No Comment Diary

The News Without Comment

This content shows Simple View

Education

Pricesearcher: The biggest search engine you’ve never heard of

“Hey Siri, what is the cost of an iPad near me?”

In today’s internet, a number of specialist search engines exist to help consumers search for and compare things within a specific niche.

As well as search engines like Google and Bing which crawl the entire web, we have powerful vertical-specific search engines like Skyscanner, Moneysupermarket and Indeed that specialize in surfacing flights, insurance quotes, jobs, and more.

Powerful though web search engines can be, they aren’t capable of delivering the same level of dedicated coverage within a particular industry that vertical search engines are. As a result, many vertical-specific search engines have become go-to destinations for finding a particular type of information – above and beyond even the all-powerful Google.

Yet until recently, one major market remained unsearchable: prices.

If you ask Siri to tell you the cost of an iPad near you, she won’t be able to provide you with an answer, because she doesn’t have the data. Until now, a complete view of prices on the internet has never existed.

Enter Pricesearcher, a search engine that has set out to solve this problem by indexing all of the world’s prices. Pricesearcher provides searchers with detailed information on products, prices, price histories, payment and delivery information, as well as reviews and buyers’ guides to aid in making a purchase decision.

Founder and CEO Samuel Dean calls Pricesearcher “The biggest search engine you’ve never heard of.” Search Engine Watch recently paid a visit to the Pricesearcher offices to find about the story behind the first search engine for prices, the technical challenge of indexing prices, and why the future of search is vertical.

Pricesearcher: The early days

A product specialist by background, Samuel Dean spent 16 years in the world of ecommerce. He previously held a senior role at eBay as Head of Distributed Ecommerce, and has carried out contract work for companies including Powa Technologies, Inviqa and the UK government department UK Trade & Investment (UKTI).

He first began developing the idea for Pricesearcher in 2011, purchasing the domain Pricesearcher.com in the same year. However, it would be some years before Dean began work on Pricesearcher full-time. Instead, he spent the next few years taking advantage of his ecommerce connections to research the market and understand the challenges he might encounter with the project.

“My career in e-commerce was going great, so I spent my time talking to retailers, speaking with advisors – speaking to as many people as possible that I could access,” explains Dean. “I wanted to do this without pressure, so I gave myself the time to formulate the plan whilst juggling contracting and raising my kids.”

More than this, Dean wanted to make sure that he took the time to get Pricesearcher absolutely right. “We knew we had something that could be big,” he says. “And if you’re going to put your name on a vertical, you take responsibility for it.”

Dean describes himself as a “fan of directories”, relating how he used to pore over the Yellow Pages telephone directory as a child. His childhood also provided the inspiration for Pricesearcher in that his family had very little money while he was growing up, and so they needed to make absolutely sure they got the best price for everything.

Dean wanted to build Pricesearcher to be the tool that his family had needed – a way to know the exact cost of products at a glance, and easily find the cheapest option.

“The world of technology is so advanced – we have self-driving cars and rockets to Mars, yet the act of finding a single price for something across all locations is so laborious. Which I think is ridiculous,” he explains.

Despite how long it took to bring Pricesearcher to inception, Dean wasn’t worried that someone else would launch a competitor search engine before him.

“Technically, it’s a huge challenge,” he says – and one that very few people have been willing to tackle.

There is a significant lack of standardization in the ecommerce space, in the way that retailers list their products, the format that they present them in, and even the barcodes that they use. But rather than solve this by implementing strict formatting requirements for retailers to list their products, making them do the hard work of being present on Pricesearcher (as Google and Amazon do), Pricesearcher was more than willing to come to the retailers.

“Our technological goal was to make listing products on Pricesearcher as easy as uploading photos to Facebook,” says Dean.

As a result, most of the early days of Pricesearcher were devoted to solving these technical challenges for retailers, and standardizing everything as much as possible.

In 2014, Dean found his first collaborator to work with him on the project: Raja Akhtar, a PHP developer working on a range of ecommerce projects, who came on board as Pricesearcher’s Head of Web Development.

Dean found Akhtar through the freelance website People Per Hour, and the two began working on Pricesearcher together in their spare time, putting together the first lines of code in 2015. The beta version of Pricesearcher launched the following year.

For the first few years, Pricesearcher operated on a shoestring budget, funded entirely out of Dean’s own pocket. However, this didn’t mean that there was any compromise in quality.

“We had to build it like we had much more funding than we did,” says Dean.

They focused on making the user experience natural, and on building a tool that could process any retailer product feed regardless of format. Dean knew that Pricesearcher had to be the best product it could possibly be in order to be able to compete in the same industry as the likes of Google.

“Google has set the bar for search – you have to be at least as good, or be irrelevant,” he says.

PriceBot and price data

Pricesearcher initially built up its index by directly processing product feeds from retailers. Some early retail partners who joined the search engine in its first year included Amazon, Argos, IKEA, JD Sports, Currys and Mothercare. (As a UK-based search engine, Pricesearcher has primarily focused on indexing UK retailers, but plans to expand more internationally in the near future).

In the early days, indexing products with Pricesearcher was a fairly lengthy process, taking about 5 hours per product feed. Dean and Akhtar knew that they needed to scale things up dramatically, and in 2015 began working with a freelance dev ops engineer, Vlassios Rizopoulos, to do just that.

Rizopolous’ work sped up the process of indexing a product feed from 5 hours to around half an hour, and then to under a minute. In 2017 Rizopolous joined the company as its CTO, and in the same year launched Pricesearcher’s search crawler, PriceBot. This opened up a wealth of additional opportunities for Pricesearcher, as the bot was able to crawl any retailers who didn’t come to them directly, and from there, start a conversation.

“We’re open about crawling websites with PriceBot,” says Dean. “Retailers can choose to block the bot if they want to, or submit a feed to us instead.”

For Pricesearcher, product feeds are preferable to crawl data, but PriceBot provides an option for retailers who don’t have the technical resources to submit a product feed, as well as opening up additional business opportunities. PriceBot crawls the web daily to get data, and many retailers have requested that PriceBot crawl them more frequently in order to get the most up-to-date prices.

Between the accelerated processing speed and the additional opportunities opened up by PriceBot, Pricesearcher’s index went from 4 million products in late 2016 to 500 million in August 2017, and now numbers more than 1.1 billion products. Pricesearcher is currently processing 2,500 UK retailers through PriceBot, and another 4,000 using product feeds.

All of this gives Pricesearcher access to more pricing data than has ever been accumulated in one place – Dean is proud to state that Pricesearcher has even more data at its disposal than eBay. The data set is unique, as no-one else has set out to accumulate this kind of data about pricing, and the possible insights and applications are endless.

At Brighton SEO in September 2017, Dean and Rizopolous gave a presentation entitled, ‘What we have learnt from indexing over half a billion products’, presenting data insights from Pricesearcher’s initial 500 million product listings.

The insights are fascinating for both retailers and consumers: for example, Pricesearcher found that the average length of a product title was 48 characters (including spaces), with product descriptions averaging 522 characters, or 90 words.

Less than half of the products indexed – 44.9% – included shipping costs as an additional field, and two-fifths of products (40.2%) did not provide dimensions such as size and color.

Between December 2016 and September 2017, Pricesearcher also recorded 4 billion price changes globally, with the UK ranking top as the country with the most price changes – one every six days.

It isn’t just Pricesearcher who have visibility over this data – users of the search engine can benefit from it, too. On February 2nd, Pricesearcher launched a new beta feed which displays a pricing history graph next to each product.

This allows consumers to see exactly what the price of a product has been throughout its history – every rise, every discount – and use this to make a judgement about when the best time is to buy.

“The product history data levels the playing field for retailers,” explains Dean. “Retailers want their customers to know when they have a sale on. This way, any retailer who offers a good price can let consumers know about it – not just the big names.

“And again, no-one else has this kind of data.”

As well as giving visibility over pricing changes and history, Pricesearcher provides several other useful functions for shoppers, including the ability to filter by whether a seller accepts PayPal, delivery information and a returns link.

This is, of course, if retailers make this information available to be featured on Pricesearcher. The data from Pricesearcher’s initial 500 million products shed light on many areas where crucial information was missing from a product listing, which can negatively impact a retailer’s visibility on the search engine.

Like all search engines, Pricesearcher has ranking algorithms, and there are certain steps that retailers can take to optimize for Pricesearcher, and give themselves the best chance of a high ranking.

With that in mind, how does ‘Pricesearcher SEO’ work?

How to rank on Pricesearcher

At this stage in its development, Pricesearcher wants to remove the mystery around how retailers can rank well on its search engine. Pricesearcher’s Retail Webmaster and Head of Search, Paul Lovell, is currently focused on developing ranking factors for Pricesearcher, and conceptualizing an ideal product feed.

The team are also working with select SEO agencies to educate them on what a good product feed looks like, and educating retailers about how they can improve their product listings to aid their Pricesearcher ranking.

Retailers can choose to either go down the route of optimizing their product feed for Pricesearcher and submitting that, or optimizing their website for the crawler. In the latter case, only a website’s product pages are of interest to Pricesearcher, so optimizing for Pricesearcher translates into optimizing product pages to make sure all of the important information is present.

At the most basic level, retailers need to have the following fields in order to rank on Pricesearcher: A brand, a detailed product title, and a product description. Category-level information (e.g. garden furniture) also needs to be present – Pricesearcher’s data from its initial 500 million products found that category-level information was not provided in 7.9% of cases.

If retailers submit location data as well, Pricesearcher can list results that are local to the user. Additional fields that can help retailers rank are product quantity, delivery charges, and time to deliver – in short, the more data, the better.

