June Was National Internet Safety Month

The Internet is an indispensable tool that citizens, corporations and governments all over the world have come to rely on. There are tremendous benefits to the World Wide Web including: having the information highway at your fingertips, being able to find and purchase products and services from anywhere, working from home, connecting with distant friends and family and saving time by conducting various transactions right from your couch.

The problem of course, is that all these conveniences have led to gaping security holes that allow criminals from all over the world to compromise your computer and various accounts which of course leads to identity theft and financial loss.  Even scarier is when criminal predators use the Internet to exploit children in various ways.

What this means is that all of us need to increase our security intelligence by understanding what to look out for and what systems need to be put in place so we can reap the benefits of the Internet safely and securely.

Since June is Internet Safety Month, it’s a good time to review essentials that all of us should be aware of every day.

Protect your personal information. Don’t give out personal data unless it is a trusted source requesting it and a secure site accepting it.

Look for httpS in the address bar when you are shopping online or on a site where you are entering personal information.

Update your browser with the latest version and use the highest security settings.

Update all your devices’ operating systems whenever a new version or critical security patch is available.

Beware of requests coming in via email asking you to update personal information. It’s best to go directly to sites instead of clicking on links in emails, or text messages.

Teach your children the “rules of the road” for the Internet and make sure they understand what is and isn’t acceptable online.

Think before you post online. It’s always good to use this rule of thumb—everything you post online is public and available forever—even if you use the highest security and privacy settings.

Keep your devices updated with the latest version of antivirus, anti-spyware and anti-phishing and make sure to have a 2-way firewall.

And remember, if something sounds too good to be true—it usually is, so don’t fall for the scam.

We can all do our part to stay safe and be better digital citizens by staying educated on the latest threats and scams.

Robert Siciliano is an Online Security Expert to McAfee. Watch him discussing information he found on used electronic devices YouTube. (Disclosures)

On July 9th Millions May Lose Access To Internet

As reported in March, the FBI has uncovered a network of rogue DNS servers and has taken steps to disable them. DNS (Domain Name System) is an Internet service that converts user-friendly domain names into the numerical Internet protocol (IP) addresses that computers use to talk to each other.

When you enter a domain name, such as www.fbi.gov, in your browser address bar, your computer contacts DNS servers to determine the IP address for the website. Your computer then uses this IP address to locate and connect to the website.

DNSChanger is malicious software created by cybercriminals to redirect the Internet traffic of millions of unsuspecting users to websites where the thieves have profited from advertisements. All computers still infected with DNSChanger malware will no longer be able to access websites, email, chat, or social networking sites like Facebook after July 9th.

Most of us will have a difficult time manually changing these settings on our own. To help with this, McAfee has released a free tool to you find out if you are infected or not.

To see if you are infected with the DNSChanger virus visit http://www.siteadvisor.com/dns_checker.html then click on the “Check Now” button. If your computer is fine, you will receive a green check message and if your computer is infected you will see a red X mark. You can then download a free update to clean up your PC and restore your Internet settings.

It is quite possible that if your computer is infected with this malware, it may also be infected with other malware. To protect yourself you should:

 Make sure your PC has comprehensive protection with antivirus, antispyware, anti-phishing, antispam and a firewall

Set up regular updates of your operating system so you get critical security patches and keep your browser updated too

Be cautious of clicking links in the body of an email

Stay safe!

Robert Siciliano is an Online Security Evangelist to McAfee. Watch him discussing information he found on used electronic devices YouTube. (Disclosures)

Using Tech Support to Set Up Your New Devices

There are some things in life that require a “professional” to get the job done properly. You wouldn’t let your cousin Larry who’s a landscaper reset a broken bone in your hand right? You can certainly go to a hardware store and buy all the wood to build a deck, but just because you know how to swing a hammer doesn’t mean the deck will be safe, or even up to code.

Frankly, I’m a big time “DIY” or Do it Yourselfer” and take on most tasks myself. However, some things I know are beyond my expertise and I usually hire someone to do those tasks. So even though painting my house is a relatively simple task, I hire someone because they often get it done faster, better and cheaper than I can do it myself.

With technology I hire out for many tasks because some things can be done much better and more efficiently by a recognized expert. When I first started computing in the early 90’s I was on the phone with tech support all the time and learned an awful lot from these experts. Just figuring out how to use your new device can be challenging. So why not leave the process of getting your new devices to work with your existing ones, setting up connections, printers, etc. to someone else?

