How to keep your Kids safe Online

Every parent should know all the ways they can keep their kids safe in the online world. In McAfee’s 2013 study, Digital Deception: Exploring the Online Disconnect between Parents and Kids it was found that:7W

  • 86% of kids think social sites are safe and post personal information such as their email addresses (50%) and phone numbers (32%)
  • 48% have looked at content their parents would disapprove of
  • 29% of teens access pirated illegal digital media
  • 12% of teens met a stranger online and then in the physical world
  • 54% of kids say their parents aren’t involved in their digital lives at all
  • 42% say their parents simply don’t care what they are doing online
  • 17% of parents believe the online world is as dangerous as the offline world
  • 74% of parents have thrown in the towel and are exhausted with their kids digital lives.

That last stat isn’t just scary, it’s sad. Because protecting your kids online isn’t an option, it’s a requirement. This isn’t a technology issue, it’s a parenting issue. And parent who say “I give up” are giving up on protecting their children from harm.

Here’s a basic road map of what to be aware of:

Dirty sites. This just doesn’t mean a porn site that a teen decides to check out after accidentally stumbling upon it. There are sites that promote weapons, drugs, school cheating, even how to starve down to dangerously low body weight.

Harmful contacts. Your child can be in contact with anybody in the world, without you even knowing it, and this contact may be a pedophile building up trust in your child—a trust that leads to an in-person meeting.

Information overload. Do your kids know what and what not to blab about in the cyber world? Going away on vacation soon? The whole world may find out (and the whole world includes burglars) after your chatty kid tells all on Facebook.

Sitting sickness. Sitting at the computer for hours on end not only can interfere with sleep and disrupt alertness the following school day, but excessive sitting can result in weight gain and bad posture, plus proneness to snacking on junk food.

Online bullying. Yes, words (even typed) really CAN hit harder than a fist. Cyberbullying leaves marks that are just as invasive as a swollen black eye.

Pirated content. If your kid has no money, but tons of digital files like movies and music, he may be a pirate. Law suits are being filed against parents who don’t take control of their kids online activities.

Hacking. Today kids are either hacking other or being hacked themselves. Knowing what your kids are doing and how to protect your devices is essential.

What can parents do?

Treat your kids as you’d want them to be treated. This includes online. Lay down specific rules regarding computer use and where they can visit online. Instruct your kids to promptly report any threatening or insulting online behavior.

Consider installing parental control software. A parental control program in its fundamental form will allow a parent to decide which category of sites are off-limits and how much time a child can spend online. The software is designed to prevent the child from disabling it. McAfee Family Protection allows parents access from any PC.

Parental controls also come in hardware form, but can’t provide more sophisticated control. Parental control apps exist for mobiles, yielding stronger control than software that’s filtered at the router level. Apps are available for Android, iOS or both.

What’s illegal for your boss at work to do to you is perfectly legal for you to do to your kids: use spyware to track their keystrokes, take screenshots, snag passwords, etc. Spector Pro and PC Pandora are examples. However, for most kids, this level of control isn’t necessary. But they’re invaluable if a troubled child may be interacting with a pedophile, or if your very curious child is just plain rebellious.

Install security software. It’s not enough to have antivirus, antispyware, antiphising and a firewall. You must also protect all wireless communications with Hotspot Shield VPN which locks down their devices Wifi preventing hacks.

Know who they are communicating with. At any given point and time it should be required that parent can check devices and openly discuss any conversations being had. If the parent can’t meet the person or the persons parents, then the child shouldn’t be talk talking to them.

Require device and account passwords. No matter where they go online or whatever devices they own, the parent should have full access at all times.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

6 ways College Grads can Protect Online Reputations

Here’s what you, the new college grad, can do to clean up and protect your reputation in the online world.

14DThese days, it’s crucial for college grads seeking jobs to have an online reputation that’s as clean as a whistle. I’m an online-security and ID theft expert, so trust me when I say that yes, employers DO take into account what you did at that party during your sophomore year.

How College Grads Can Clean up Their Online Reputation

A prospective employer will likely Google your name, then read the sites it’s on. And don’t assume that you’re protected by a “Joe Smith” kind of name. An astute employer will find the right Joe Smith.

