What is Encryption?

Encryption is the science of encoding and decoding secret messages.  It began as cryptography—the ancient Greeks used it to protect sensitive information that might fall into the hands of their enemies. More recently, governments have used encryption for military purposes, but these days the term if often used in reference to online security.

Encryption is important because it allows technology providers such as website owners to convert sensitive information, such as your credit card number, passwords and other financial details, into a code that cannot be read by cybercriminals or other unauthorized third parties. As an Internet user you should be aware of when encryption is being used, and when it is not, since it can help protect your personal information when doing sensitive transactions.

So, when you’re doing online banking or online shopping, or registering with a site that requires your personal information, look to see that the website address begins with “https:” instead of just “http:” since this indicates that this site is using encryption. You can also look for the lock symbol, since this is another indication that the site offers improved security.

In addition to online shopping and banking destinations, other sites have started offering the option of switching to a secure “https:” page.  Facebook, Twitter, and LinkedIn, for example, now offer encryption since their users are sharing so much of their personal information. Keep in mind, however, that not all websites need this kind of security. Don’t be alarmed if you are on a news site, for example, that doesn’t offer encryption since you generally read content on these sites but do not send or share personal details.

Knowing about encryption and how it can protect you is important, so remember to follow these tips to protect yourself online:

Look for “https:” and the lock symbol when making sensitive transactions online

Always be careful about how much personal information you share online

If you use social networking sites, check your privacy settings to make sure that your information stays private

Use comprehensive security that protects your identity, data and all your devices, like McAfee LiveSafe™ service

Encryption may sound complicated but it is just a high-tech way of creating a code to protect your information, just as the Greeks did long ago. Now that you know what encryption is, be on the lookout for secure sites that can increase your Internet security.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

Why Should You be Careful When Using Hotspots or Free Wi-Fi?

These days, it’s not uncommon for us to connect to Wi-Fi wherever we go. In fact, we’ve come to expect there will be a Wi-Fi connection—at hotels, coffee shops, airports, and now even on some flights—pretty much everywhere. While the ability to connect just about anywhere is convenient, it also has opened the door for hackers to gain access to our personal information.

If you are using an unsecured connection—in public, at home or in the office—you run the risk of exposing your sensitive data to hackers. While it may seem strange to worry about bad guys snatching our personal information from what seems to be thin air, unfortunately, it’s more common than we think. If they hack the Wi-Fi connection you are using, they can not only see data stored on your computer, but see data you are typing into online sites.

Some hackers specifically search for unsecured wireless connections driving to different areas to find them and sit quietly across the street while accessing all your info. They also will often set up fake free Wi-Fi connections or hotspots specifically aimed to steal your information.

The good news is there are things you can proactively do to help protect yourself when using Wi-Fi connections:

Basic Connection Tips:

Turn off Wi-Fi. When you’re not using your Wi-Fi connection on any of your devices, it’s good practice to turn it off. That way it won’t automatically connect to any Wi-Fi that is in the area. And for your mobile devices, it will help save your battery life since your mobile will not be constantly searching for an available Wi-Fi connection.

Only connect to secure connections and save your sensitive searching for home. Make sure that any network you connect to away from home, such as those in cafes and hotels, are secure. You can tell when a network is not secured because you will see a message when you connect saying that you are “connecting to an unsecured network.” And if you are using an unsecured network, do not shop online or access any of your personal and financial sites.

Only use HTTPS. HTTPS, or hypertext transfer protocol (HTTP) with secure sockets layer (SSL, hence the S after HTTP), is a more secure option set up by a website owner who knows security is essential. Look for “HTTPS://” in the address bar to signify you are on a secure page. Even on an open, unsecured wireless connection, HTTPS is more secure than HTTP.

Tips to Protecting Your Home Wireless Connection:

Password protect your Wi-Fi connection. You can set your router to allow access only to those users who enter the correct password. These passwords are encrypted (scrambled) when they are transmitted so that hackers who try to intercept your connection can’t read the information.

