Celebrate Cybersecurity with Intel and McAfee Lifehacks

During National Cyber Security Awareness Month (NCSAM), Intel and McAfee are reaching out to digital citizens to come up with and share their favorite lifehacks. Lifehacks are tips and tricks to make life easier, more productive, interesting and just plain fun. Lifehacks are usually cheap or free and sometimes put money in your pocket. Best of all lifehacks are creative and often inspirational.

To celebrate NCSAM, Intel and McAfee are providing digital security lifehacks to get you on the fast track to online security.

Here’s a lifehack example: To get the best pricing when searching for airfare prices online, use the private browsing mode. Why?  I’m told that when searching online for airfare prices that the websites place tracking codes (known as cookies) on our computers or mobile devices so when we revisit those sites again to check if prices have changed, those sites already know the original prices we were quoted.

Here’s another one: Use single-use credit cards online. Why? When shopping online, you could be exposed to credit card theft if your computer is compromised or the site you are shopping on is not safe. A one-time use credit card is just that—it only works the one time you use it. It’s perfect for online shopping—even if someone hacks that credit card number, it won’t be valid any other time.

If your online privacy is important to you, why not take this month to share what you’ve learned with those you care about. To get involved and enter to win a free Ultrabook™ and McAfee LiveSafe™ subscriptions, go to mcafee.com/lifehacks to find more lifehacks to share.

This October, stay proactive in protecting yourself from the hackers, or you just might find scary things happening at your own computer, smartphone or tablet. To join the conversation, follow #HackYourLife on Twitter for more tips and updates.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

 

What is scareware?

When it comes to making us fall for their scams, cybercriminals have a number of tricks up their sleeves. One of these tricks is to scare us into thinking that our computers or smartphones have become infected with malware to get us to purchase a fake application. The programs and unethical advertising practices hackers use to frighten users into purchasing rogue applications are called scareware.

6DIn a typical scareware scam, you might see an alarming popup message while browsing the Web that says “Warning: Your computer is infected!” or “You have a virus!” You would typically see these messages if you accidentally clicked on a dangerous banner ad or link, or by visited a compromised website. The cybercriminals are hoping that you click on the link in the popup message to “run a free scan” and then purchase their phony antivirus software to get rid of the nonexistent problems.

Since these scams are based on fear mongering, you could see repeated popup warnings until you finally agree to download the rogue software that they say will fix the issue. But, instead of real antivirus software, you wind up downloading a malicious program. These programs can even disable the legitimate security software on your device, which can make scareware very difficult to remove.

These scams are one of the most persistent threats on the Internet today. They play on our fear of losing data, time, and money and leverage the urgency of popup messages and repeated warnings to get us to act.

Here’s some tips to protect you and your loved ones from scareware:

Only purchase security software from a reputable company via their official website or in a retail store, and keep your security software up-to-date.

Never click on a link in a popup—simply close the message by clicking on “X” in the upper corner and navigate away from the site that generated it.

If you are concerned that your device may be infected, run a scan using the security software you have installed on your device.

If you don’t already have security protection on all your devices, then try out McAfee LiveSafe™ service, which protects all your PCs Macs, tablets, and smartphones from online threats as well as safeguarding your data and identity.

Don’t let the bad guys scare you into taking actions that could do you and your devices harm. Stay safe online.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

Celebrate cybersecurity with Intel and McAfee life hacks

During National Cyber Security Awareness Month (NCSAM), Intel and McAfee are reaching out to digital citizens to come up with and share their favorite lifehacks. Lifehacks are tips and tricks to make life easier, more productive, interesting and just plain fun. Lifehacks are usually cheap or free and sometimes put money in your pocket. Best of all lifehacks are creative and often inspirational.

To celebrate NCSAM, Intel and McAfee are providing digital security lifehacks to get you on the fast track to online security.

Here’s a lifehack example: To get the best pricing when searching for airfare prices online, use the private browsing mode. Why?  I’m told that when searching online for airfare prices that the websites place tracking codes (known as cookies) on our computers or mobile devices so when we revisit those sites again to check if prices have changed, those sites already know the original prices we were quoted.