A lot of ‘regular’ search engine optimization tactics also work for Pricesearcher – for example, implementing schema.org markup is very beneficial in communicating to the crawler which fields are relevant to it.

It’s not only retailers who can rank on Pricesearcher; retail-relevant webpages like reviews and buying guides are also featured on the search engine. Pricesearcher’s goal is to provide people with as much information as possible to make a purchase decision, but that decision doesn’t need to be made on Pricesearcher – ultimately, converting a customer is seen as the retailer’s job.

Given Pricesearcher’s role as a facilitator of online purchases, an affiliate model where the search engine earns a commission for every customer it refers who ends up converting seems like a natural way to make money. Smaller search engines like DuckDuckGo have similar models in place to drive revenue.

However, Dean is adamant that this would undermine the neutrality of Pricesearcher, as there would then be an incentive for the search engine to promote results from retailers who had an affiliate model in place.

Instead, Pricesearcher is working on building a PPC model for launch in 2019. The search engine is planning to offer intent-based PPC to retailers, which would allow them to opt in to find out about returning customers, and serve an offer to customers who return and show interest in a product.

Other than PPC, what else is on the Pricesearcher roadmap for the next few years? In a word: lots.

The future of search is vertical

The first phase of Pricesearcher’s journey was all about data acquisition – partnering with retailers, indexing product feeds, and crawling websites. Now, the team are shifting their focus to data science, applying AI and machine learning to Pricesearcher’s vast dataset.

Head of Search Paul Lovell is an analytics expert, and the team are recruiting additional data scientists to work on Pricesearcher, creating training data that will teach machine learning algorithms how to process the dataset.

“It’s easy to deploy AI too soon,” says Dean, “but you need to make sure you develop a strong baseline first, so that’s what we’re doing.”

Pricesearcher will be out of beta by December of this year, by which time the team intend to have all of the prices in the UK (yes, all of them!) listed in Pricesearcher’s index. After the search engine is fully launched, the team will be able to learn from user search volume and use that to refine the search engine.

The Pricesearcher rocket ship – founder Samuel Dean built this by hand to represent the Pricesearcher mission. It references a comment made by Eric Shmidt to Sheryl Sandberg when she interviewed at Google. When she told him that the role didn’t meet any of her criteria and asked why should she work there, he replied: “If you’re offered a seat on a rocket ship, don’t ask what seat. Just get on.”

At the moment, Pricesearcher is still a well-kept secret, although retailers are letting people know that they’re listed on Pricesearcher, and the search engine receives around 1 million organic searches on a monthly basis, with an average of 4.5 searches carried out per user.

Voice and visual search are both on the Pricesearcher roadmap; voice is likely to arrive first, as a lot of APIs for voice search are already in place that allow search engines to provide their data to the likes of Alexa, Siri and Cortana. However, Pricesearcher are also keen to hop on the visual search bandwagon as Google Lens and Pinterest Lens gain traction.

Going forward, Dean is extremely confident about the game-changing potential of Pricesearcher, and moreover, believes that the future of the industry lies in vertical search. He points out that in December 2016, Google’s parent company Alphabet specifically identified vertical search as one of the biggest threats to Google.

“We already carry out ‘specialist searches’ in our offline world, by talking to people who are experts in their particular field,” says Dean.

“We should live in a world of vertical search – and I think we’ll see many more specialist search engines in the future.”

Source: http://ift.tt/1JcVoR1



15 Ways to Use Snapchat for Your Business

The days of Snapchat being used solely for sending pictures between friends are over.

This social media platform has evolved. Your company can’t afford to ignore the impact that this marketing channel can have on your business.

It’s an absolute necessity if you’re focusing on Generation Z as your target market. That’s because 71% of Gen Z use Snapchat as part of their daily routine. Plus, 51% of this group use Snapchat roughly 11 times each day.

While Snapchat definitely has a reputation for being used by teens, their market penetration is starting to hit young adults and older generations as well.

image1 4

So Snapchat is a viable marketing channel if your current target market falls anywhere between the ages of 12 and 34. But keep an eye on these trends as older generations may continue adapting to this platform.

In Q4 of 2017 Snapchat hit 187 million active daily users. The platform has seen more than an 18% growth rate in terms of daily users in the last year.

There is no sign of a slow down, and I expect these marketing trends to continue in the future.

So, what exactly does this mean for your business?

It’s great news. You now have another viable marketing channel to engage with your customers.

But this may be intimidating or confusing if you’ve never used Snapchat before and don’t know how to apply it to your business.

Fortunately, you’re in luck. I’ll show you the top 15 ways to use Snapchat for your business.

1. Post to your story often

Once you’ve created a Snapchat account, you need to make sure that it’s active. So the best way to approach this is by adding content to your story on a daily basis.

Anything you post on Snapchat will disappear after 24 hours. So posting content often will keep your brand fresh in the minds of your followers.

Just don’t go overboard. Posting 20 times in one day isn’t effective.

That’s because people will just skip through your posts. Depending on how many people a user follows on Snapchat, they’ll have lots of stories to view each day.

But that doesn’t mean that they are going to watch every single post in its entirety.

According to a study conducted by Snaplytics, engagement drops by 36% once users reach the fourth snap of a story. They also discovered that roughly 80% of your followers will see your post about 4 or 5 hours after it’s been added to your story.

What does this mean for you?

Based on these numbers, I’d recommend updating your Snapchat story about three times per day, every four or five hours.

This will help keep your engagement high and prevent your followers from skipping through your content.

2. Promote your Snapchat account on other marketing channels

In order for your Snapchat strategy to be successful, you’ve got to get followers first.

Rather than trying to come up with followers out of thin air, try to target users who are following your business account on other platforms.

Look at how People Magazine uses this strategy in their Instagram bio.

image5 4

This is really important for you, especially if you just created a Snapchat account for your company. Nobody is going to know that you have an account unless you tell them.

In addition to Instagram, you can promote it on your Facebook and Twitter accounts. You can even work this promotion into your YouTube videos as well.

Tell your email subscribers to follow you on Snapchat and pitch it on your website too.

The more channels that you promote it on, the greater chance you’ll have of getting more followers.

3. Create a sponsored lens

People love to use Snapchat filters and lenses.

It’s estimated that sponsored filters are seen by 16 million users each day. These filters are just a way for people to take creative photos.

Snapchat has plenty of them built directly into their platform. So instead of just taking a basic selfie, users can make the image black and white, apply a filter to make their eyes abnormally large or even make their nose disappear.

Some of these filters for video snaps can even change the pitch of your voice.

All of these were created to make users have more fun. They’ll send a snap to their friends with one of these filters because it’s entertaining and often humorous.

But now businesses can create a sponsored filter as well. Gatorade used this strategy during Super Bowl 50 and it turned into one of the most successful Snapchat campaigns on record.

If you’ve ever watched the Super Bowl, you know it’s tradition for the winning coach to get Gatorade dumped on his head by the players. So Gatorade created a sponsored filter during the game that would simulate Gatorade getting dumped on the user’s head.

The filter had more than 165 million views and increased their purchase intent by 8%.

Here’s another example from Taco Bell to show you what these filters look like.

image6 4

As you can see, the filters themselves are silly, but they definitely create brand awareness and help you create engagement.

The only problem with this strategy is that it’s expensive. If you want to create a filter during a holiday or special event, such as the Super Bowl, you’ve got to be ready to dish out between $100,000 and $750,000.

That cost will keep your filter active for 24 hours. But if you can afford it, the return on your investment can be huge.

The Taco Bell filter above was viewed 224 million times. The average user spent 24 seconds playing with the lens before sharing it with friends.

4. Let social influencers takeover your account

Another great way to get more followers and increase engagement is through social proof of concept.

Celebrities and other influencers already have a steady following on social media. Take advantage of that.

If you allow someone else to takeover your Snapchat account, you can expose your brand to a much wider audience. Some of these people may not even know that your company existed until they saw an influencer talking about it.

You may need to pay for an influencer to do this unless you have some kind of other mutual agreement or common interest in whatever you’re promoting.

Here’s a great example of what I’m talking about from iHeartRadio.

image8 2

They allowed singer Hailee Steinfeld to takeover their account. As a result, she promoted the takeover to her fans on social media.

Hailee has over 933k followers on Twitter and more than 8 million Instagram followers. This is great brand exposure for iHeartRadio, especially because she is directly related to their industry.

That’s important for you to keep in mind as well. You may find a professional basketball player with 10 million Instagram followers, but if sports aren’t related to your industry, their followers may not be relevant to your company.

5. Feature user-generated content

Ask your followers to send you pictures and videos of them interacting with your brand or using your products.

Then you can repost this content on your Snapchat story.

A great way to encourage user-generated content is by running contests and similar promotions.

GrubHub used this strategy on Snapchat a few years back. Their campaign was a huge success.

They ran a contest called “SnapHunt,” which lasted for a week. Every day they posted a new challenge. A winner was selected for each challenge and won a $50 gift card.

During this contest, GrubHub’s followers grew by 20%. Furthermore, 30% of their followers participated in this contest.

So it’s safe to say that engagement was high.

6. Offer discounts and promo codes

Not sure what to post on your story?

When in doubt, give your followers something that they can actually use. Send out discounts and other promotional offers via Snapchat.

This strategy will also help you drive sales and increase conversions. KIND used this strategy to offer their Snapchat followers 15% off of a purchase.

image4 4

When you’re posting on Snapchat, you’ve always got to keep the overall goal of your company in mind. Don’t get distracted with all of the other bells and whistles.

You want sales.

Offering discounts is a great way to accomplish this.

7. Takeover another account

Earlier we talked about letting someone else take over your Snapchat account. But another effective strategy is taking over another account yourself.