Change the password on your router. Router manufacturers usually assign a default user name and password allowing you to setup and configure the router. Hackers often know these default logins, so it’s important to change the password to something more difficult to crack so your router settings cannot be changed by a hacker.

Change the identifier on your router. Each router is also assigned a default identifier, or Service Set ID (SSID), by its manufacturer. This ID is usually broadcast by the router to announce its presence to any devices in the area. Once again, hackers have done their homework and use default IDs to try to gain access to your network. Your best bet to keeping the bad guys out is changing the identifier to something only you know. For some routers, you can also turn off the broadcasting of this ID, so it can’t be seem by other devices when trying to connect.

Knowing that you could be vulnerable on Wi-Fi connections is a good first step to taking the proper precautions to protect your data and information.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

4 Tactics Cybercriminals Are Using to Steal From Us

Today McAfee Labs™ released the McAfee Threats Report: Second Quarter 2013, which reported that the cybercriminal community is using four main tactics to steal our identities, and our money. As consumers, it’s critical that we are aware of the ways the hackers are trying to attack us and here’s the four main ways:

1. Malicious apps on Android-based mobile devices
2. Infecting websites to distribute malware
3. Holding your devices hostage with ransomware
4. Sending spam promoting fake pharmaceutical drug offers

1. Malicious apps for Android
This quarter nearly 18,000 new Android malware samples were added to the McAfee Labs database. Most of this growth is from malicious apps that are designed to steal your information, spy on your phone activities, or take your money. Halfway through 2013, McAfee Labs has already collected almost as many mobile malware samples as it did in all of 2012.

The motivation for deploying mobile threats is rooted in the inherent value of the information found on mobile devices, including passwords, contacts and access to financial information. You need to be proactive and protect your mobile devices with comprehensive security software and be especially mindful of where you download apps from, and what permissions it is asking to access on your mobile device, before you install them.


2. Infecting websites to distribute malware
McAfee Labs very carefully tracks suspicious websites on an hourly basis. This quarter, they observed a 16% increase in suspicious URLs, bringing the total to nearly 75 million. Adding to the growth from last quarter, cybercriminals are continuing the move to drive-by downloads as their primary means to distribute malware.

96% of these suspicious URLs host malware, exploits, or codes that have been designed specifically to compromise computers. This growth shows that these sites are an easy and successful way for cybercriminals to distribute malware. You should take care to make sure you’re using a safe search tool to visit sites so you know they are safe before you click.

3. Holding your devices hostage with ransomware
Ransomware holds your computer or mobile device and the data on it hostage until you pay to free it. Ransomware is a serious threat and it’s getting worse—McAfee Labs found more than 320,000 new, unique samples this past quarter, more than double from the first quarter of this year.

Anonymous payment methods make this an efficient way for cybercriminals to make money without a lot of implications of being caught. You should always take precautions to back up your valuable data and should not pay the ransom to get your computer “back,” as often times even when the fee is paid, the cybercriminal does not “free” your computer or mobile device.

4. Sending spam promoting fake pharmaceutical drug offers
After almost three years of declining volume, global spam increased this quarter. In April, spam volume surpassed 2 trillion messages, the highest figure since December 2010. A slight decline in May and June still left the count higher than any time since May 2011. More than 5.5 trillion spam messages were delivered this quarter, representing approximately 70% of global email volume.

Pharmaceutical drug offers are one of the top spam subject lines for and compromise anywhere from 17 to 50% of the subject lines depending on the country. To protect yourself from spam, you should make sure your security software includes an anti-spam feature as well as making sure that you don’t open or click on any links in the spam messages.

Just like protecting yourself from crime in the physical world, you need to protect yourself in the digital world. One way to do this is to protect all your devices including PCs, Macs, smartphones and tablets with one solution, McAfee LiveSafe™ service. Of course you should still take care to educate yourself on the latest threats and techniques that cybercriminals use and be suspicious of anything that doesn’t seem right.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

What is a Keylogger?