One of the first things a new college grad should do, to prepare for a job interview, is to prepare for what the person hiring is likely to do (either before or after the interview): look you up online.

Find out what people are saying about you in cyberspace. Use a tool like Google Alerts, Tops, Social Mention and Sysmosys, among others. Monitor these on a daily basis.

If your own search turns up nothing bad about you on Facebook, Twitter, YouTube, LinkedIn and other biggies, this doesn’t mean nothing bad exists. Go deeper into the search results. Type in your middle name or just initial, or some associative fact like hometown name, to see if that alters results.

Cleaning up your online reputation, then, begins with seeing if it needs to be cleaned up in the first place. This is more important for a college grad than, say, getting that perfect manicure for job interviews or that perfect hair tinting job.

The prospective employer these days may be more interested in what your name pulls up in search engines than how perfectly coordinated your shoes are with your power suit.

Being digitally proactive keeps your online presence clean.

  1. Digital security is a must. We’ve all read about politicians, celebrities, news organizations and major corporations who’ve been hacked and negative stuff was posted from their accounts. Even when you regain control of your hacked account those unwanted posts can leave searchable breadcrumbs.  Make sure your devices are protected with antivirus, antispyware, antiphishing and a firewall. Secure free Wifi connections with Hotspot Shield VPN.
  2. New college grads should invest time picking apart their Facebook page and any other kind of social media where they have the ability to change what’s on it. Delete anything relating to drinking, sex, drugs, being tired all the time, political and religious views, use of offensive words, anything that fails to benefit your reputation online.
  3. Even a comment like “Old people are bad drivers” can kill your chances of landing a job. Think before you post.
  4. Unfortunately, if someone has posted something negative about you on their blog, there’s nothing you can do unless you want to pay something like $2,000 to hire a company to knock negative Google results deep into the search pages (a prospective employer probably will not go past a few pages deep once they locate information about you). But paying someone is a viable option you should consider.
  5. A college grad can protect their online reputation by never using their name when signing up for a forum board where they may make posts that, to a prospective employer, make the job seeker look bad. If you want to post on the comments page for Fox Sports, for instance, don’t use your real name.
  6. Don’t even use your real name for signing onto support sites for medical conditions, for that matter. You just never know what may rub a prospective employer the wrong way.

The college grad’s reputation needs to appear as perfect and “pure” as possible in the online world.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Heartbleed: Free Tool To Check if That Site is Safe

I’m sure you’ve heard the news about Heartbleed by now (unless you’re in vacation wonderland and have taken a tech break). This is a serious vulnerability in the core of the Internet and is something we all should be concerned about.

heartbleedHeartbleed is a kink in encryption software, discovered by security researchers. It is a vulnerability in OpenSSL and could affect nearly two-thirds of websites online. If exploited, it can leak out your passwords and login names, thus putting your personal information at risk.

That’s why McAfee, part of Intel Security, is responding to the dangerous Heartbleed vulnerability by releasing a free tool to help consumers determine if a website they visit is safe or not. You can access the tool, here: http://tif.mcafee.com/heartbleedtest

McAfee’s Heartbleed Checker tool works by entering any website name to find out if the website is currently vulnerable to Heartbleed.

Steps to protect yourself:

  • Go to McAfee’s Heartbleed Checker tool http://tif.mcafee.com/heartbleedtest and enter any website URL to check if it’s vulnerable.
  • If the site is deemed safe your next step would be to change your password for that site. Remember, changing your password before a site is patched will not protect you and your information.
  • If the site is vulnerable, then your best bet is to monitor the activity on that account frequently looking for unauthorized activity.

Once a site has been patched so it’s no longer vulnerable to the Heartbleed bug, you should change your password. Here’s some tips to remember:

  • Use strong passwords that include a combination of letters, numbers and symbols and are longer than 8 characters in length – heck the longer the better. Below is a good animation on how to create a strong password.
  • Use a password manager, like McAfee SafeKey which is included with McAfee LiveSafe™ service that will help you create strong password and remember them for you.
  • Use two-factor authentication for increased security. You get a one-time code every time someone tries to log into the account, such as those for banks, social networks and email.