When someone else takes over your account, you’re relying on that person’s followers to add you on Snapchat to view your content.

But when you take over an account, the audience won’t have to do anything. It will be your job to convince them that they should be following your brand.

So make sure your content is engaging.

Even if they don’t add your Snapchat account, you’ll still be able to create brand awareness with a new audience.

8. Promote a new product

Keep your followers up to date with any exciting news from your brand. A new product launch is definitely worth mentioning.

Even if your product hasn’t launched yet, you can build hype and anticipation, so consumers are ready for it when your product finally gets released.

Here’s something to take into consideration. How often do people visit your website? I’m willing to bet that the average consumer isn’t checking your website on a daily basis for any updates.

But they are checking Snapchat every day.

Just because you’re promoting a new product launch on your website, it doesn’t mean that people will see it. That’s why you’ve got to take advantage of other marketing channels.

Here’s an example of a new product promotion via Snapchat from McDonald’s.

image7 4

Try to follow their lead the next time you want to tell your followers about a new product or service.

9. Provide exclusive access

It’s obviously unreasonable to let your social media followers to just walk right into your office and check things out.

But with Snapchat, you can give them that same exclusive feeling by providing them with behind-the-scenes content. Show your followers what it’s like in your office or production facility.

If you’re at an event, take snaps of some of the action backstage.

This type of content will keep your followers engaged because it makes them feel like they are getting VIP treatment.

10. Reply to your followers

The majority of your Snapchat strategy should be focused on uploading content to your story. However, that’s not the only way to engage with your audience.

Followers may reply to your story and send you direct one-on-one messages as well.

On other social media platforms like Facebook, Instagram, or Twitter, everyone can see if you’re responding to followers or not.

But on Snapchat, only you and the person sending the message know if you’re responding. So it’s easy for companies to just shrug these off and ignore them.

Even though everyone can’t see it, you should still make an effort to reply to your followers.

Getting a personal response from a brand will make the user feel special. Ignoring their message shows them that you don’t care about what they have to say.

68% of customers say the reason why they stop using a particular brand is if they don’t think that the company cares about them.

You can easily avoid this by simply responding to those private messages.

11. Post relevant content

Your snaps shouldn’t just be mindless images of your products. You can use this platform to show your audience that your brand is aware of various topics.

You could talk about charities or any type of social awareness that your business is involved with.

Here’s an example from Dove. They used their platform to discuss self-esteem issues.

image2 4

Their Snapchat story featured interviews with 30 women and various psychologists. They wanted to have an open discussion about self-esteem issues to help women enhance their own self-images.

As a result, the campaign had more than 130,000 views.

Just make sure that you tread carefully when you’re approaching something like this. It’s best for businesses to say away from issues involving race, religion, politics, and other controversial topics.

12. Promote an upcoming event

If your company is hosting or attending some kind of meeting or event, tell your audience about it.

Depending on what kind of event it is, you could even try to get your followers to come and show their support.

67% of people are more likely to purchase tickets to an event after watching a similar event on a live video stream.

While Snapchat technically isn’t live video, it’s pretty close. So you can figure that the percentage of people interested in the event will be similar.

13. Drive traffic to your website

Snapchat recently introduced a new feature that allows you to add links to your story. To do this, simply take a photo or video using their camera as you normally would.

Then click the paperclip icon before adding it to your story.

image3 4

Now you can add a link to your post. Users will have access to the link if they follow the prompt at the bottom of your story advising them to “swipe up.”

This is a great way to increase your website traffic.

14. Inform your followers about an important milestone

Keep your Snapchat audience informed about important dates for your company.

Is it your 10th anniversary? Is it your CEO’s birthday?

You can even talk about other milestones like getting your 10,000th follower on a certain social media platform.

All of these are great excuses to post on Snapchat. It’s a nice break from the same boring posts that get shared on a daily basis.

15. Mix it up

This piggybacks off of my last point. You don’t want your content to be boring.

Lots of the tips that we’ve discussed so far are definitely useful and should be applied to your Snapchat marketing strategy. But with that said, don’t just pick one or two and use the same ones every day.

You’ve got to keep things interesting.

If your followers aren’t entertained, then they’ll stop following you. Once that happens, it won’t be easy for you to market to those people again.

You can avoid this by keeping your content fresh.

Conclusion

Snapchat is growing in popularity. If your company doesn’t have a Snapchat account, you need to create one ASAP.

But once your account is active, you need to get followers and keep them engaged.

Overall, you want to make sure that your Snapchat marketing strategy makes your business better. In addition to creating brand awareness, you want to drive sales as well.

Whether Snapchat is new for you, or you’re just looking for a fresh insight to spice up your existing Snapchat marketing campaign, the tips that I’ve outlined above are a great place to start.

Use this guide as a reference for increasing engagement on Snapchat.

What tactics are you using to connect with your followers on Snapchat?

Source: http://ift.tt/UU7LJr



Chase ‘Glitch’ Exposed Customer Accounts


Multiple Chase.com customers have reported logging in to their bank accounts, only to be presented with another customer’s bank account details. Chase has acknowledged the incident, saying it was caused by an internal “glitch” Wednesday evening that did not involve any kind of hacking attempt or cyber attack.

Trish Weller, director of communications for the retail side of JP Morgan Chase, said the incident happened Wednesday evening, for “a pretty limited number of customers” between 6:30 pm  and 9 pm ET who “sporadically during that time while logged in to chase.com could see someone else’s account details.”

“We know for sure the glitch was on our end, not from a malicious actor,” Weller said, noting that Chase is still trying to determine how many customers may have been affected. “We’re going through Tweets from customers and making sure that if anyone is calling us with issues we’re working one on one with customers. If you see suspicious activity you should give us a call.”

Weller urged customers to “practice good security hygiene” by regularly reviewing their account statements, and promptly reporting any discrepancies. She said Chase is still working to determine the precise cause of the mix-up, and that there have been no reports of JPMC commercial customers seeing the account information of other customers.

“This was all on our side,” Well said. “I don’t know what did happen yet but I know what didn’t happen. What happened last night was 100 percent not the result of anything malicious.”

The account mix-up was documented on Wednesday by Fly & Dine, an online publication that chronicles the airline food industry. Fly & Dine included screenshots of one of their writers’ spouse logged into the account of a fellow Chase customer with an Amazon and Chase card and a balance of more than $16,000.

Kenneth White, a security researcher and director of the Open Crypto Audit Project, said the reports he’s seen on Twitter and elsewhere suggested the screwup was somehow related to the bank’s mobile apps. He also said the Chase retail banking app offered an update first thing Thursday morning.

Chase hasn’t responded yet to questions about whether the incident was limited to mobile users, or if the update White mentioned was somehow related.

“There’s only so many kind of logic errors where Ken logs in and sees Brian’s account,” White said.  “It can be a devil to track down because every single time someone logs in it’s a roll of the dice — maybe they get something in the warmed up cache or they get a new hit. It’s tricky to debug, but this is like as bad as it gets in terms of screwup of the app.”

White said the incident is reminiscent of a similar glitch at online game giant Steam, which caused many customers to see account information for other Steam users for a few hours. He said he suspects the problem was a configuration error someplace within Chase.com “caching servers,” which are designed to ease the load on a Web application by periodically storing some common graphical elements on the page — such as images, videos and GIFs.

“The images, the site banner, all that’s fine to be cached, but you never want to cache active content or raw data coming back,” White said. “If you’re CNN, you’re probably caching all the content on the homepage. But for a banking app that has access to live data, you never want that be cached.”

“It’s fairly easy to fix once you identify the problem,” he added. “I can imagine just getting the basics of the core issue [for Chase] would be kind of tricky and might mean a lot of non techies calling your Tier 1 support people.”









Tags: , , , , ,


http://ift.tt/2sQk4MO Source: http://ift.tt/TKsn16



The SEO’s essential guide to web technology

As an SEO professional, your role will invariably lead you to interactions with people in a wide variety of roles including business owners, marketing managers, content creators, link builders, PR agencies, and developers.

That last one – developers – is a catch-all term that can encompass software engineers, coders, programmers, front- and back-end developers, and IT professionals of various types. These are the folks who write the code and/or generally manage the underlying various web technologies that comprise and power websites.

In your role as an SEO, it may or may not be practicable for you to completely master programming languages such as C++ and Java, or scripting languages such as PHP and JavaScript, or markup languages such as HTML, XML, or the stylesheet language CSS.

And, there are many more programming, scripting, and markup languages out there – it would be a Herculean task to be a master of every kind of language, even if your role is full-time programmer and not SEO.

But, it is essential for you, as an SEO professional, to understand the various languages and technologies and technology stacks out there that comprise the web. When you’re making SEO recommendations, which developers will most likely be executing, you need to understand their mindset, their pain points, what their job is like – and you need to be able to speak their language.

You don’t have to know everything developers know, but you should have a good grasp of what developers do so that you can ask better questions and provide SEO recommendations in a way that resonates with them, and those recommendations are more likely to be executed as a result.

When you speak their language, and understand what their world is like, you’re contributing to a collaborative environment where everyone’s pulling on the same side of the rope for the same positive outcomes.

And of course, aside from building collaborative relationships, being a professional SEO involves a lot of technical detective work and problem detection and prevention, so understanding various aspects of web technology is not optional; it’s mandatory.

Web tech can be complex and intimidating, but hopefully this guide will help make things a little easier for you and fill in some blanks in your understanding.

Let’s jump right in!

The internet vs. the World Wide Web

Most people use these terms interchangeably, but technically the two terms do not mean the same thing, although they are related.

The Internet began as a decentralized network of independent interconnected computers.