Whether it is called a keylogger, spyware or monitoring software, it can be the equivalent of digital surveillance, revealing every click and touch, every download and conversation.

A keylogger (short for keystroke logger) is software that tracks or logs the keys struck on your keyboard, typically in a covert manner so that you don’t know that your actions are being monitored. This is usually done with malicious intent to collect your account information, credit card numbers, user names, passwords, and other private data.

Legitimate uses do exist for keyloggers. Parents can monitor their children’s online activity or law enforcement may use it to analyze and track incidents linked to the use of personal computers, and employers can make sure their employees are working instead of surfing the web all day.

Nevertheless, keyloggers can pose a serious threat to users, as they can be used to intercept passwords and other confidential information entered via the keyboard. As a result, cybercriminals can get PIN codes and account numbers for your financial accounts, passwords to your email and social networking accounts and then use this information to take your money, steal your identity and possibly extort information and money from your friends and family.

How would I get a keylogger?

Keyloggers spread in much the same way that other malicious programs spread. Excluding cases where keyloggers are purchased and installed by a jealous spouse or partner, and the use of keyloggers by security services, keyloggers are installed on your system when you open a file attachment that you received via email, text message, P2P networks, instant message or social networks. Keyloggers can also be installed just by you visiting a website if that site is infected.

How do you detect a keylogger?
Keyloggers are tricky to detect. Some signs that you may have a keylogger on your device include: slower performance when web browsing, your mouse or keystrokes pause or don’t show up onscreen as what you are actually typing or if you receive error screens when loading graphics or web pages.

What can you do to protect yourself?

Just as you maintain your own health on a daily basis by eating well-balanced meals, getting plenty of rest and exercising, you must also maintain your computer or mobile device’s health. That means avoiding keyloggers by avoiding actions that could negatively affect your computer, smartphone or tablet, like visiting dangerous websites or downloading infected programs, videos or games. Here are some tips:

Use caution when opening attachments – files received via email, P2P networks, chat, social networks, or even text messages (for mobile devices) can be embedded with malicious software that has a keylogger.

Watch your passwords – Consider using one-time passwords and make sure key sites you log into offer two-step verification. You could also use a password manager like McAfee SafeKey that is available with McAfee LiveSafe™ service, which will automatically remember your user name and passwords, but also prevent keylogging since you are not typing in any information on the site as the password manager will do that for you.

Try an alternative keyboard layout – Most of the keylogger software available is based on the traditional QWERTY layout so if you use a keyboard layout such as DVORAK, the captured keystrokes does not make sense unless converted.

Use a comprehensive security solution – Protect all your devices—PCs, Macs, smartphones and tablets—with a solution like McAfee LiveSafe, that offers antivirus, firewall, as well as identity and data protection.

Robert Siciliano is an Online Security Evangelist to McAfee. Watch him discussing information he found on used electronic devices YouTube. (Disclosures)

Cheating and Bullying: It’s a Bigger Problem than You Think!

The whole purpose of your “youth” is to grow and learn. It’s time to take in lots of information, so ultimately they can evolve, accomplish, and get ahead. However the pressure to grow and climb the ladder of life often leads to unwanted behaviors and actions that lead to significant negative consequences. And with everyone being online these days, it only adds to these consequences.

Technology has really added fuel to the fire for two well-known tween-teenage activities: bullying and cheating. Bullying has moved from the playground to online and cheating has a whole new realm beyond writing information on your hand or arm.

According to McAfee’s 2013 Digital Deception: Exploring the Online Disconnect between Parents and Kids study, children are witnessing bullying online in great numbers and parents are not fully aware of the issues. Additionally, children are continuing to find ways to use technology to cheat, while only half of the parents of cheating kids believed they had done so.


Social media isn’t all fun and games – 89% of all youth (ages 10-23) surveyed say they witnessed mean behavior on Facebook and 40% on Twitter.

Kids don’t outgrow bullying – 17% of children ages 10-12 say they have witnessed mean behavior directed at a classmate or friend online, but that number jumps to 34% for young adults ages 18-23.