Here’s another one: Use single-use credit cards online. Why? When shopping online, you could be exposed to credit card theft if your computer is compromised or the site you are shopping on is not safe. A one-time use credit card is just that—it only works the one time you use it. It’s perfect for online shopping—even if someone hacks that credit card number, it won’t be valid any other time.

If your online privacy is important to you, why not take this month to share what you’ve learned with those you care about. To get involved and enter to win a free Ultrabook™ and McAfee LiveSafe™ subscriptions, go to mcafee.com/lifehacks to find more lifehacks to share.

This October, stay proactive in protecting yourself from the hackers, or you just might find scary things happening at your own computer, smartphone or tablet. To join the conversation, follow #HackYourLife on Twitter for more tips and updates.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

10 Years: National Cyber Security Awareness Month 2013

Today marks the beginning of National Cyber Security Awareness Month (NCSAM). This year we celebrate the 10th anniversary of NCSAM. Since its inception a decade ago under leadership from the U.S. Department of Homeland Security and the National Cyber Security Alliance, NCSAM has been a collaborative effort between government and industry to ensure every American has the resources they need to stay safe and more secure online.

NCSAM is the one month a year that everyone is proactively reminded that online security is everyone’s responsibility. Taking personal responsibility for life begins with you and taking personal responsibility for your security is no different. All of us need to take assertive action if we don’t want to end up in the dark because some criminal hacker decides to attack our critical infrastructure. Everyone has a role in securing their part of cyberspace, including the devices and networks they use. Individual actions have a collective impact and when we use the Internet safely, we make it more secure for everyone.

If each of us does our part—implementing stronger security practices, raising community awareness, educating young people, training employees—together we will be a digital society safer and more resistant from attacks and more resilient if one occurs. This means taking charge of our own security, by investing time and resources to protect our devices and educate ourselves on online safety practices and scams that hackers use.

Here are some basic steps you can take to do your part in this shared responsibility.

  • Update your security: Use up-to-date comprehensive security software and use the latest versions of your Web browser, and operating systems.
  • Update your privacy: When available, make sure to set your privacy and security settings to private or friends only on social media to reduce broad information sharing.
  • Password security: Make passwords long, strong and unique. Use upper and lowercase letters, numbers and symbols to create a more secure password and don’t use the same password for all your sites.
  • Protect mobiles too: All devices that connect to the Internet are vulnerable. Along with your PC, make sure to protect your Macs, smartphones, tablets and other Internet-enabled devices.
  • Exercise caution when using Wi-Fi: Wi-Fi hotspots are risky. Save your banking and shopping online  for when you are using a secure connection.

To help celebrate and promote online safety, there are many events taking place during NCSAM that McAfee is participating in:

Tweet chat on October 10th at 12pm PT/3pm ET with the National Cyber Security Alliance, Visa, Department of Homeland Security, FTC, Paypal and AT&T on protecting your personal information and your devices safe no matter how you’re accessing the Internet, especially via mobile. Use the hashtag #ChatSTC to join the conversation!

Intel and McAfee, along with the National Cyber Security Alliance, are making it easy for users to participate in NCSAM with Digital Lifehacks. These lifehacks are providing simple tips to stay safe online and are encouraging sharing of this content by offering prizes like an Ultrabook™ and McAfee LiveSafe™ for sharing this content! Learn more atwww.mcafee.com/lifehacks . You can also join in the conversation on Twitter and online by using the hashtag #HackYourLife.

Remember, we all need to be vigilant about our own security—during NCSAM and all year long. Stay safe online!

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

Mirror Mirror Online, Who Is the Most Dangerous Celebrity of Them All?

We all do it. We probably all just don’t admit it. Well I admit it—I’ve searched for that elusive picture of Kimye’s baby North (who I thought would be called Kadence, but I’m not in the know, which is why I’m on the search engines constantly). But what most of us don’t realize is that searching for celebrities and other hot topics in the news could put us and our computers, smartphones and tablets at risk.