The US Department of Defense was involved over time and awarded contracts, including for the development of the ARPANET (Advanced Research Projects Agency Network) project, which was an early packet switching network and first to use TCP/IP (Transmission Control Protocol and Internet Protocol).

The ARPANET project led to “internetworking” where various networks of computers could be joined into a larger “network of networks”.

The development of the World Wide Web is credited to British computer scientist Sir Tim Beners-Lee in the 1980s; he developed linking hypertext documents, which resulted in an information-sharing model built “on top” of the Internet.

Documents (web pages) were specified to be formatted in a markup language called “HTML” (Hypertext Markup Language), and could be linked to each other using “hyperlinks” that users could click to navigate to other web pages.

Further reading:

Web hosting

Web hosting, or hosting for short, are services that allow people and businesses to put a web page or a website on the internet. Hosting companies have banks of computers called “servers” that are not entirely dissimilar in nature to computers you’re already familiar with, but of course there are differences.

There are various types of web hosting companies that offer a range of services in addition to web hosting; such services may include domain name registration, website builders, email addresses, website security services, and more.

In short, a host is where websites are published.

Further reading:

Web servers

A web server is a computer that stores web documents and resources. Web servers receive requests from clients (browsers) for web pages, images, etc. When you visit a web page, your browser requests all the resources/files needed to render that web page in your browser. It goes something like this:

Client (browser) to server: “Hey, I want this web page, please provide all the text, images and other stuff you have for that page.”

Server to client: “Okay, here it is.”

Various factors impact how quickly the web page will display (render) including the speed of the server and the size(s) of the various files being requested.

There are three server types you’ll most often encounter:

  1. Apache is open-source, free software compatible with many operating systems such as Linux. An often-used acronym is “LAMP stack” referring to a bundling of Linux, Apache, MySQL (relational database) and PHP (a server-side scripting language).
  2. IIS stands for “Internet Information Services” and is proprietary software made by Microsoft. An IIS server is often referred to as a “Windows Server” because it runs on Windows NT operating systems.
  3. NGINX – pronounced “Engine X”, is billed as a high-performance server able to also handle load balancing, used as a reverse proxy, and more. Their stated goals and reason for being include outperforming other types of servers.

Further reading:

Server log files

Often shortened to “log files”, these are records of sever activity in response to requests made for web pages and associated resources such as images. Some servers may already be configured to record this activity, others will need to be configured to do so.

Log files are the “reality” of what’s happening with a website and will include information such as the page or file requested, date and time stamp of the request, the user agent making the request, the response type (found, error, redirected, etc.), the referrer, and a few other items such as bytes served and client IP address.

SEOs should get familiar with parsing log files. To go into this topic in more detail, read JafSoft’s explanation of a web server log file sample.

FTP

FTP stands for File Transfer Protocol, and it’s how you upload resource files such as webpages, images, XML Sitemaps, robots.txt files, and PDF files to your web hosting account to make these resource files available and viewable on the Web via browsers. There are free FTP software programs you can use for this purpose.

The interface is a familiar file-folder tree structure where you’ll see your local machine’s files on the left, and the remote server’s files on the right. You can drag and drop local files to the server to upload. Voila, you’ve put files onto the internet! For more detail, Wired has an excellent guide on FTP for beginners.

Domain name

A domain name is a string of (usually) text and is used in a URL (Uniform Resource Locator). Keeping this simple, for the URL https://www.website.com, “website” is the domain name. For more detail, check out the Wikipedia article on domain names.

Root domain & subdomain

A root domain is what we commonly think of as a domain name such as “website” in the URL https://www.website.com. A subdomain is the www. part of the URL. Other examples of subdomains would be news.website.com, products.website.com, support.website.com and so on.

For more information on the difference between a domain and a subdomain, check out this video from HowTech.

URL vs. URI

URL stands for “Universal Resource Locator” (such as http://ift.tt/2EZXxC8) and URI stands for “Uniform Resource Identifier” and is a subset of a full URL (such as /this-is-a-page.html). More info here.

HTML, CSS, and JavaScript

I’ve grouped together HTML, CSS, and JavaScript here not because each don’t deserve their own section here, but because it’s good for SEOs to understand that those three languages are what comprise much of how modern web pages are coded (with many exceptions of course, and some of those will be noted elsewhere here).

HTML stands for “Hypertext Markup Language”, and it’s the original and foundational language of web pages on the World Wide Web.

CSS stands for “Cascading Style Sheets” and is a style sheet language used to style and position HTML elements on a web page, enabling separation of presentation and content.

JavaScript (not to be confused with the programming language “Java”) is a client-side scripting language to create interactive features on web pages.

Further reading:

AJAX & XML

AJAX stands for “Asynchronous JavaScript And XML. Asynchronous means the client/browser and the server can work and communicate independently allowing the user to continue interaction with the web page independent of what’s happening on the server. JavaScript is used to make the asynchronous server requests and when the server responds JavaScript modifies the page content displayed to the user. Data sent asynchronously from the server to the client is packaged in an XML format, so it can be easily processed by JavaScript. This reduces the traffic between the client and the server which increases response time and speed.

XML stands for “Extensible Markup Language” and is similar to HMTL using tags, elements, and attributes and was designed to both store and transport data, whereas HTML is used to display data. For the purposes of SEO, the most common usage of XML is in XML Sitemap files.

Structured data (AKA, Schema.org)

Structured data is markup you can add to the HTML of a page to help search engines better understand the content of the page, or at least certain elements of that page. By using the approved standard formats, you provide additional information that makes it easier for search engines to parse the pertinent data on the page.

Common uses of structured data are to markup certain aspects of recipes, literary works, products, places, events of various types, and much more.

Schema.org was launched on June 2, 2011, as a collaborative effort by Google, Bing and Yahoo (soon after joined by Yandex) to create a common set of agreed-upon and standardized set of schemas for structured data markup on web pages. Since then, the term “Schema.org” has become synonymous with the term “structured data”, and Schema.org structured data types are continually evolving with new types being added with relative frequency.

One of the main takeaways about structured data is that it helps disambiguate data for search engines so they can more easily understand information and data, and that certain marked-up elements may result in additional information being displayed in Search Engines Results Pages (SERPs), such as review stars, recipe cooking times, and so on. Note that adding structured data is not a guarantee of such SERP features.

There are a number of structured data vocabularies that exist, but JSON-LD (JavaScript Object Notation for Linked Data) has emerged as Google’s preferred and recommended method of doing structured data markup per the Schema.org guidelines, but other formats are also supported such as microdata and RDFa.

JSON-LD is easier to add to pages, easier to maintain and change, and less prone to errors than microdata which must be wrapped around existing HML elements, whereas JSON-LD can be added as a single block in the HTML head section of a web page.

Here is the Schema.org FAQ page for further investigation – and to get started using microdata, RDFa and JSON-LD, check out our complete beginner’s guide to Schema.org markup.

Front-end vs. back-end, client-side vs. server-side

You may have talked to a developer who said, “I’m a front-end developer” and wondered what that meant. Of you may have heard someone say “oh, that’s a back-end functionality”. It can seem confusing what all this means, but it’s easily clarified.

“Front-end” and “client-side” both mean the same thing: it happens (executes) in the browser. For example, JavaScript was originally developed as something that executed on a web page in the browser, and that means without having to make a call to the server.

“Back-end” and “server-side” both mean the same thing: it happens (executes) on a server. For example, PHP is a server-side scripting language that executes on the server, not in the browser. Some Content Management Systems (CMS for short) like WordPress use PHP-based templates for web pages, and the content is called from the server to display in the browser.

Programming vs. scripting languages

Engineers and developers do have differing explanations and definitions of terms. Some will say ultimately there’s no differences or that the lines are blurry, but the generally accepted difference between a programming language (like C or Pascal) vs. a scripting language (like JavaScript or PHP) is that a programming language requires an explicit compiling step, whereas human-created, human-readable code is turned into a specific set of machine-language instructions understandable by a computer.

Content Management System (CMS)

A CMS is a software application or a set of related programs used to create and manage websites (or we can use the fancy term “digital content”). At the core, you can use a CMS to create, edit, publish, and archive web pages, blog posts, and articles and will typically have various built-in features.

Using a CMS to create a website means that there is no need to create any code from scratch, which is one of the main reasons CMS’ have broad appeal.

Another common aspect of CMS’ are plugins, which can be integrated with the core CMS to extend functionalities which are not part of the core CMS feature list.

Common CMS’ include WordPress, Drupal, Joomla, ExpressionEngine, Magento, WooCommerce, Shopify, Squarespace, and there are many, many others.

Read more here about Content Management Systems.

Content Delivery Network (CDN)

Sometimes called a “Content Distribution Network”, CDNs are large networks of servers which are geographically dispersed with the goal of serving web content from a server location closer to the client making the request in order to reduce latency (transfer delay).

CDNs cache copies of your web content across these servers, and then servers nearest to the website visitor serve the requested web content. CDNs are used to provide high availability along with high performance. More info here.

HTTPS, SSL, and TLS

Web data is passed between computers via data packets of code. Clients (web browsers) serve as the user interface when we request a web page from a server. HTTP (hypertext transfer protocol) is the communication method a browser uses to “talk to” a server and make requests. HTTPS is the secure version of this (hypertext transfer protocol secure).

Website owners can switch their website to HTTPS to make the connection with users more secure and less prone to “man in the middle attacks” where a third party intercepts or possibly alters the communication.

SSL refers to “secure sockets layer” and is a standard security protocol to establish communication encryption between the server and the browser. TLS, Transport Layer Security, is a more-recent version of SSL

HTTP/1.1 & HTTP/2

When Tim Berners-Lee invented the HTTP protocol in 1989, the computer he used did not have the processing power and memory of today’s computers. A client (browser) connecting to a server using HTTP/1.1 receives information in a sequence of network request-response transactions, which are often referred to as “round trips” to the server, sometimes called “handshakes”.

