Last week a friend of mine told me about a problem that she was having with her webmaster. She no longer trusted this person who was in charge of her ecommerce website.

Their relationship is similar to most webmaster – client relationships: the webmaster understands the complexity of web design and search engine placement and the client relies solely on her/his expertise. The client’s lack of technical knowledge and dependence can make them an unwitting victim of unscrupulous webmasters. That is exactly what happened to my friend.

Now, most webmasters are solid, upright citizens working hard for their clients. But the few bad apples... well, ruin it for everyone. 

Webmasters are privy to many types of secure data. Some of the information that I routinely receive are client credit card numbers, home addresses, secret words or questions, usernames and passwords. Clients seem to be willing to hand over whatever information is necessary for securing their domain names, hosting service, payment gateways, and security certificate setups. In addition, I also have access to all customer purchase information: addresses, phone numbers, email addresses, credit card information, and login username and passwords.

With that in mind, security breaches and misuse of data become a possibility. Relying on a webmaster, whose moral base is, “whatever it takes to make a buck” will quickly develop into a disaster for the client.

Disaster struck my friend’s business. Her webmaster set up the website and email accounts and hosted it on his web server. He controls the entire process leaving my friend out of the loop. She submits changes to him as she does not even have a username and password. If the webmaster was competent and trustworthy, the relationship could continue like this for a long time. Unfortunately, he was not.

Maybe a mistake, maybe a design error? NO. This webmaster was siphoning her client list and selling the client list to spammers. Further investigation showed that an employee was also providing the webmaster with bulk mail lists.

How did she find out she could no longer trust her webmaster? She heard it from her customers, her bread and butter. Customers were complaining that they were receiving massive amounts of spam after signing up for information on my friend’s website. Knowing that she has an anti-spam policy in place, she began to investigate.

After setting up a dummy Hotmail account, she went to her website and submitted the Request for Information form.