Parents don’t know the full extent of the problem – Only 9% of parents believe their child or children have witnessed cruel behavior online; even worse, only 6% think that their son or daughter has been a target of this cyber bullying, when in reality 13% of youth report they have been targeted online.

Peer pressure spreads to the Internet – 4% of youth said they’ve been pressured into bullying someone online.


It’s a bigger problem than you think – More than half of all 13-23 year olds surveyed admitted to looking up the answer to a test or assignment online; only 17% of parents believe their child has done so.

Smartphones are making us dumber – While only 10% of 10-12 year olds said they had cheated on at test using a cell phone, this percentage doubles when looking at 18-23 demographic.

The Internet is teaching kids things you don’t want them to know – Only 2% of parents believe their child has ever cheated on a test using a technique they found online when in reality more than 1 in every 10 youth surveyed admitted to doing so.

Growing up is hard to do – More than a quarter of young adults ages 18-23 cheated with help from technology as opposed to 14% of 10-12 year olds.

So what do we as parents do to help change this negative behaviors? We must stay in-the-know. Since your kids have grown up in an online world, they may be more online savvy than you, but you can’t give up. You must challenge yourselves to become familiar with the complexities of the teen online universe and stay educated on the various devices your teens are using to go online.

Make sure you talk to your kids about Internet safety and what is and is not appropriate behavior online.

Establish clear guidelines that you all agree on including time spent online, and what type of content is ok post online.

Teach your kids to recognize cyberbullying and encourage them to talk to you about it.

Learn what your kids are doing with their mobile devices while they are in and out of school. It may surprise you to know how much time they are spending on them.

Consider using tools to help keep your kids safe online and support family Internet rules. Parental control software such as McAfee Safe Eyes lets you protect your kids from inappropriate sites and stay informed about their online activities.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  (Disclosures)


How the Proliferation of Mobile Devices is Impacting Consumer Security

Mobile technology is the new frontier for fraudsters.

Most of us don’t protect our smartphones or tablets—and the private information they contain—anywhere near as well as we do our wallets and PCs (even though most us would rather lose our wallets vs. our smartphones). Even the simple safeguard of a four-digit password is too much work for 62% of smartphone users, and 32% of users save their login information on their device.* It’s a simple formula for crime: no password + instant access to online accounts = fraud, identity theft and privacy loss. Maybe that’s why mobile phones were targeted in more than 40% of all robberies in New York City and 38% of all robberies in Washington, D.C. last year.**

Even without getting their hands on your device, hackers can get into and remotely control almost any mobile device, and it is frighteningly easy. Malicious software can be disguised as a picture or audio clip. When you click a link or open an attachment, malware installs on your device. Unlike early PC malware, it doesn’t ask your permission, and your device is figuratively in their hands.

How are mobile devices changing the game?

Criminals know that your mobile device is an indispensable extension of your life. Your smartphone or tablet stores some of your most private conversations and confidential information. It is your phonebook, email account, family photo album, social media connection and even your wallet, all rolled into one device. Chances are, if you own a smartphone, it is connected to your money or financial accounts in some way. For many, it’s like your right hand (or, in my case, left hand).

That smartphone is always on and always with you—connecting you to, creating, and storing important and often confidential information. That information has value to other people. Just like on your PC, software can track and record social network activities, online search behavior, chats, instant messages, emails, websites, keystrokes and program usage. It can also record bank account numbers, passwords, answers to security questions, text messages, GPS locations and more.

While it builds on the experiences of the PC, the mobile game is different. It’s more sophisticated because there is more information, and it is more fast-paced and dynamic. Things change, and they aren’t what they appear to be. You need to get out some new tools and learn some new tricks to win this one.

Protecting your devices is essential to protecting your identity. But no longer is it enough to just protect your PC with antivirus; you need to protect all your devices. Invest in a comprehensive security solution like McAfee LiveSafe™ service that includes antivirus but also protects the identity and data of you and your kids on ALL your devices.