Each round trip takes time, and HTTPS is an HTTP connection with SSL/TSL layered in which requires yet-another handshake with the server. All of this takes time, causing latency. What was fast enough then is not necessarily fast enough now.

HTTP/2 is the first new version of HTTP since 1.1. Simply put, HTTP/2 allows the server to deliver more resources to the client/browser faster than HTTP/1.1 by utilizing multiplexing, compression, request prioritization, and server push which allows the server to send resources to the client that have not yet been requested.

Further reading:

Application Programming Interface (API)

Application is a general term that, simply put, refers to a type of software that can perform specific tasks. Applications include software, web browsers, and databases.

An API is an interface with an application, typically a database. The API is like a messenger that takes requests, tells the system what you want, and returns the response back to you.

If you’re in a restaurant and want the kitchen to make you a certain dish, the waiter who takes your order is the messenger that communicates between you and the kitchen, which is analogous to using an API to request and retrieve information from a database. For more info, check out Wikipedia’s Application programming interface page.

AMP, PWA, and SPA

If you want to build a website today, you have many choices.

You can build it from scratch using HTML for content delivery along with CSS for look and feel and JavaScript for interactive elements.

Or you could use a CMS (content management system) like WordPress, Magento, or Drupal.

Or you could build it with AMP, PWA, or SPA.

AMP stands for Accelerated Mobile Pages and is an open source Google initiative which is a specified set of HTML tags and various functionality components which are ever-evolving. The upside to AMP is lightning-fast loading web pages when coded according to AMP specifications, the downside is some desired features may not be currently supported, and issues with proper analytics tracking.

Further reading:

PWA stands for Progressive Web App, and it blends the best of both worlds between traditional websites and mobile phone apps. PWAs deliver a native app-like experience to users such as push notifications, the ability to work offline, and create a start icon on your mobile phone.

By using “service workers” to communicate between the client and server, PWAs combines fast-loading web pages with the ability to act like a native mobile phone app at the same time. However, because PWAs are JavaScript frameworks, you may encounter a number of technical challenges.

Further reading:

SPAs – Single Page Applications – are different from traditional web pages which load each page a user requests in a session via repeated communications with the server. SPAs, by contrast, run inside the browser and new pages viewed in a user session don’t require page reloading via server requests.

The primary advantages of SPAs include streamlined and simplified development, and a very fast user experience. The primary disadvantages include potential problems with SEO, due to search engines’ inconsistent ability to parse content served by JavaScript. Debugging issues can also be more difficult and take up more developer time.

It’s worth noting that future success of each of these web technologies ultimately depends on developer adoption.

Conclusion

Obviously, it would require a very long book to cover each and every bit of web technology, and in sufficient detail, but this guide should provide you, the professional SEO, with helpful info to fill in some of the blanks in your understanding of various key aspects of web technology.

I’ve provided many links in this article that serve as jumping off points for any topics you would like to explore further. There’s no doubt that there are many more topics SEOs need to be conversant with, such as robots.txt files, meta robots tags, rel canonical tags, XML Sitemaps, server response codes, and much more.

In closing, here’s a nice article on the Stanford website titled “How Does The Internet Work?” that you might find interesting reading; you can find that here.

Source: http://ift.tt/1JcVoR1



How to Connect With Influencers and Dramatically Boost Your Conversions in 2018

How to Connect With Influencers and Dramatically Boost Your Conversions in 2018

Influencer marketing may seem like a new trend.

But it has actually been around since at least 1760 when Robert Wedgwood of Wedgewood China boosted pottery sales with endorsements from the Royal Family.

The purpose of influencer marketing (boosting sales) hasn’t changed since then. But how we go about using it has changed drastically.

You don’t need to collaborate with the royal family to increase conversions.

More people have more influence than ever before due to the rise of social media. We can now automate our outreach efforts and measure their impact with a number of tools.

By turning influencers into brand advocates, you can improve your brand’s image and create a sense of trust with your target audience.

Here’s how to connect with influencers to increase your conversions.

The value of influencer marketing

It has been estimated that brands will spend more than $1 billion on influencer marketing in 2018.

Image Source

In 2017, 86% of marketers said that they used influencer marketing, and 39% of them intend to increase their budget for it in 2018.

Influencer marketing is clearly on the rise. But what exactly is an influencer?

Influencers are usually industry leaders or celebrities with a large following. And they have a heavy “influence” on their following.

Their followers trust and value their opinions, statements, and recommendations.

With the rise of social media, many regular people have become social media stars with a large, engaged following. Because of this, anyone can become an influencer.

Popular social media influencers like the Kardashians make as much as $500,000 per sponsored Instagram post.

And DJ Khaled makes more than $21,000 per post. But the opportunities don’t stop there. Khaled recently took over Poshmark, a fashion marketplace, to create a pop-up shop for charity.

Image Source

Poshmark ran an entire campaign for the event and even held a Snapchat giveaway. This is a classic example of influencer marketing gone right.

In case you’re not already convinced, take a look at the average earnings for influencer posts on the top social media platforms:

Image Source

Even if you work with an influencer with under 100,000 followers, you can still make thousands of dollars off of each of their posts.

Why is influencer marketing so effective?

Len Markidan, CMO of Podia had this to say:

“The reason influencer marketing is so useful comes down to simple math. It’s a lot harder to build relationships with 100,000 people, one by one, than it is to build relationships with 50 people, who will each want to tell 2,000 others about you.”

Now, you might be wondering, “How can I find influencers to reach out to?” A few tools can come in handy, and we’ll talk about those later.

But first, you need to know what influencers can help you accomplish.

What can influencers help you do?

There’s truly no limit to the roles that an influencer can play in your marketing campaigns.

They can share their products or services with their audiences and followers in a way that matches your brand’s goals.

Content promotion is the most common use case for influencer engagement, according to the State of Influencer Engagement.

Image Source

An influencer can also add some of your links to their blog posts or website. These links can direct users to your products or services.

This can be anything from an image link to a contextual content link.

Image Source

Influencers can also promote your product or service by speaking about your company during a segment or by wearing your brand’s clothing during an event.

Brad Paisley has done this in the past with Corvette apparel.

Image Source

You can even ask an influencer to write a review about your product or service. This can be an independent review or a comparison post of your brand to a competitor.

Image Source

Be sure to send them a free package of your products that they can review.

The most common form of digital influencer marketing is through social media posts about services or products.

This usually includes a caption and an image or two explaining why they love your brand/why their followers should try out your products or services.

These posts usually look something like this:

Image Source

The cost per post usually depends on the number of followers that an influencer has.

These posts are also “sponsored posts.” They drive up engagement and make your brand look even more authentic.

They also allow influencers to share detailed descriptions with followers beyond a short social media caption, which boosts interest and traffic.

Just look at the Twitter video this influencer posted for Mastercard:

Image Source

Or the YouTube video that this creator made for Puls.com:

Image Source

They can also showcase your services or products by selling them in their marketplace. BigCommerce does this in their Theme Store:

Image Source

Another way that influencers can help you out is by collaborating with you on a project, such as a blog post.

They can write a guest post on your blog or work with you to create something valuable like an eBook.

Then, they’ll be more likely to share the content with their audience. You probably won’t have to ask (or pay) for them to share it at all.

From there, you can repurpose or recycle it into another format like an infographic, webinar, or email.

Image Source

As you begin to onboard more influencers, you can use a sales CRM tool like Salesmate to help organize your influencer onboarding process.

Image Source

If you still aren’t convinced, here’s the real proof of why collaborating with influencers boosts conversions.

Why collaborating with influencers boosts social proof (and thus, conversions)

Influencers filter and curate the trends in the world’s industries. By sharing the content that they find relevant, they pave the way for what becomes popular.

And their followers trust them. A lot. In fact, influencers are found to be more trustworthy than traditional advertisements.

According to Nielsen, 84% of consumers across the world are more likely to take action because of reviews or recommendations from trusted sources above other forms of advertising.

At least 72% of B2B buyers use social media to research purchases. According to a McKinsey & Company study, word-of-mouth leads to 20% to 50% of all purchasing decisions.

As if those statistics aren’t convincing enough, a study by Nielsen Catalina Solutions and TapInfluence recently found that the ROI of influencer marketing is:

  • 16x higher than the average digital marketing campaign
  • 11x higher than traditional banner ad campaigns

Image Source

The study found that for every 1,000 viewers, the influencer campaign generated $285 in sales.

And the ROI and conversions don’t stop on the day that an influencer mentions you. The content lives on.

Tweets and Instagram posts can be viewed and shared at any time. So can blog posts and YouTube videos. Eric Enge refers to this as the Influencer Trust Factor.”

The concept explains that influencers organically amplify the message of your brand in much less time than it would take you on your own.

Seven influencer marketing tools to try

Brands that perform their own influencer outreach like WallsNeedLove tend to find more success with their influencer marketing campaigns than those that don’t.

But how do you go about finding the right influencers to partner with?

Len of Podia suggests uncovering the right influencers by directly asking your customers. He recommends asking questions like, who do you learn from? What blogs or podcasts do you look forward to most? This will let you know who your customers already find influential.

Alternatively, you can use tools to source potential influencers. For everything from finding influencers to partner with them and tracking all of your outreach efforts and campaigns, here are seven influencer marketing tools to help you from start to finish.

First, to find a few potential influencers, use a tool like Buzzsumo.

1. Buzzsumo

Buzzsumo can help you find influencers in your industry to promote your content. To get started, search for an industry-related topic.