Cybercriminals know that search engines (like Google, Yahoo! and Bing) can also be used for criminal means. They know that if they use breaking news, celebrity gossip, or must-have free content, they are more likely to lure you into clicking on phony pages that are designed to steal your money and personal information.

Today, McAfee released research that found Lily Collins, star of The Mortal Instruments: City of Bones, has replaced Emma Watson as the 2013 Most Dangerous Celebrity™.  McAfee found that searching for the latest Lily Collins pictures and downloads yields more than a 14.5% chance of landing on a website that has tested positive for online threats, such as spyware, adware, spam, phishing, viruses and other malware.

This actress and natural beauty can give you much more than you bargained for, so be careful what you ask that mirror on the wall. She first gained attention as Sandra Bullock’s (who’s #3 on the list) daughter in The Blind Side and has been gaining momentum with films such as Mirror Mirror and the Mortal Instruments series. She’s also daughter of renowned singer and songwriter, Phil Collins, and has been in showbiz for almost 20 years. With notoriety like she has, the bad guys are bound to pay attention.

The study uses McAfee® SiteAdvisor® site ratings, which indicate which sites are risky when attached to celebrity names on the Web and calculate an overall risk percentage. The study also found that, for a second year in a row, women are more dangerous than men, with Mad Men star Jon Hamm, being the only male to crack the top ten.

So while it’s probably not feasible for us to stop searching on the latest hot topics and celebrity gossip, we can make sure we are safe while doing so. Here are some tips for you to stay safe online:

  • Be suspicious — If a search turns up a link to free content or too-good-to-be-true offers
  • Be extra cautious when searching on hot topics — Cybercriminals set up fake and malicious sites that dominate these time-sensitive search results
  • Check the Web address — Look for misspellings or other clues that the link might be directed to a phony website
  • Protect yourself — Use comprehensive security on all your PCs, Macs, smartphone and tablets, like McAfee Live Safe™ service, that comes with a safe search tool that protects your from going to risky websites.

To learn more about Most Dangerous Celebrities™, click here or read the press release.

Follow @McAfeeConsumer for live online safety updates and tips and use hashtag #RiskyCelebto discuss the Most Dangerous Celebrities of 2013 or like McAfee on Facebook.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

It’s Even Easier Now For Regular Folks To Conduct Cybercrime

Here’s a late night infomercial for you: How’s that burger flipping going? That cubicle working out? Anyway, I’m sure your boss is such a nice guy. Guess what! If you’re interested in a career in criminal hacking, you don’t even need a computer! This (scary) special, one-time offer comes to you right now from the Internet! Get your credit card ready!

Yes people, this is no joke. Everything you, ‘the average person,’ need to conduct cybercrime can now be purchased online—for example, you can get access to your spouse, neighbors or bosses emails, conduct research, create malware, execute an attack—all of it! Today’s cybercriminals don’t need great technical expertise, or even need to own a computer. Everything can be available for a price.

I often hear people say, “If criminals just used their skills for good, think of how much money they could make and how much better the world would be.” The sad fact is that the bad guys can make in one day what the good guys make in a year.

In a new report called “Cybercrime Exposed,” Raj Samani, vice president and CTO of McAfee, exposes the shift that has taken place with cybercrime easily getting in the hands of everyday people. Here’s a quick snapshot of the report:

The growth of the cybercrime “as-a-service” business model allows cybercriminals to execute attacks at considerably less expense and easily assessible tools now more than ever before.

From renting services to buying email lists for a small sum, the types of exploits that are now available with a click of the button are shocking.

The four categories of cybercrime as a service are:

Research-as-a-Service—One of the primary items research is used for is discovering and identifying vulnerabilities in software or operating systems. The sale of this information can be used for bad or good, so this is why this is considered a gray market. It becomes a cybercrime when these vulnerabilities are sold on the black market so cybercriminals can use the “holes” to exploit users.