Consider getting help with tedious tasks such as:

Configuring your device out of the box

Customizing your desktop, screensaver, icons, profile picture, folders and tasks

Setting up your browser, homepage, bookmarks, and optimize the security settings

Creating user accounts

Installing all your software

Setting up printers and scanners

Configuring your email

One thing I learned is that even though I have a general working knowledge of technology, like painting, sometimes it’s easier to have the experts do the job. You’ll save yourself a ton of time and reduce headaches over the life of the device if you hire a professional to walk you through setting it up. Check out McAfee TechMaster Services which can help you with all this and more!

Robert Siciliano is an Online Security Evangelist to McAfee. Watch him discussing information he found on used electronic devices YouTube. (Disclosures)

How Does Jailbreaking Or Rooting Affect My Mobile Device Security?

You may have heard the term jailbreaking or rooting in regards to your mobile phone, but what is this and what does it really mean for you?

Jailbreaking is the process of removing the limitations imposed by Apple and associated carriers on devices running the iOS operating system. To “jailbreak” means to allow the phone’s owner to gain full access to the root of the operating system and access all the features. Similar to jailbreaking, “rooting” is the term for the process of removing the limitations on a mobile or tablet running the Android operating system.

Jailbroken phones came into the mainstream when Apple first released their iPhone and it was only on AT&T’s network. Users who wanted to use an iPhone with other carriers were not able to unless they had a jailbroken iPhone.

By hacking your device, you can potentially open security holes that may have not been readily apparent, or undermine the device’s built-in security measures. Jailbroken and rooted phones are much more susceptible to viruses and malware because users can avoid Apple and Google application vetting processes that help ensure users download virus-free apps.

It is inevitable that over the next few years, as millions of smartphones replace handhelds, laptops, and desktop PCs, and billions of applications are downloaded—risks of mobile crime will rise. Not only do you need to stay educated about the latest threat and scams, you should also make sure you havecomprehensive mobile security installed on your mobile device.

And remember, jailbreaking or rooting your mobile device can open you up to security risks that don’t make it worth doing so.

Robert Siciliano is an Online Security Evangelist to McAfee. Watch him discussing information he found on used electronic devices YouTube. (Disclosures)

Is There A Risk With Using My Personal Device For Work?

The day after you get your shiny new mobile or tablet, chances are you’ll take it right to work and request the IT department to set it up with your work email and allow access to the company network. “Bring your own device” (BYOD) has become widely adopted to refer to workers bringing their personal mobile devices, such as smartphones, tablets and PDAs, into the workplace for use and connectivity.

Many of us need a mobile device for work and personal use and don’t want to carry two separate devices, but this can cause security challenges for the company. If you lose your mobile device while on vacation, let your kid download an app which infects your phone and starts spamming your address book, or someone accesses your company email while you’re using a public Wi-Fi connection, this can have big implications for your company in terms of a data breach, loss of intellectual property, public embarrassment and annoyance.

That’s why mobile security should be a priority for both you and your employer. As an increasing number of companies agree to this, they are also requiring you to agree to their terms as well. So you should expect to have to comply with some things like:

You may required to download and install a security and monitoring app that can’t be removed. This app may have a certificate authenticating you and the device to connect to the company network and run company programs.

The installed app will likely provide your company with the ability to remotely control your mobile at some level. I wouldn’t be concerned about this unless of course you’re not abiding by the agreement you signed.

At a minimum, expect the application to have the ability to locate your mobile via the phone’s GPS if it’s lost or stolen, as well as an autolock functionality requiring you to lock your phone locally after 1-5 minutes of downtime. Also, your employer will likely be able to wipe your mobile of any and all data..

Because your employer is liable for potentially lost data, if you BYOD, plan on giving up some liberties.

Robert Siciliano is an Online Security Evangelist to McAfee. Watch him discussing information he found on used electronic devices YouTube. (Disclosures)

Safe Searching on Your Mobile Device

The web and especially the mobile web can be a minefield of malicious links luring you to click, so bad guys can infect your device. Search engines do their best to filter these sites out but nefarious criminals have found ways to get their scammy pages to the top of search through a process called “Blackhat search engine optimization.”

Criminals create fake websites and then use the same techniques as legitimate online businesses regarding search engine optimization, marketing, and online advertising. They use keywords to boost rankings on Internet search engines, causing their spoofed websites to appear alongside legitimate websites.

It is also much harder to tell if a URL is legitimate since due to the limited screen space, mobile browsers often truncate web addresses. Also, if you’re clicking on a link to a site from an email you received, it’s hard to see the full email sender’s email address making it hard for you to know if it’s coming from a fake person or company.

