack cleanup wasn’t done properly and the hacker could get back in, in that case the person who did the original hack cleanup should go back in and get the issue fixed for free (we certainly would want to do that for a client).

What SiteLock then did for that monthly fee doesn’t sound great either:

I have not been able to make it even a week (in two months) without Sitelock sending me some scary critical security warning email concerning the site. One of them said that they were cleaning malware, which I had a hard time believing since I had really good passwords, 2 step verification and login limiting onthe site. It turned out, the “malware” was a file that was created when I installed the Ithemes security plugin.All the other warnings were the result of them constantly not being able to connect and access the files in ordder to scan, which I don’t understand since I had not changed the passwords and each time, the problem ended up being resolved without a clear explanation as to how or why it happened in the first place.

Based on what we are seeing we have some recommendations if you are contacted by SiteLock or if your web hosts is recommending using them:

Get a Second Opinion

Based on what we are seeing it sounds like SiteLock sometimes is claiming that websites have been hacked that haven’t actually been hacked, so it would be a good idea to get a second opinion as to whether you have been hacked when you are contacted by them.

This is a good idea in other instances as well, since we sometimes see web hosts claiming a website has been hacked due to issues that were caused by something that was actually unrelated to a hack or them not double checking results of antivirus scanners (which can produce some bad false positives).

We are happy to do a free check to see if a website is actually hacked (we always will do that before taking on the clean up of a hacked website), so we are happy to provide you with a second opinion.

Hire Someone Who Properly Cleans Up Hacked Websites

If your website has in fact been hacked it is important to make sure you are hire someone that does a proper hack cleanup. You don’t want to be like many of our clients who hire to us to re-clean their hacked website after the first company they hired didn’t do those things.

The three main components of a proper hack cleanup are:

  • Cleaning up the malicious code and other material added by the hacker.
  • Securing the website (that often means getting the software on the website up to date).
  • Attempting to determine how the website was hacked.

While determining how the website was hacked is often not possible to do due largely to web hosts failure to store log files on a long term basis (something that we found SiteLock had not rectified with at least one of their hosting partners), we have found going through the process is important to get a hacked website fully cleaned. If the source of hack hasn’t been determined then that increases the chances that the security issue hasn’t been resolved and that the website will get hacked again.

We would recommend asking the companies what there hack cleanup service involves and if they don’t mention that they do those things, then you probably should look elsewhere.

Securing Your Website

One really important thing to understand it isn’t naturally for websites to get hacked. For that to happen something must have gone wrong. So the solution to keeping your website secure is to make sure you are taking the proper security measures with your website, instead of going with a security product or service that doesn’t do those things and instead make bold claims that it will keep you secure some other way.

It also important to understand that the chances of a website being hacked are pretty small, so when you see people saying that they use a service and haven’t been hacked, it is entirely possible that the service had nothing to do with them not being hacked.

A Better Alternative to SiteLock For Cleaning Up a Hacked Website
If your web host is pushing you to hire SiteLock to clean up a hacked website, we provide a better alternative, where we actually properly clean up the website.

10 thoughts on “It Looks Like SiteLock is Scamming People”

  1. Listen to this: Bluehost persuaded me to get Sitelock security for my website and I stupidly paid $500 for a year. This was in January. Yesterday, Sitelock alerted me to malware on my site that could result in terrible consequences. They would remove the malware for a one-time fee of $300! I contacted them to say, “WHAT WAS THE $500 for??” and a hostile character calling himself “sean” told me it was for “scanning.” This company needs to be stopped from continuing their predatory practices.

      1. Bluehost knows. I contacted them to inform them and they insisted it was a scammer calling me. I then called sitelock and they confirmed that they did indeed call me. I called bluehost back to complain and they suspended my hosting citing a ToS violation. They listed several files that had been infected which I had scanned by 4 different scanners which all came up negative. They went as far as to say they had Sitelock people on site and they deny this sort of thing happening. Someone else I spoke to at Bluehost said it was BS. Sitelock is partners with most of the major hosts.