Heartbleed aside, passwords are more vulnerable than ever, and just in general, should be changed every 90 days for important accounts. And remember, if your information was exposed, this is a good time to watch out for phishing scams.

A phishing scam is a ploy that tricks you into entering sensitive data, like usernames, passwords and bank account information, by emulating a familiar website.  And if your information is compromised, even if it’s just your email address, scammers could use this to try and get your other sensitive information.

Remember, in this day and age, we all need to be vigilant about protecting ourselves online.

Stay safe!

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! See him knock’em dead in this identity theft prevention video. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247

VPN for Online Security: Hotspot Shield

Online users need a VPN (virtual private network), a kind of service that gives you online security, and Hotspot Shield’s service has a free version. A VPN hides your device’s IP address and interferes with any company trying to track your browsing patterns.

7WMany online companies take peoples’ data without their authorization, and then share it with other entities—again without the user’s permission. A virtual private network will put a stop to this invasion.

Thanks to the fiasco with Edward Snowden and the political messes happening in Venezuela and other parts of the world, many people are turning to VPN services like Hotspot Shield. When you surf the ‘Net on a public network (including using social media), your personal information is up for grabs in the air by vultures.

Why is VPN online security important?

Your personal data is out there literally in the air, to get mopped up by Internet entities wanting your money—or oppressive governments just wanting to snoop or even block internet access to the rest of the world. If you use your device when traveling, you’re at particular risk for suffering some kind of data breach or device infection.

The unprotected public networks of hotel, airport and coffee house Wi-Fis mean open season for crooks and snoops hunting for unprotected data transmissions. The VPN protects these transmissions of data.

In fact, Hotspot Shield was used to escape the prying of government online censors during the Arab Spring uprisings. This VPN has been downloaded hundreds and hundreds of thousands of times.

This VPN service comes with periodic pop-up ads and some banner ads for the free version, but the $30 per year version is free of ads and has malware protection.

What else does a VPN like Hotspot Shield do?

Users are protected from cookies that track where the users visit online. If your online visits are getting tracked, this information can be used against you by lawyers and insurance companies. And who knows what else could happen when tech giants out there know your every cyber move.

More on Hotspot Shield’s VPN

  • Compresses bandwidths. All the traffic on the server side, before it’s sent to the user’s device, is compressed. This way users can stretch data plans.
  • Security. All of your online sessions are encrypted: HTTPS (note the “S”) is implemented for any site you visit including banking sites. You’re protected from those non-secure Wi-Fi networks and malware.
  • Access. Think of the protection as a steel tunnel through which you access the Internet.
  • Privacy. Your IP address is masked, and so is your identity, from tracking cookies.

Hotspot Shield is compatible with iOS, Android, Mac and PC. It runs in the background once it’s installed and guards all of your applications.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

McAfee Labs 2014 Predictions

As we wind down the year, it’s a time to reflect, but also to look forward. Some of us may be thinking about resolutions and what we need to do in the upcoming year—exercise more, eat better, have better work/life balance, etc. Others of us will be thinking about how we’re going to ring in the New Year.

This time of year the McAfee Labs™ team is busy looking at what the new threats are going to be and what are new trends they expect to see. Today they released their 2014 Threat Predictions, and here’s what they believe will be in store for us:

Mobile Malware

While this is not new, this category of malware is growing like wildfire and McAfee Labs sees no slow down on this in 2014. And besides continued growth in this category (mostly on the Android platform), they believe that some  types of mobile attacks will become prevalent.

One of these growing attacks is ransomware targeting mobile devices. Once the cybercriminal has control of your device, they will hold your data “hostage” until you pay money (whether that’s conventional or virtual, like Bitcoin) to the perpetrator. But as with traditional ransomware, there’s no guarantee that you really will get your data back.

Other mobile tactics that will increase include exploiting the use of the Near Field Communications (NFC) feature (this lets consumers simply “tap and pay,” or make purchases using close-range wireless communications), now on many Android devices, to corrupt valid apps and steal data without being detected.