Image Source

Then, click on the “Influencers” tab. You can search bios or content shared to find influencers to work with.

Buzzsumo will even give you statistics for each influencer like their retweet and reply ratios.

Image Source

Followerwork is a similar tool for finding relevant influencers.

2. Followerwonk

This free Moz tool helps you find influential Twitter users by location and topic. Create a Twitter list to reference the ones you want to partner with or compare later.

Image Source

Hootsuite is a free tool that you can use to monitor industry conversations.

3. Hootsuite

Use Hootsuite to find out who your target audience is engaging with, what content they’re sharing, and more.

Then, reach out to those brands and influencers.

Image Source

Demographics Pro for Twitter doesn’t cost a thing, and you can use it to analyze an influencer’s audience.

4. Demographics Pro for Twitter

If you’re unsure whether an influencer’s audience is a good fit for your brand or not, then run their account through this tool.

You can find out the average age, location, income, interests, profession, and more of a user’s following.

Image Source

TrendSpottr is a tool for Instagram that you can use to find trending hashtags.

5. TrendSpottr for Instagram

Use TrendSpotter to find videos, photos, and influencers for any topic or tag. Select from a list of several popular tags, share trending posts, and use your findings to engage with key influencers.

Image Source

Insightpool optimizes your @mention streams.

6. Insightpool

If you have crowded, busy @mention streams, it can be hard to engage with key influencers through all the noise. You might even miss their tweets if you don’t look hard enough.

Insightpool’s single-click response feature makes it simple to connect with influential users without having to search for their replies.

Image Source

Gmass helps you send outreach emails to influencers once you’ve selected the ones you want to work with.

7. GMass

In order to start working with influencers, you first need to learn how to streamline the process.

Tools like GMass can help you send outreach emails in bulk and save time by automating follow-up emails directly from your Gmail interface.

If you don’t receive a reply, you can schedule a follow-up email to go out automatically within a certain number of days after your initial email.

Also, GMass has one of my favorite features, which allows you to track what part of the inbox your email landed.

Wrap up

Influencer marketing has been around for hundreds of years. But in the digital age, the sky is the limit.

With social media, anyone can connect with influencers to amplify their brand, gain trust, and increase conversions.

In 2018, brands will spend $1 billion on influencer marketing. The spending is all for a good reason: the ROI of influencer marketing is 16x higher than the average ad campaign.

Influencers can share links back to your brand, create product reviews, share posts on social media recommending your company, collaborate with you on projects, and more.

By sharing all of this with their followers, they help you build trust with target audiences and boost social proof. This means that your conversions will skyrocket.

You can identify influencers with a tool like Buzzsumo or Followerwonk. Use Hootsuite to monitor industry conversations and Demographics Pro for Twitter to analyze an influencer’s audience.

Try out TrendSpottr for Instagram to monitor trending hashtags and topics.

Insightpool lets you track mentions on Twitter without missing any replies, while GMass is perfect for automating your influencer outreach emails.

The longer you wait to collaborate with influencers, the more conversions you’re missing out on. Reach out to an influencer today.

Guest Author: David Zheng is the Founder of Growth Wit and Wisemerchant and the Head of Growth at BuildFire. He specializes in growth and content strategies to help influencers, ecommerce brands, venture-backed startups, and Fortune 500 companies grow their traffic and revenue online.

The post How to Connect With Influencers and Dramatically Boost Your Conversions in 2018 appeared first on Jeffbullas’s Blog.

Source: http://ift.tt/im5GqL



Three SEO issues that your SEO report needs to include (but you probably overlook)

Good SEO reporting is tough. There’s so much conflicting and outdated advice in our industry that in many cases, SEOs tend to focus on buzz terms rather than good actionable advice.

I’ve seen hundreds of SEO reports throughout the years and I often have hard time walking out with a good plan of further action when it comes to making a website better optimized.

But it’s not the point of this article. What I’d like to start here is an open-ended discussion: Which SEO issues do you include in your SEO audits that others don’t?

Inspired by some recent SEO audits, here are three important SEO issues that I notice are often overlooked:

1. Trailing slash / No trailing slash

One of the most under-estimated issues with structuring URLs is double-checking whether your URLs work with and without a trailing slash at the end.

Read my old article on the issue which, despite being published all the way back in 2009, still holds true.

To summarize:

  • The best practice is to have both versions work properly
  • Google’s official recommendation is 301-redirecting one version to the other, which is something your client wants to do even if both versions work
  • Apart from accidental broken links (e.g. some HTML editors add / at the end of the URL automatically), this could result in lower rankings and lost traffic/conversions (e.g. when other websites link to the broken version of the page)

To diagnose the issue, I tend to use the free website crawler from SEOchat. For some reason it catches these issues more often than other crawlers.

You can also simply run a couple of random URLs through a header checker to see that no link power is being leaked and no users are being lost.

Trailing slash

Further reading: There’s another guide explaining problems and solutions when it comes to a trailing slash.

  • Implement 301 (permanent) redirects from one version to the other through your .htaccess file.
  • If you can’t use permanent redirects, use canonical elements instead – either will reduce the risk of duplicate content [Note: This solution is only valid when both versions actually work, so there will be no broken links]
  • Be consistent with your choice.

2. No H-subheads

A long time ago, we used to call those h2-h3 subheadings “semantic structure”, and we’d recommend using them to give keywords higher prominence.

H1 – H6 tags “briefly describe the topic of the section they introduce”. They can “be used by user agents, for example, to construct a table of contents for a document automatically“.

Other than that there was no obvious tangible benefit to using them.

These days, everything has changed because using H2 tags and including your keyword in them can get you featured!

Image taken from my Featured Snippets FAQ on Content Marketing Institute, where I explain how <h2> tags can help you get a featured snippet

The featured snippet algorithm is being changed daily, so it is going to be harder and harder to get featured. So far, though, they work like a charm and thanks to that, you have a very obvious reason to convince your clients to start using these tags: They can help you get featured!

Netpeak Spider is an excellent tool to diagnose H-structure of the whole website. It gives a detailed report containing content and number of H1-H6 tags, missing tags, and more:

Netpeak Spider

3. Thin content

How do we define thin content?

  • Little original content on the page (usually, just a paragraph or two)
  • Lack of positive signals (links, clicks/traffic, mentions/shares. The latter is mostly an indicator of user engagement)

Everyone talks about thin content in our industry, but an alarming number of SEO reports fail to include it.

Why so? I see two reasons:

  • Thin content is hard to diagnose
  • Thin content is hard to explain (how to convince a client of a 100,000-page website to invest in editing existing content and consolidating lower-quality pages)

When it comes to diagnosing, I’d like to direct you to the awesome audit template from Annie Cushing. It does include thin content diagnostics and even explains how to find it.

As to explaining the issue to clients, the problem with thin-content pages is that it can negatively affect the whole site. If a search crawler finds a high percentage of thin content on a website, it may decide that the whole site is not of much value either. That’s the essence of the Panda update (which is now part of Google’s algorithm).

For more context, check out this video by Jim Boykin:

Whenever your site is affected, almost always the answer is “You have too much thin content”

That being said, thin content may be a reason of your client’s website slowly but surely losing its rankings. It’s very tough to diagnose:

  1. There are no longer thin-content-related updates being announced.
  2. The loss of rankings is very gradual making it hard to pin-point when and why it started
  3. Pages losing rankings may be of better quality than the rest of your website. Thin content may not have ranked for ages. What’s new is that they may now start negatively effect pages that do rank.

Like duplicate content, it’s not right to call this a penalty. Even though thin content may be dragging your site down, it’s not a penalty. It’s part of Google’s effort to keep its results higher-quality.

What other SEO issues do you consider often overlooked in our industry? Share your insights!

Source: http://ift.tt/1JcVoR1



How To Give Your Business a Complete LinkedIn Makeover in 6 Easy Steps

LinkedIn is the world’s largest and most active professional networking platform, with over 13 million companies vying for the attention of more than half a billion users.

Once seen primarily as a job-seeking tool, the platform now offers a rich media experience that businesses cannot afford to ignore. Many LinkedIn users log in daily just to bask in the knowledge of thought leaders and stay on the pulse of their respective industries.

As such, your LinkedIn Company Page represents a huge opportunity to steer the conversation in your field, carve out a space for your brand, and attract top talent in the process.

Here are six steps you can take today to optimize your LinkedIn Company Page and improve your presence, authority, and recruitment prospects.

1. Tell your story in pictures

Update your profile image

Your profile image is first thing people searching for your company on LinkedIn will see, so make a good impression. Company Pages with profile pictures get six times more visitors than those without.

Choosing a profile image is straightforward: take your company logo (the same one you’re using on your other social media channels) and resize it to fit with LinkedIn’s requirements.

screenshot of Hootsuite LinkedIn company page

Ideal LinkedIn Profile Image Specs

Set the tone with your profile banner

The profile banner above your company logo offers a bit more room for creativity, as there are no hard-and-fast rules for using this space (other than some sizing requirements).

Ideal LinkedIn profile banner specs

  • 1536 x 768 pixels
  • PNG format
  • Maximum 8 MB
  • Rectangular layout

How you choose to hang your Company Profile banner is up to you. Here are two completely different examples of company profile banners, and why they’re successful.

Sephora: simple, sleek and stylish

Screenshot of Sephora Company Page on LinkedIn

Even a simple graphic can add some much-needed flair to LinkedIn’s standard template. Sephora’s banner displays the clean black and white stripes that frame many aspects of their branding, both in-store and online.

Air Canada: active, engaging and actionable

Air Canada LinkedIn Company Page

Air Canada’s banner takes a more actionable approach, advertising their involvement in the 2018 Seoul Winter Olympics. It includes bilingual hashtags for a current social media campaign and reps Canadian colors, driving social engagement.