That’s why going it alone in search isn’t a good idea. Just like it is essential to have antivirus, antispyware, antiphishing and a firewall on your PC, it is equally essential to have protection on your mobile. McAfee Mobile Security provides comprehensive mobile security that includes antivirus, anti-theft, app protection, web protection and call and text filtering.

Web protection comes with McAfee Mobile Security and protects you from potential phishing sites, browser exploits, malicious links within text messages, email, social networking sites, and QR codes. WithMcAfee blocking risky links at the places you visit, you now can click, search and surf worry free. These site ratings are based on tests conducted by McAfee using an army of computers that look for all kinds of threats. ―

To help yourself stay protected you should:

Always double-check the web address of a site when doing a search on your mobile phone

Never click on a link in an unsolicited email or text message

If you land on a site that contains poor grammar, misspellings, and low-resolution pictures be
very suspicious

Rather than doing a search for your bank’s website, type in the correct address to avoid running
into any phony sites, or use your bank’s official app

Monitor your monthly bills to make sure there are no suspicious charges

Use comprehensive mobile security like McAfee Mobile Security

Of course, just using common sense and taking the time to closely check the links and messages you receive will go a long way in increasing your mobile security. Remember, if something doesn’t feel right proceed with caution.

Robert Siciliano is an Online Security Evangelist to McAfee. Watch him discussing information he found on used electronic devices YouTube. (Disclosures)

Are Tablets Just As Vulnerable As Mobile Phones?

With unit sales of smartphones and tablets eclipsing those of desktop and notebook PCs, cybercriminals will continue setting their sights on mobile, and increased mobile Internet use will continue exacerbating security and data breach issues.

McAfee Labs™ points out today’s tablets are more powerful than notebooks were just a few years ago. Although their lack of real keyboards makes them unsuitable for many tasks (editing texts, programming, and design), they are very suitable for browsing the Web, which today is a primary source of malware.

You do need to view tablet computers separately from mobile phones. Tablets mainly differ in the size of the screen, but they share the same software, operating systems, and processors so their security concerns are nearly identical. About the only difference is that some tablets can use USB devices, which increases the attack surface of such devices.

And because like our mobile phone, tablets tend to be portable and one of our most personal computing devices, you need to take steps to protect it. Many of the best practices you use on your computer can be transferred to your tablet.

To help ensure that your tablet is protected, you should:

Always password protect your device and set it to auto-lock after a certain period of time to increase your mobile security

Never leave your tablet unattended in a public place

Don’t click on links on emails and text messages from people you don’t know

Even if you know the company or person, use a browser to search for a link or use the company’s official app to navigate to the site

Always double-check the web address of a site when doing a search on your mobile phone.

If you use online banking and shopping sites, always log out and don’t select the “remember me” function

Before downloading a third-party app, check other users’ reviews to see if it is safe, and read the app’s privacy policy to make sure that it is not sharing your personal information

Use comprehensive mobile security software like McAfee Mobile Security which include antivirus, anti-theft, web protection, privacy protection and call and text filtering. If you have multiple notebooks, netbooks, smartphone and tablets, McAfee All Access provides security for all your devices and helps keep all your stuff safe whenever and wherever you connect.

Robert Siciliano is an Online Security Evangelist to McAfee. Watch him discussing information he found on used electronic devices YouTube. (Disclosures)

Mobile Wallets—How I Make Mobile Payments Securely

Some say there will be a day when the wallet you carry in your pocket or purse will become obsolete. The plan is to eliminate all our credit cards, store cards, and IDs and use our mobile phones as our primary means of commerce and identification. The technology behind mobile wallet or mobile POS (point of sale) basically turns your smartphone into a smart debit or credit card. Soon you will be able to pay for almost anything via your mobile device.

When mobile wallets and mPOS become more common, thieves will certainly look for ways to empty them. For instance, it’s possible for attackers to use technologies that allow them to “eavesdrop” on your payments or steal and transmit your credentials by extending the range of the wireless signal. Your data may also be manipulated or corrupted by an attacker.

So how do I conduct safe mobile payments?

Pay attention to your credit card statements to check that you are paying for what you actually purchased.

Only download mobile payment applications from a reputable app store. Check user reviews of the app and make sure to read to app’s privacy policy on what data of yours it is accessing and sharing.

Don’t do any mobile transactions over unsecured Wi-Fi connection. It’s much more secure to use your mobile data network.

Keep your mobile software current. This includes the latest updates for your operating system, mobile browser and mobile security software like McAfee Mobile Security.