Crimeware-as-a-Service—This is what you’d expect to find for sale in the black market. It involves the sale of online tools, or development of tools that can be used by the bad guys to carry out a cybercrime attack.
Also it includes the sale of hardware that may be used for financial fraud (for example, credit card skimming) or equipment used to hack into systems.

Cybercrime Infrastructure-as-a-Service—Once the toolset has been developed, cybercriminals are faced with the challenge of delivering their exploits to their intended victims. An example of this service is the rental of a network of computers controlled by a hacker (known as a botnet) to carry out a denial-of-service (DoS) attack. What is DoS? That’s where the criminal floods a target website with large amounts of traffic so users can’t access the site).

Hacking-as-a-Service—Getting a hold of the individual components* of an attack remains one option; but there are services that allow a criminal to outsource everything about the attack.

This path requires minimal technical expertise, although it is likely to cost more than acquiring individual components and is often used by criminals wanting to obtain information such as bank credentials, credit card data, and login details to particular websites.

While the news is grim, the solutions are not. Here’s what you can do to protect yourself from the bad guys (or your neighbor):

  • For starters, use comprehensive security on all your Internet connected devices, like McAfee® LiveSafe, that includes antivirus, anti-phishing, anti-spyware  and anti-spam, and a firewall
  • Keep your browser and your devices’ operating systems updated to make sure you receive critical security patches
  • Beware of any emails that might contain infected links
  • Secure your wireless connection by using encryption

And if you do decide to go into the business of being a criminal, make sure you have money in reserves for a lawyer because law enforcement and companies like McAfee are relentless in the pursuit of criminal groups or networks who steal your money, your information, or your identity and of those who engage in online abuse of children.

*Each cybercrime attack consists of a variety of components, such as getting a hold of usernames, email addresses, passwords, sending a phishing email, finding the mobile number, determining someone’s Operating System identification, etc.

Robert Siciliano is an Online Security Evangelist to McAfee. Watch him discussing information he found on used electronic devices YouTube. (Disclosures)

5 Home Security Tactics of the Uber Rich

The uber rich have many reasons to invest in uber security. I met a woman who won a $300 million lottery, and she had some unfortunate stories about how low people go to get at and to moneyed individuals. So to protect life and limb, the uber class invest in:

  • Safe rooms: These include not just bulletproof but bombproof glass, walls, ceilings and floors. But for the ubers, it’s a “safe core” that includes bedrooms, bathrooms, a cooking area and food, and other necessities needed for survival for a week or more.
  • Pepper fog: Sure, you can grab a can of pepper spray and douse your home invaders, but how about outfitting your home with a sprinkler system-like pepper fog that can be accessed via an app?
  • NBC shelter: A nuclear, biological and chemical (NBC) shelter can be 20 feet or more underground and is designed to keep a family alive for months with all the necessary supplies, including oxygen.
  • Mega control room: Security cameras for a residential installation are around $100-$200 apiece, more or less. But for the uber rich, they invest in pan-tilt zoom cameras that pick up body heat, incorporate facial recognition, and eventually will be able to predict what people will do next based on their body language.
  • Helipad: If you need a quick escape from an imminent home invasion, why not install a helipad on your roof?

It’s beginning to sound like it’s much too complicated to be uber rich. But heck, I’d be happy to give it a whirl! Wouldn’t you?

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Preacher Charged with Burglary

Can you believe it? A man of the cloth was up to no good. What has the world come to?

A pastor from Tennessee was caught on a security camera trying to break into the home of one of his parishioners. It’s not the prison-heading pastor’s first pass with the po-po; it seems he’s got a nasty drug habit that’s seemingly hard to break, and he’s been busted before.

USA Today reports: “[The suspect] was already on probation after pleading guilty in 2011 to aggravated burglary in Rutherford County, avoiding a four-year prison sentence by begging a judge for mercy, forgiveness and a chance to treat his addiction.”

His victim was a 70-year-old spitfire named Jewel, who was quoted saying, “I opened the back door and there he stood in the kitchen. I grabbed him by his shirt and I said, ‘I got you now, you ain’t goin’ nowhere,’” she said. “He kept saying, ‘Jewel, let me go.’ I said, ‘No! You stole my medicine.’”