2. Use keywords

Write an “About us”

Carefully-selected images will hook a prospect, but it takes words to reel them in.

A well-optimized “About us” section on your company page is a tightly worded paragraph (2,000 characters or less) telling visitors everything they need to know about your company. Use simple, accessible language informed by keyword research to outline your business goals in words anyone will understand.

Like your other social profiles, the “About us” on your Company Page should answer six basic questions (which I’ve adjusted slightly for the LinkedIn platform):

  • Who are you?
  • Where are you based?
  • What do you offer?
  • What are your values?
  • What is your brand voice?
  • How can people contact you to learn more?

To see an “About us” done right, look at Shopify. Their bio accurately describes the scope of their main product without ever slipping into yawn-inducing wordiness.

My favorite part is how they snuck in “Being awesome” as one of their specialties. This is how you have fun with LinkedIn while keeping things professional.

Screenshot of Shopify LinkedIn Company Page

How to Give Your Business a Complete LinkedIn Makeover in 6 Easy Steps | Hootsuite Blog

Remember, LinkedIn is a professional space, and like every social media platform, it has its own set of unwritten rules. Don’t be the company sharing memes from five years ago in an effort to market to Generation Z.

INSERT GIF

Tailoring your content to a business-minded audience doesn’t mean it has to be boring; just read the room, and plan accordingly.

3. Create Showcase Pages

If the Company Page is a birds-eye view of your business and its core values, then Showcase Pages zoom in on your day-to-day activities.

These highly-customizable pages are essentially tailored news feeds on specific aspects of your organization. Depending on their interests, visitors might come here for content about your company’s individual brands and product ranges, ongoing charity efforts and sponsorships, or regularly occurring events like meetups, conferences, and expos.

Post, post, post

Real talk: Showcase Pages require upkeep. They have their own distinct sets of followers, separate from your Company Page. If you want these pages to be successful (and stay that way), ensure they’re regularly populated with articles, videos, slide presentations, and any other content that provides your followers with significant, long-term value.

Screenshot of Amazon showcase pages on LinkedIn

Showcase Pages are a great place to share Sponsored Content and get more value from targeted advertising.

You can target your posts by location and a recommended number of two other fields, including: industry, company, job type, seniority, group, school, and more. Because people following your Showcase Pages have already shown an active interest in that area of content by subscribing, they’re more likely to read it and share among their networks.

Here’s one last secret about Showcase Pages: they’re surprisingly underused. Capitalize on this! Even one Showcase Page puts you a step ahead of the competition, but you can have up to 10—enough to give you a serious advantage.

4. Build a career page

Glassdoor reports that 69 percent of job seekers are more likely to apply to a company that makes an active effort to promote its culture online. LinkedIn Career Pages are an amazing way to bolster your recruitment efforts by showing your company culture in its best light.

Located under the “Life” tab, Career Pages feature customizable modules where you can display high-quality images, videos and articles about the day-to-day at your organization. Try to include a URL in every post: LinkedIn reports that posts with links get 45 percent more engagement.

How to Give Your Business a Complete LinkedIn Makeover in 6 Easy Steps | Hootsuite Blog

How to Give Your Business a Complete LinkedIn Makeover in 6 Easy Steps | Hootsuite Blog

Consider employee perspectives

If you’re looking for ways to frame your company as a think-tank for fresh ideas, look to the Career Pages “Employee perspectives” section, where you can publish thought leadership articles written by employees.

According to a survey by Jumpstart HR, the vast majority of job seekers value personal growth opportunities over anything else when considering a new workplace. By sharing content produced in-house, you’re showing your current employees that their perspectives are valued, and telling future talent that there’s plenty of room for recognition—and the opportunities that come with it.

How to Give Your Business a Complete LinkedIn Makeover in 6 Easy Steps | Hootsuite Blog

Explore other features

The Careers Page has a ton of other features, too many to list out in one blog post. Here are the major ones you should be aware of:

  • Create a virtual “meet the team” section from employee profiles
  • Collect and share employee testimonials
  • List the causes your employees care about and support on their profiles
  • Promote diversity by listing spoken languages
  • Track your recruitment analytics to improve your hiring process

How to Give Your Business a Complete LinkedIn Makeover in 6 Easy Steps | Hootsuite Blog

Like Showcase Pages, you should update your Careers Page regularly. This is a space to proudly represent your company as a hub of excellence and new ideas, so post whenever you can; the goal is to have people clamoring to work for you.

With a good enough Careers Page, you might even win over a few employees from the Dark Side…I mean, your competitors.

5. Collect and give endorsements

More than a billion peer-to-peer endorsements have been given on LinkedIn, the platform’s most powerful (and sometimes controversial) form of social proof. Gather recommendations whenever possible, and don’t be shy to ask for them—it’s almost always mutually beneficial.

Ask employees

If your employees haven’t connected with your Company Profile, encourage them to do so, and be sure to write them a great recommendation from your personal profile in return. Your employees’ networks will be notified of work anniversaries, new job opportunities, and other updates about your business. When they share content to their own networks, it’ll also appear with your company name attached.

Ask associates

Some of the most valuable endorsements will come from your B2B interactions—76 percent percent of B2B buyers prefer to work with recommendations from their professional network.

Whenever you have a positive interaction with another company, whether that’s a vendor, an account manager, or someone you met at a networking event, reach out to them for a connection and recommendation, and offer one in return.

This “I scratch your back, you scratch mine” approach almost seems like cheating, but it’s a perfectly valid way to cement business relationships and grow your network. Just make sure you’re following endorsement etiquette by only endorsing people and businesses you have actually interacted with, for skills you can honestly attest to.

Ask customers

Another way to build your brand and gather recommendations is to engage directly with customers and followers. If someone comments on an article you’ve shared on your Company Page, or messages you with an inquiry, use it as an opportunity to create a dialogue and win an endorsement.

Similarly, if a customer posts about a positive experience they had with your company on another social media platform, you could message them privately and ask if they’d endorse your LinkedIn Company Page, too. Even if you don’t get the endorsement, the positive public interaction is its own form of social proof.

6. Keep Tabs on the competition

LinkedIn publishes an annual list of the 10 best Company Pages. Visit every one of those profiles and study how they’ve optimized their pages, especially if they’re direct competition.

Once your Company Page is set up, optimized and delivering a steady stream of content that follows these simple guidelines, you’ll be well on your way to networking greatness.

Optimizing your company’s presence on LinkedIn is easier with Hootsuite. From a single dashboard you can easily manage all your social channels, collect real-time data, and engage with your audience across networks. Try it free today.

Get Started

 

The post How To Give Your Business a Complete LinkedIn Makeover in 6 Easy Steps appeared first on Hootsuite Social Media Management.

Source: http://ift.tt/1LdunxE



Tax refund, or How to lose your remaining cash

Every year, vast numbers of people around the globe relish the delightful prospect of filling out tax returns, applying for tax refunds, etc. Given that tax authorities and their taxpayers are moving online, it’s no surprise to find cybercriminals hard on their heels. By spoofing trusted government agency websites and luring users onto them, phishers try to collect enough information to steal both money from victims’ accounts and their digital identity.

Attackers employ standard methods that basically center on creating phishing sites and web pages. Such resources can prompt for passwords to My Account areas on the websites of local tax services, answers to security questions, names and dates of birth of relatives, information about bank cards, and much more besides. In addition to information that users themselves unwittingly hand over, scammers often get hold of extra tidbits such as victim IP address and location, browser name and version, operating system. That is, anything that increases the chances of a successful bypass of the protection system into the victim’s accounts.

Phishing pages can also spread malware under various guises. Fraudsters don’t shy away from direct extortion under the cloak of tax agents — such attacks have occurred in the US, France, Canada, Ireland, and elsewhere. Let’s examine the most common tax-phishing schemes in more detail.

Canada (CRA)

In Canada, the body responsible for tax collection and administration is the Canadian Revenue Agency (CRA). The deadline for filing tax returns for the past financial year is April 30. The figure below shows phishing activity in 2016 spiking in the days leading up to this deadline, and only abating in May.

Number of Anti-Phishing triggers on user computers caused by attempts to redirect to phishing sites using the CRA brand, 2016

A slightly different picture is observed on the 2017 graph:

Number of Anti-Phishing triggers on user computers caused by attempts to redirect to phishing sites using the CRA brand, 2017

A surge came when many Canadians were expecting a tax refund of some sort. We registered a huge number of phishing pages informing people that they were entitled to receive a certain amount of money. It was mostly these messages that distributed links to fake CRA pages where victims were asked to fill out a web form.

Example of a phishing letter allegedly from the CRA with a fake notification about a potential refund.

Typically, such pages are almost a carbon copy of the official CRA site and request a large amount of personal information. If the user doesn’t doubt the site’s authenticity, he or she will have no qualms about filling in the many fields. As a result, the attackers get hold of valuable information, while users are notified of a two-day wait while their data is “processed.” For added plausibility, the victim can be redirected to the original CRA site.

Among the information that the fraudsters collect are bank card details (including PIN code), social security number, driver’s license number, address, telephone number, date of birth, mother’s maiden name, and employer. The attackers also retrieve the IP address and system information.

Example of a phishing page masquerading as a CRA site. When all personal information is entered and the form is submitted, the script generates an email with all the data input (as well as the victim’s IP address and data received from the User Agent) and sends it to the specified address

Criminals do not focus solely on tax declarations and refunds. They make repeated attempts throughout the year to extract data under the guise of the CRA. For example, one of the emails we found invited the recipient to view information about a “tax incident,” prompting them to enter a login and password for a Dropbox account, or provide email credentials. After that, the victim clicked a button to download a public PDF document with information about alleged changes to the tax legislation. The data entered was forwarded to the scammers.