Using your phone to pay for things simply by tapping it or swiping it at a store’s checkout terminal may sound like a convenience of the future, but it’s already here and you need to be prepared for this.

 

Robert Siciliano is an Online Security Evangelist to McAfee. Watch him discussing information he found on used electronic devices YouTube. (Disclosures)

What Does It Take To Be Digitally Secure?

Let’s get one thing straight: it’s no longer possible to deny that your life in the physical world and your digital life are one and the same. Meaning, while you are present here on the ground, you also exist online, whether you know it or like it or not. Coming to terms with this reality will help you make better decisions in many aspects of your life.

Get device savvy – Whether you’re using a laptop, desktop, Mac, tablet, or smartphone, learn about it. No excuses! No more, “My kids know more than I do,” or, “All I know how to do is push that button-thingy.” Take the time to learn enough about your devices to wear them out or outgrow them.

Get social – One of the best ways to get savvy is to get social. By using your devices to communicate with the people in your life, you inevitably learn the hardware and software. Keep in mind that “getting social” doesn’t entail exposing all your deepest, darkest secrets, or even telling the world you just ate a tuna sandwich. You should think about what you post on social networks—don’t put anything on there that you wouldn’t want anyone you see. A good rule of thumb to follow is to be aware of all the information you have available online, and consider everything you post as public, even if you are using the strongest privacy settings available.

Manage your online reputation – Whether you are socially active or not, or whether you have a website or not, there are plenty of websites that know who you are, and either mention you or are listing your information in some fashion. Google yourself and see what’s being said. Developing your online persona through social media and blogging will help you establish and maintain a strong online presence in your voice. And don’t let others use your name on a site—go ahead and secure your identity on a site, even if you don’t actively use it so someone else can’t take your identity and pose as you.

Get secure – There are more ways to scam people online than ever before. Your security intelligence is constantly being challenged, and your hardware and software are constant targets. Make sure you invest in software to protect all your devices—not just your PCs. With the power of smartphones, tablets and notebooks, it is critical to protect all these devices, not just your home computer. Software like McAfee All Access can provide a complete solution for protecting all your devices including PCs, Macs, smartphones and tablets as well as providing protection for your kids online.

Digital devices are a reality for most of us and while they provide a myriad of conveniences, they could also open us up to potential risks. By taking just a few simple precautions you can keep yourself safe online.

Robert Siciliano is an Online Security Evangelist to McAfee. Watch him discussing information he found on used electronic devices YouTube. (Disclosures)

How Do I Protect Myself When Using Wi-Fi?

Wi-Fi is everywhere. Whether you travel for business or simply need Internet access while out and about, your options are plentiful. You can sign on at airports, hotels, coffee shops, fast food restaurants, and now, even airplanes.

Wi-Fi wasn’t born to be secure; it was born to be convenient. Wireless networks broadcast messages using radio and are therefore more susceptible to eavesdropping than wired networks.

Today, with criminal hackers as sophisticated as ever, if you are using an open unsecured network on your mobile device, you risk exposing your data. There are many ways for hackers to see who’s connected on a wireless connection, and to gain access to your information including passwords, emails, and all the data on your device.

To protect yourself and your data when using Wi-Fi, you should:

Turn it off: the most secure Wi-Fi is one that is turned off. Disabling the Wi-Fi signal on your device prevents anyone from seeing your device and prevents your mobile from randomly connecting to just any available Wi-Fi.

Limit your use of hotspots: When you’re away from your home or work network, use a 3G or 4G data connection instead since most mobile phone providers encrypt the traffic between cell towers and your device.

Use a Wi-Fi connection is protected: Make sure you don’t see the message you are “connecting to an unsecured network.” You may also need a password or code to get access to the Wi-Fi connection.

Use a VPN: a Virtual Private Network (VPN) is one set up with encryption to protect your data from unauthorized access. A VPN may be available through your workplace or at home. A quick search in your mobiles application store will quickly result in numerous free and paid apps to go online in a VPN.

Only use https: Hypertext transfer Protocol (http) with Secure Sockets Layer (SSL, hence the S) is a more secure option set up by a website that knows security is essential. Look for https:// in the address bar signifying it’s a secure page. Even on an open unsecure wireless connection https is more secure.

If you do use public Wi-Fi, make sure not shop online or access your personal and financial sites. And remember to keep in mind that potentially anything you are doing online can be accessed by someone.

Robert Siciliano is an Online Security Evangelist to McAfee. See him on Anderson Cooper discussing mobile security and identity theft(Disclosures)