    1. Bluehost and Hostgator are both owned by United Web. They each do this through Sitelock and other means: upselling security services after claiming a hack on a site they feel is secure enough to add their adsense to when they take it from you. They own many online companies and aim to buy up everything, which is dangerous for online freedoms; they are polluting the entire realm of possibilty. You won’t be able to own a site without risk of ransom if they are not stopped. Being able to pay off hundreds of dollars in randomn shake downs should not be prerequisite for having a voice online.

  2. Reading the above article and response. I, too, have fallen into the prey of Sitelock. One of my sites had been hacked and I contacted my hosting company for help (hostgator). I was transferred to what I thought was still with the hostgator, to find out it was going to cost me $588 per year to scan and firewall my site. (I had already removed the malware myself). As ignorant as I was to this, I agreed. It wasn’t till after I signed contract, When I realized this wasn’t hostgator, rather a completely separate company, SiteLock. I was promised follow ups as to when firewalls etc where completed, however did not get such a call. when I did a search on hostgator, I noticed the exact same products some being with more advantages, from the exact same company, Sitelock, were being offered at less then $100 per year. I was highly upset. I questioned the individual (naturally I have forgotten his name) who became very hot, loud and tried to talk over my intelligence. I am going to call hostgator and find out why they support such a company. I have been with them for over 15 years, with multiple hosted domains. Maybe I can get some decent, understandable logic as to why they would partner with a company that gouges prices the way they have. I cannot respond on their products, as it has only been one day. So that would not be fair. However the pricing? Clearly bad news company.

  3. wow, i’m glad to have come across this. I was getting emails from them saying my sites were hacked. I asked hostgator if they knew of the emails, but they had no idea.

    I am thinking of just using an anti-malware type plug-in on my sites instead. they def sound like a rip off.

    1. As mentioned in the post, we recommend that you get a second opinion if you are contacted by them about a website being hacked since the website could in fact be hacked and that would be the best way to determine that. An anti-malware type plugin is not a good alternative to getting that done.

  4. I was with Hostgator for 13 years, but I decide move to other hosting because Sitelock continue pushing for me to get their services, in the beginning was a call or email every few months, but most recently was more aggressive… the problem start for me when a day after getting a call from Sitelock, I star to get hacked, I increase security, keep plugins update, deleted unnecessary stuff, ban any other ip besides mine for login as administrator, but nothing helps, so I decided move to another host, today I was checking a website that I just move to the new host, and I check wordfence that is a security plugin I use, it was showing several ip blocked for intent login, of course I think is the hackers that was trying getting there like before in hostgator., but I noticed that 5 of that Ips has the host Sitelock was trying to hack into my administration area! . In hostgator they said that Sitelock has partnership with them so they are aloud to scan hostgator websites looking for malware, but one thing is that they have access to scan my files (even if I don’t agree with it) but other thing is try to force they way in… So Sitelock said they are protecting you from hackers, but at the same time, they are acting just as hackers on your sites! Stay away from them! It makes me more happy for move away!

  5. If you can’t see what’s going on you deserve to lose your money. How is that a perfectly good site that never suffered even a mild attack in 3 years of operation suddenly is the target of numerous attacks none of which occurred until the hosting company being used decided to partner with Sitelock? All a sudden problems where none existed before cropping up at every turn. SiteLock is a SCAM pure and simple. Any hosting company that jumps into bed with them is off my list a reputable that include the company we had before we switched AWS (Amazon Cloud Server).

  6. Sitelock is partnered with Readyhosting. Our site was just static HTML files with fresh passwords and it still got “hacked”. Surprisingly so were multiple other websites on the server in the exact same method.

    Readyhosting’s core infrastructure is compromised, perhaps intentionally, so they can sell Sitelock services. It’s a complete scam.

Leave a Reply

Your email address will not be published.