- Determine Comprised Account
- Reset User Password
- Reset Email Password
- Is Your Network Secure?
- Email Alerts
- Manage User Accounts
- Other Actions
If you notice suspicious activity on your AmeriCommerce store, it may be possible that someone else is using it without your permission. This article will guide you on what to do if your account becomes compromised.
Determine Which Account is Compromised
In Settings > Security > Users you can click edit on a user and view the devices/IPs that have accessed the account. Look for any devices or IPs that you do not recognize.
You can also view a users session history by navigating to Reports > Visitor Sessions. Here you can find details such as Remote Address, User Agent, which pages they have viewed etc.
Below "Visitor Sessions" you will also find, "View Audit History." This section will allow you find details on what changes were made and who made them.
To reset a users password, navigate to Settings > Security > Users and select edit on the user account you wish to reset. Click More Actions (top-right) > Reset The next time the user tries to log in they will be forced to reset their password.
You can select multiple users from the list with the checkbox next to their user row. Then select More Actions > Reset to force a reset on all the selected user accounts at once.
With the "User Disabled" checkbox, you can temporarily disable the account if you'd like to prevent access while you secure all other external accounts.
Reset Email Password
It may be possible that a user's email account is also compromised. If this is the case resetting the users password would not suffice. If the user's email is in fact compromised you should disable this users login and secure the email account before enabling and resetting the password.
Is your Network Secure?
You should carefully investigate your computers/accounts and run antivirus checks to ensure there is not any malware existing on any systems. You should also check your logs for connected devices. Be on the lookout for any devices that you don't recognize, or even failed connection attempts from unrecognized devices.
AmeriCommerce store owners have the ability to receive User Security Alert Emails. This can be found by navigating to Settings > Security. By default, the alert emails will be sent to store email address. You can setup a different email address to receive the emails here.
Checking this setting will disable send store user security alert email, such as user Login from unrecognized IP/device, updated email, password etc.
WARNING: Only disable this if there is a valid business justification for doing so.
Manage User Accounts
If you share an email account or admin user account with more than one person, it is strongly recommended that you stop doing so and create separate user accounts for each person who needs access.
Carefully look over your user list and determine if there are any unneeded accounts and remove them. Also, be sure you have appropriate permissions granted to each user based on the jobs they are performing. Granting every user Admin permissions is not recommended. You can learn more about role based security by clicking here.
If we notice repeat breaches, we reserve the right to turn off theme access, force reset user credentials, lock down the admin and we may require a signed document that all user passwords and email passwords are reset.
Please review and make sure you have done the following:
- Conduct an audit/investigation of your network, website and network security policies.
- Run antivirus scans on your network and computers.
- Reset network passwords and remove any old accounts.
- Reset AmeriCommerce User Passwords
- Apply appropriate user permissions based on their role and delete any unneeded accounts.
- Implement a password rotation policy and review access periodically
At AmeriCommerce, security is paramount. If you believe any of your accounts have been compromised and/or you would like assistance with any of the above covered topics, please contact us at 1-800-936-9006.