* Javelin Strategy and Research, “Identity Fraud Rose 13 Percent in 2011 According to New Javelin Strategy & Research Report”
** http://www.informationweek.com/news/government/mobile/232900070


Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  (Disclosures)

Before You Share, Ask Yourself “Is This TMI?”

Social networks and new online services make it easy to share the details of our lives, perhaps too easily. With just a few clicks, posts and messages, you can give away enough personal information to compromise your privacy and even open yourself up to identity theft.

Hackers use information you post online to try and trick you into giving up access to your email, social networking and financial accounts. And sometimes they can use the information you post online to reset your account passwords so you no longer have access to them as your pet’s name, mother’s maiden name are often the security challenge questions for online sites.

Where you went to elementary school, your favorite food, where you honeymooned, your first grade teacher, father’s middle name, mother’s maiden name, kids names, birth dates, where you vacation, your high school sweetheart, your home phone number, mobile number and even your email address: All this information, believe it or not, unfortunately, is way, way, Too Much Information (TMI).

Not sure if you are guilty of online TMI? Take a look at some of these numbers:

Consumer Reports found that 52% of social network users have posted personal information online that can increase their risk of becoming victim of a cybercrime.

McAfee’s recent study found that 95% of 18-23 year olds believe it is dangerous to post personal or intimate information (social security number, banking information about yourself, who you date, personal activities, etc.) yet 47% of them post this type of information online.1

80% of 18-24 year olds have used their smartphone to send personal or intimate text messages, emails or photos and 40% of them have asked their ex to delete intimate photos or messages and later regret sending those photos or videos.2

78%  of recently jailed burglars admitted they used social networks like Facebook, Twitter, and Foursquare to plan burglaries around their victims’ posted vacation times.3

1 in 3 employers reject applicants based on Facebook posts, according to a survey of 2,300 hiring managers released by CareerBuilder.com.

McAfee found that 20% of 18-24 year olds know someone who has been fired or they themselves were fired because of personal images or messages posted online.

Here are some tips to remember:

Don’t reveal personal information—Seriously consider why it’s needed before you post your address, phone number, Social Security number, or other personal information online.

Manage your privacy settings—At most, only friends you know in real life should be able to see details of your profile.

Change your passwords frequently—In addition to choosing passwords that are difficult to guess (try to make them at least eight characters long and a combination of letters, numbers, and symbols), remember to regularly change your passwords.

Only send personal data over a secure connection—Never shop, bank, or enter passwords or credit card numbers over public Wi-Fi or free hotspots, like in cafes or airports.

Turn off the GPS (Global Positioning Service) function on your smartphone camera—If you are going to be sharing your images online, you don’t want people to know the exact location of where you are.

Consider sharing vacation photos when you’re back home—Sharing photos of your trip and announcing you’re on vacation is fun, but it’s also announcing to would-be thieves that it’s a good time to rob your home.

Remember the Internet is forever—Even if you have the highest privacy settings, it’s good practice to consider anything you do on the Internet as public knowledge, so keep it positive.

Posting personal information and photos on networking sites can be fun and convenient, but it can also lead to identity theft, cyberbullying, or hurtful gossip. What’s more, mistakes and triumphs that used to fade over time in the real world are now archived on online for all to see. In an age when smartphones double as shopping carts, photo albums, and even personal assistants, knowing what personal information you share matters more than ever. Before you post, remember to: Stop. Think. Is this TMI?”

To join the conversation use #IsThisTMI or follow McAfee on Twitter @McAfeeConsumer or Facebook. And help spread the word about TMI by going to www.mcafee.com/TMI and learn how you can be entered to win an Intel-inspired Ultrabook™ or subscriptions to McAfee LiveSafe™ service.

