Power of appreciation

Isn't it lovely when one of those little gems pops up in your mailbox ... a few sincere words of thanks for a job well done? Especially if it comes out of the blue from a client you've been working with for a while.

Receiving one of these uplifting messages earlier in the week – and basking in a few precious 'feel good' moments - I started wondering why we don't take the trouble to say, "Thank you," more often. It costs nothing but a few minutes to draft a brief email, letting a colleague, client or supplier know you appreciate them. Yet it can really make their day! Not only that, human nature being what it is, you can be pretty sure that the next task this person undertakes on your behalf will be done with extra enthusiasm and pleasure. If we all said, 'thank you,' more frequently, we could create a much more pleasant and co-operative working environment!

This started me thinking about the people who donate to our organisations. If ever anyone deserved heaps of appreciation it has to be those who part with their hard earned cash in the hope of making the world a better place. But are we really showing them how much we appreciate them? Do we even acknowledge their support? And if we do, are our words of thanks sincere and genuine, or just standard auto email responses and form letters churned out by the thousand?

Most organisations thank donors when the cheque or credit card payment comes through. And that's the least we can do. But I wonder how a donor would feel if he or she received a letter of appreciation, an email or thank you card completely out of the blue ... just to let them know you are thinking of them and thankful for their support in the past. I'm willing to predict this would create a stronger bond and increase the likelihood of further support!

Wordpress sites under attack

According to Wordfence, the security plugin we use on our Wordpress sites, an average of just over 30 million brute force attacks (login guessing attempts) as well as 7.2 million complex attacks (attempts to exploit a security vulnerability) took place every day during June 2017 on the websites they monitor.

Sadly one of our clients' sites fell victim to hacking earlier this year, which taught us a lot more than we ever wanted to know about the 'baddies' out there in cyberspace. The site was both defaced and, more alarmingly, SQL injection was used to secretly infiltrate the database and make changes to some of the functionality of the site.

Fortunately, we were able to remove the defaced pages almost as soon as they occurred, thus reducing the potential damage that might have been caused by a loss of donor confidence in the site. Fixing the database and preventing further breaches though took a lot more effort and some sleepless nights!

Regardless of what security measures you have in place, hackers are continually looking for new vulnerabilities to exploit. The latest relates to a method attackers use to find a WordPress website within minutes of it being installed for the first time. As the legitimate installation is in progress, the hacker runs his/her own script to install a back door and resets the site so the site owner doesn't know it's been compromised.

Another way of compromising a Wordpress site is by quietly installing a malicious web shell, which takes over and executes all kinds of malicious scripts and behavior. In essence, writes Andie La-Rosa of Wordfence, "Your website has been broken into, hackers have made themselves at home on your server, your bandwidth and storage space have been stolen, and you’re none the wiser".

Unfortunately, owing to their popularity, Wordpress sites are most at risk of malidious attacks. If you have a Wordpress site, it's vitally important to ensure that the core files are immediately updated whenever a new version is released. You also need to ensure that you are always running the latest version of your theme file and all plugins. Brute force attacks can be countered by choosing good usernames and passwords. In 90% of the attacks I've monitored, hackers use "admin" as the username. They also frequently try the organisation's name or email address as the username or the password.

When it comes to passwords, length is more important than complexity. According to Stopthehacker.com, “It takes only 10 minutes to crack a lowercase password that is six characters long. Add two extra letters and a few uppercase letters and that number jumps to 3 years. Add just one more character and some numbers and symbols and it will take 44,530 years to crack.”

Technology changes - fundraising doesn't

With all the digital tools and widgets, it's easy to forget everything you know about fundraising. The truth is, people won't give to your organisation because you have a really cool and interactive website. Or because you have a huge donate button on every page.

They give because you make them feel something – sad, angry, frightened, guilty, obligated – or because they want to be part of a group ... to look good among their peers ... or for religious reasons, because they believe it is the right thing to do.

Using your home page to tell visitors all about your organisation – your mission and vision, your achievements, your projects, your credentials, your team – may seem like the logical thing to do. But you only have to visit a commercial website like Woolworths – where the focus is all on the visitor and what they might want to buy – to realise that you need to shift the focus from your organisation to your visitor. People are interested in themselves first and foremost, and you need to immediately answer the question, "What's in it for me?"

What's in it for the visitor is, of course, the chance to do something that will make them feel good about themselves. Human beings are programmed with the desire to help other people or animals. To be kind. To help put things right that are wrong. All you have to do is show them how.

Often you can do this by telling a story about someone in need, or about a hero in your organisation who has done something inspiring. And of course, you should never under estimate the power of a really good image. Pictured alongside is one of my all time favourites by Reuters/Daily Mail UK, on the death of Nelson Mandela. You cannot look at the picture and not feel the grief and shock of the moment.