Example of tax and CRA-themed phishing to get Dropbox and mail credentials

Scammers do not restrict themselves to fake sites and emails. They also send out SMS messages and even call victims pretending to be from the CRA, demanding urgent payment of debts by wiring money to a certain account. Such calls are often accompanied by intimidation (threats of penalties, fines, and even imprisonment are used).

Taxpayers in Canada should remember that the CRA never sends emails containing links or requests for personal data, except when an email is sent directly during a telephone conversation with a CRA agent.

CRA recommendations on how to avoid scams are available on its official site under Security.

United States (IRS)

In the US, the tax body is the Internal Revenue Service (IRS), and the tax return deadline is usually April 18 (the date may vary slightly from year to year). In 2016, as in Canada, a major fraud outbreak occurred in the run-up to the deadline:

Number of Anti-Phishing triggers on user computers caused by attempts to redirect to phishing sites using the IRS brand, 2016

However, we observed bursts of scamming activity throughout the year. That made it difficult to single out a specific moment in 2017, save for a notable pre-New Year spike:

Number of Anti-Phishing triggers on user computers caused by attempts to redirect to phishing sites using the IRS brand, 2017

Scammers use a range of topics to bait US taxpayers: tax refund, personal information update, account confirmation, etc.

Examples of fake IRS emails

Tax refund forms are a very popular tool for phishers in the US, and scam sites that exploit this method typically appear at the start of the tax return period. The amount of data they steal is staggering: anything they can and more besides. They exploit users’ very strong urge to claw back some of their hard-earned cash.

Fake IRS pages prompting users to fill out a tax refund form

An information leak on this scale might not only empty the victim’s bank accounts, but lead to a host of other problems, including targeted attacks and attempts to access other accounts. Whereas a compromised bank card is easily blocked and reissued, one’s address, social security number, date of birth, and mother’s maiden name are rather less flexible.

Another way to dupe victims is to send a fake tax service message containing a link to confirm their account, update personal information, or restore their password:

Examples of phishing pages using the IRS brand

After the data is forwarded to the scammers, the victim is usually redirected to the original site not to arouse suspicions:

Example of a phishing script sending user data to a fraudulent email address. If the information is successfully forwarded, the victim is redirected to the original tax service website

Besides the IRS brand, scammers use the name of Intuit, the developer of the TurboTax program, which helps fill out tax returns.

Example of a phishing email using the Intuit brand

Scammers try to get user credentials for the Intuit site, as well as email logins and passwords:

Examples of phishing pages using the Intuit brand

Links to phishing pages in the US are distributed not only by email, but by SMS and social media. Remember that the IRS doesn’t initiate contact with taxpayers through these channels to request personal information.

Official IRS anti-phishing recommendations are available on the department’s website..

United Kingdom (HMRC)

The UK tax (fiscal) year runs from April 6 through April 5 the following year. The PAYE (Pay As You Earn) system means that most taxpayers are not required to fill out any forms by a certain deadline (HMRC receives monthly data from the employer). However, if a taxpayer’s income changes, he/she must update their tax code in accordance with the new income level. And in the event that the taxpayer owes money or is due a reimbursement, HMRC (Her Majesty’s Revenue and Customs) will make contact to arrange payment. That’s where scammers set traps informing potential victims about a potential refund or (less often) monies owed.

In 2016, phishing activity in this segment in the UK was very high, rising toward the end of the calendar year:

Number of Anti-Phishing triggers on user computers caused by attempts to redirect to phishing sites exploiting the name of the UK’s HMRC, 2016

In 2017, phishers cast their nets in May (this month saw two major outbreaks of activity) and remained active pretty much until the end of the calendar year.

Number of Anti-Phishing triggers on user computers caused by attempts to redirect to phishing sites exploiting the name of the UK’s HMRC, 2017

Scam emails supposedly from HMRC are sent to UK residents via SMS, social media, and email, and contain links to phishing pages that strongly resemble the official website. To claim their “refund,” users are usually asked to enter bank card details and other important information.

Examples of phishing pages using the HMRC brand.

In addition, scammers try to steal credentials for other services. In the example below, the scammers sent an email seemingly from HMRC with a PDF attachment (in fact an HTML file). On opening it, the user is shown a page in the style of an Adobe online resource, and is prompted for an email login and password to view the PDF. These credentials are, of course, sent to the attackers.

A fake PDF directing victims to a page used by cybercriminals to steal email account credentials

Anti-phishing recommendations can be viewed on the official HMRC website.

France (DGFiP, impots.gouv.fr)

In France, tax collection is the responsibility of the General Directorate of Public Finance (La Générale des finances publique, DGFiP); the start of the fiscal year coincides with that of the calendar year. The French have no PAYE system (one is planned for implementation in 2019), and the deadline for tax returns is set by each individual département. Tax declarations can be filed in paper form (soon to be discontinued) and online. What’s more, the paper deadline is earlier than the electronic one. Generally, the submission deadlines fall in May-June.

As we can see on the graphs, phishing activity surged during this very period:

Number of Anti-Phishing triggers on user computers caused by attempts to redirect to fake DGFiP phishing sites, 2016

2017 saw two flashes of activity: during the filing period and at the end of the year:

Number of Anti-Phishing triggers on user computers caused by attempts to redirect to fake DGFiP phishing sites, 2017

The most popular topic for scammers, as before, is the offer of a refund:

Example of a phishing email exploiting the subject of tax refunds

Clicking on links in such messages takes users to phishing pages where they are prompted to enter bank card details and other personal information:

Examples of fake pages masquerading as the French tax service

Official warning about scammers on the DGFiP website.

Other countries

Taxes are a common scamming topic in other countries, too. Personal information is solicited for under various pretexts: tax return completion, account verification, tax refund, system registration, etc.

Example of a fake page of the Revenue Commissioners of the Republic of Ireland

Scammers not only target taxpayers’ personal data, but sometimes aim to install malware on their computers. For example, one spam mailing contained a link to a fake site of the Federal Tax Service (FTS) of the Russian Federation, where a Trojan was downloaded to the victim’s computer.

A spoof FTS site distributing malware

Not only taxes

Posing as the state, attackers have other topics than taxes up their sleeve. For example, scammers in Hungary held fake prize giveaways in the name of the government:

Smartphone giveaway by the “Hungarian government”

In Italy, fraudsters rather ingeniously extorted money under the guise of the Ministry of Defense. To conceal its real address, the site opened (if the user allowed it) in full-screen mode with the control elements and address bar hidden, and then proceeded to simulate these interface elements. Naturally, the fake address bar displayed the Ministry’s legitimate URL.

Fake Italian “Ministry of Defense” website

Scaring users into thinking they had distributed prohibited materials (pornography, pedophilia, zoophilia), the site blocked the computer and demanded a fine in the form of a €500 iTunes gift card to have it unblocked.

Conclusion

Trust in government websites is very high, and filing of tax returns always involves submitting large quantities of personal information. Therefore, if users are sure that they are on the official tax service website, they will not hesitate to share important details about themselves. Another important aspect is that many online tax return filers are not everyday netizens, and thus know little about online fraud and cannot recognize a scam when they see one. But even regular Internet users can be wrong-footed by a tempting (and often expected) tax refund notice. Scammers take full advantage of this. In sum, always treat monetary offers with a healthy dollop of skepticism, and bookmark the official site of your country’s tax service in your browser to help avoid getting hooked by phishers.

http://ift.tt/2EIPAOq Source: https://securelist.com



Help support Creative Nerds with crowd funding

Hey, I’ve got some awesome news we are now on Patreon.

Creative Nerds blog was founded way back in 2008. Starting off as experimental blog fastley became an innovating playground filled with tons’ design resources from Photoshop brushes to vector packs as well serving as inspiration vault, a place to learn, articles and catching up with the latest online design and web development news.

I would like to keep contributing to my design blog, as well as make it twice as better and be able to produce the best possible design resources and articles. I will always continue to produce great content for Creative Nerds twice a week as per usual, but Patrons who donate $5 a month will get 1-2 high quality premium design resources each month.

These are 12 of the resources I have published so far, which you will instantly have access to download once you pledged $5 a month.

Thank for reading this post and considering supporting Creative Nerds. Click here to pledge.

Source: http://ift.tt/2s5sNGE



Intel ships (hopefully stable) microcode for Skylake, Kaby Lake, Coffee Lake

Enlarge / Intel Core i9 X-series Skylake X. (credit: Intel)

Intel reports that it has developed a stable microcode update to address the Spectre flaw for its Skylake, Kaby Lake, and Coffee Lake processors in all their various variants.

The microcode updates help address Spectre variant 2 attacks. Spectre variant 2 attacks work by persuading a processor’s branch predictor to make a specific bad prediction about which code will be executed. This bad prediction can then be used to infer the value of data stored in memory, which, in turn, gives an attacker information that they shouldn’t otherwise have. The microcode update is designed to give operating systems greater control over the branch predictor, enabling them to prevent one process from influencing the predictions made in another process.

Intel’s first microcode update, developed late last year, was included in system firmware updates for machines with Broadwell, Haswell, Skylake, Kaby Lake, and Coffee Lake processors. But users subsequently discovered that the update was causing systems to crash and reboot. Initially, only Broadwell and Haswell systems were confirmed to be affected, but further examination determined that Skylake, Kaby Lake, and Coffee Lake systems were rebooting, too.

Read 3 remaining paragraphs | Comments

http://ift.tt/2ogMsDp Source: https://arstechnica.com




top