1 TRU and McAfee, Online Safety survey, April 2013

2 MSI and McAfee, Love, Relationships and Technology survey, January 2013
3 http://www.friedland.co.uk/EN-GB/NEWS/Pages/Whats-your-status.aspx
4 MSI and McAfee, Love, Relationships and Technology survey, January 2013


Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  (Disclosures)

Aquaman, King of the Seven Seas May Also be King of Threats

Wonder Twin powers activate! Shape of a Pterodactyl! Form of an icicle! Watching the Super Friends on Saturday mornings in my pjs while eating sugared cereal for breakfast and reading comic books was the extent of my relationship with super heroes. Ahh… those were much simpler times.

Today kids can find everything they need to know (and more) about their favorite superhero online. And with computers, Internet-connected game consoles and mobile devices all readily available, they can access this information at any time. But now searching for these super heroes may not be all that innocent as just looking for fun facts.

With the resurgence of the superheroes into mainstream movies (think Iron Man, Hulk, Captain America to name a few), hackers are leveraging their popularity to target consumers. Hackers are most successful when they can attract a large number of victims. One way to target big crowds online is to track current events—everything from celebrity meltdowns and natural disasters to holidays and popular music—and now, superheroes.

McAfee reveals the top Most Toxic Superheroes (#toxicsuperhero) that result in the greatest number of risky websites when you search for them online. The research found that searching for the latest “Aquaman and free torrent download,” “Aquaman and watch,” “Aquaman and online,” and “Aquaman and free trailer” yields a 18.6% chance of landing on a website that has tested positive for online threats, such as spyware, adware, spam, phishing, viruses and other malware.

The study uses McAfee® SiteAdvisor® site ratings, which indicate which sites are risky to search for celebrity names on the Web and calculate an overall risk percentage. The top Superheroes from the research with the highest percentage of risk are:

Aquaman                   18.60%

Mr. Fantastic            18.22%

The Hulk                    17.30%

Wonder Woman       16.77%

Daredevil                   16.70%

Iron Man                    15.63%

Superman                   15.21%

Thor                            15.10%

Green Lantern          15.00%

Cyclops                       14.40%

Wolverine                   14.27%

Invisible Woman      12.40%

Batman                       12.30%

Captain America        11.77%

Spider-Man                 11.15%

Here’s some tips to help you stay safe while searching online (whether it be from your PC or mobile device):

Be suspicious: If a search turns up a link to free content or too-good-to-be-true offers, be wary

Double-check the web address: Look for misspellings or other clues that the site you are going to may not be safe (for more on this, read my blog on typosquattting)

Search safely: Use a safe search plug-in, such as McAfee SiteAdvisor software that displays a red, yellow, or green ratings in search results, warning you to potential risky sites before you click on them

Protect yourself: Use comprehensive security software on all your devices, like McAfee LiveSafe™,to protect yourself against the latest threats

Broadly speaking, this study confirms that scammers consider popular trends when deciding which victims to target. This makes common sense. If hackers are motivated largely by profit, the biggest profits can be wrung from the largest pools of potential victims. And on the web, popular trends and visitor traffic are highly correlated—so be smart and don’t fall into their trap.

Discuss on Twitter using #toxicsuperhero


Robert Siciliano is an Online Security Evangelist to McAfee. Watch him discussing information he found on used electronic devices YouTube. (Disclosures)

What is Typosquatting?

Typosquatting, also known as URL hijacking, is a form of cybersquatting (sitting on sites under someone else’s brand or copyright) that targets Internet users who incorrectly type a website address into their web browser (e.g., “Gooogle.com” instead of “Google.com”). When users make such a typographical error, they may be led to an alternative website owned by a hacker that is usually designed for malicious purposes.

Hackers often create fake websites that imitate the look and feel of your intended destination so you may not realize you’re at a different site. Sometimes these sites exist to sell products and services that are in direct competition with those sold at the website you had intended to visit, but most often they are intended to steal your personal identifiable information, including credit cards or passwords.

These sites are also dangerous because they could download malicious software to your device simply by visiting the site. So you don’t even need to click on a link or accept a download for dangerous code to install on your computer, smartphone or tablet. This is called a drive-by download and many typosquatters employ this as a way to spread malicious software whose purpose is to steal your personal information.