Drugs, man. Drugs. Drugs make people do stupid, desperate things. Lucky for Jewel, the pill-popping pastor wasn’t violent, but he apparently still has his own demons to exorcise, and it seems he needs to cast aside his evil ways and practice what he preaches.

Jewel and her fellow churchgoers need to understand they can only pray for protection so much, but then they need to take action too. Much of society sits back and keeps their fingers crossed, hoping such a thing won’t happen to them. And when it does, even after their pastor was busted years earlier and they invite him back, they wonder how and why this could’ve happened—because that’s his “normal.”

Bad, as we know it, works in mysterious ways.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Why Child Identity Theft is Dangerous

Identity theft in the form of new account fraud can happen to anyone with a Social Security number, which includes virtually any American with a pulse…as well as some who no longer do. Identity theft can even happen to your newborn baby shortly after a Social Security number has been issued to him or her and this could have long term implications for your child.

Within days of your child’s birth, you typically sign documentation prior to being released from the hospital, and a Social Security number is issued within a few weeks. That number is promptly distributed to many entities: the U.S. Social Security Administration, the hospital, your doctors’ offices, your insurance company, the Internal Revenue Service (IRS)—and anyone who has access to the relevant documents or files can also gain access to a person’s identity.

There is a growing trend among identity thieves to steal the identities of children, especially infants because it is unlikely that your child or you as parent, will be checking their credit report, since they are too young to talk let alone have a credit card. Child identity theft occurs when the identity of someone under the age of 18 is compromised. When this occurs, the child’s Social Security number is used to open up new accounts. The new accounts opened could be anything from credit cards to bank loans to automobile loans.

Your child’s records represent a clean slate for the criminal and it usually takes years before the theft is discovered. Often, the first time victims discover that their identity was stolen is when they engage in their first financial transaction and try to establish credit by, for example, purchasing a cell phone or buying a car.

There have been far too many instances of parents receiving a call from a bill collector informing you that your two-year-old bought a Mercedes and defaulted on a loan. Or perhaps law enforcement may come knocking on your door to inquire about crimes committed by your newborn child. So besides damaged credit, you child could have income tax liability or a criminal record as the result of identity theft.

The best protection against child identity theft is comprehensive device security, like McAfee LiveSafe™ service, along with filing a fraud alert with the credit bureaus every quarter with the hope that you are denied, because a credit report doesn’t exist—means your child’s identity is still safe. As parents we need to be vigilant about protecting our own and our kids’ information.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

Home Invasion Ends in Gun Battle

So a recent Bay Area home invasion ended in a gun battle. You know why? Because it’s a home invasion. That’s often what happens when a person’s home is invaded. If the homeowner has a gun and can get to it, he pulls it out and starts shooting. But chances are the home invader has a gun too. Next thing you know, it’s like the O.K. Corral and bullets are flying all over the place. Not cool.

NBC reports: “Three suspects had entered the home and confronted a total of four people inside at the time. According to police, a gun battle broke out between the suspects and a 24-year-old man. When they arrived at the home, police said they found the 24-year-old with a gunshot wound. His wound is not considered life threatening. Police found guns, bullet holes and blood at the scene. They believe two of the suspects were shot during the exchange of gunfire. Some shots were fired outside of the home.”

This is what happens in small towns and big cities everywhere. Home invasions aren’t isolated incidents that occur out of the blue; they are planned by bad people who have bad intentions, and they are violent and often end in death. Some home invasions happen when the victim is known to the perpetrators, while others are complete strangers.

The best way to protect yourself from a home invasion is to layer your home with multiple layers of security, including:

  • A monitored home security system that is on when you’re home, gone and sleeping.
  • Motion-activated security cameras connected to a DVR recording 24/7/365.
  • Reinforced steel solid-core doors.
  • Door reinforcement technologies that beef up the frame, hinges, locks and jamb.
  • Strong locks that can’t be easily picked or broken off.
  • Shatterproof window film that prevents glass breaks.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.