In some cases, typosquatters employ phishing in order to get you to visit their fake websites. For example, when AnnualCreditReport.com was launched, dozens of similar domain names with intentional typos were purchased, which soon played host to fake websites designed to trick visitors. In cases like this, phishing emails sent by scammers spoofing a legitimate website with a typosquatted domain name make for tasty bait.

In order to protect yourself against typosquatters, I recommend you:

Pay close attention to the spelling of web addresses or websites that look trustworthy but may actually be close imitations of the online retailer you are looking for.

Instead of typing the web address into your computer, make sure you have a safe search tool, like McAfee® SiteAdvisor® which comes with McAfee® LiveSafe™ that provides warning of malicious sites in your browser search results.

Don’t click on links in emails, texts, chat messages or social networking sites.

Invest in a comprehensive security solution like McAfee LiveSafe™ service that protects all your devices, your identity and data.

There are more ways to scam people online than ever before. Your security intelligence is constantly being challenged, and your hardware and software are constant targets so make sure you stay educated and use common sense!

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  (Disclosures)

Connecting the Dots–How Your Digital Life Affects Identity Theft and Financial Loss

You’re on Facebook, LinkedIn and Twitter. You use Gmail, Yahoo! and bank online. You might buy stuff on sites like Amazon and occasionally make purchases from eBay. Sometimes you apply for a loan online and maybe open up a credit card account too. This is all commonplace in today’s digital world.

So how does all this lead to identity theft and financial loss?

With the convenience of the Internet and all the digital devices available to use today—laptops, smartphones, and tablets—we unknowingly provide a lot of information online that could expose us to identity theft. Access to your personal information is what gives hackers the power to tap into your accounts and steal your money or your identity.

Here are some of the ways that hackers use our information against us:

Social media: These sites continue to grow in popularity and you may be putting more information on these sites than you should. Even though you may assume that only people in your personal network can access this information, that’s not always the case.

Email: It’s been said that if you own a person’s email, you own the person. This means that once your email account is hacked, pretty much your entire digital life is up for grabs. So even if you’ve done your due diligence to have all your passwords be different, if your email is hacked and it is associated with your other online accounts, the hacker could simply use a reset password and get access to all your other accounts.

Online shopping: This is another activity where you need to be cautious since hackers can potentially steal your information from an unsecured or phony site. If you’re on a phony site, you are giving your information directly to the hacker or you could be on a site that is automatically downloading malware to your device that could do things like track every site you visit and everything you type on your keyboard and send that to a hacker.

Wireless networking—Even if you are being cautious with our online activities, hackers can still grab your information if you aren’t smart when using Wi-Fi connections. That’s why when you’re using those free hotspot connections in cafes or airports, it’s important for you not to access your banking or personal sites as the transmission of data is not secure.

There are many ways to skin a cat, as they say (a rather morbid expression), but having your identity stolen and losing money is unfortunately too easy when your information is spread so thin. So it’s not enough to just sit back and hope you aren’t hacked. The fact is you need to up your security intelligence and invest in additional layers of security.

All of these scams prey on your trust and on your personal information, so follow these basic steps to protect yourself:

Click with caution: Be careful when clicking on links in emails, texts, social media posts, and instant messages, especially if they are from people you don’t know.

Be careful what you share: Think about what you post online—is that thing you so badly you want to share something you’re ok with your grandmother or an employer seeing? If not, then don’t post it. In fact, you should consider anything posted on the Internet as something written in permanent pen, not pencil—as in, it’s there forever.

Use common sense: Follow the old caveats about not clicking on links in emails, texts, social media posts, and instant messages from people you don’t know, and always exercise caution when it comes to sharing any sensitive information.

Educate yourself: Keep up to date about the latest scams and tricks hackers use to grab your information so you can avoid potential attacks.

Use comprehensive protection: Because there are a variety of ways in which hackers can access your information, you need to make sure that you employ a comprehensive security solution like McAfee LiveSafe™ service that protects all your devices, your identity and your data.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  (Disclosures)