Virtual Currencies

While the growth of Bitcoin and other virtual currencies is helping promote economic activity, it also provides cybercriminals using ransomware attacks with a perfect system to collect money from their victims. Historically, payments made from ransomware have been subject to law enforcement actions via the payment processors, but since virtual currency is not regulated and anonymous, this makes it much easier for the hackers to get away with their attacks.

Attacks via Social Networking Sites

We’ve already seen the use of social networks to spread malware and phishing attacks. With the large number of users on Facebook, Twitter, Instagram and the likes, the use of these sites to deliver attacks will continue to grow.

In 2014, McAfee Labs also expects to see attacks that leverage specific features of these social networking sites, like Facebook’s open graph. These features will be exploited to find out more information about your friends, location or personal info and then be used for phishing or real-world crimes.

The other form of social attacks in 2014 will be what McAfee Labs calls “false flag” attacks. These attacks trick consumers by using an “urgent” request to reset one’s password. If you fall for this, your username and password will be stolen, paving the way for collection of your personal information and friend information by the hacker.

2014ThreatPredictions

Here’s some security resolutions to help you stay safe online in 2014:

  • Strengthen your passwords: If you’re still using easy to remember passwords that include your home address and pet’s name, it’s time to get serious about creating strong passwords that are at least eight characters long, and a combination of numbers, letters and symbols. Don’t include any personal information that can be guessed by hackers.
  • Don’t open or click on suspicious emails, text or links: By simply opening an email with a piece of ransomware within it you could be leaving your devices vulnerable to hijacking.
  • Be aware when downloading apps: Since apps are the main way mobile malware is spread today, make sure to do your research before downloading any app and only download from reputable app stores.
  • Limit your use of NFC, Wi-Fi and Bluetooth: If your phone has NFC capabilities, you may be unaware of default settings. Turning this feature off, as well as turning off Bluetooth and Wi-Fi connections, will not only help you save battery life on your devices, but prevent attacks from hackers looking to exploit your wireless connections.
  • Check your bank statements and mobile charges regularly: This way, you can discover and report any suspicious charges
  • Install comprehensive security on all your devices: With the growing amount of threats that we’re seeing, you want to make sure that your all your devices (not just your PC) are protected. Consider installing security software such as McAfee LiveSafe™ service that protects your data, identity and all your devices (PCs, Macs, smartphones and tablets).

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

12 Ways to hide Online

If you feel paranoid about online surveillance, there are ways you can significantly shrink your cyber presence so that it’s more difficult and expensive for anyone and even big intelligent agencies to monitor your online activities.

2P1. End-to end Encryption

This tactic encrypts your data from the beginning point of communication to the receiving end. The tool of choice for you and your message-recipients to install is OTR (off-the-record) messaging. This start-to-finish encryption will keep snoopers in the dark.

2. Maximal Encryption

If you can’t do end-to-end, at least encrypt as many communications as possible. This can be done with EFF’s HTTPS Everywhere browser add-on for Firefox or Chrome. It maximizes amount of data that you protect by making Web sites encrypt Web pages when possible. Encrypt your USB flash drive with TrueCrypt.

3. Encrypt Hard Drive

Latest versions of Macs, Windows, Android and iOS have ways to encrypt local storage. Turn this on so that anyone who uses your computer can’t copy its contents.

4. Strong & long Passwords

Forget short, easy to remember passwords like the name of your pet. Make them very long—all passwords. A password manager will eliminate having to remember a bunch of super long passwords. Diceware.com will help you create an unforgettable, strong master password.

5. Virtual private network software

Unencrypted data is highly vulnerable to prying eyes. Use a virtual private network (VPN); this ensures that all online transactions (e.g., filling out forms, downloading, shopping) are secured through HTTPS.

Hotspot Shield VPN is free and reliable, available for Mac, PC, Android and iPhone. This service also encrypts all mobile data and protects the user’s identity. VPNs can also be used for visiting sites you don’t trust much.

6. Use Tor

Installation and use of Tor will conceal your origins from mass and corporate surveillance. Giants like the NSA do not like Tor, and there’s a reason for that; it works.

7. Two-step authentication

This involves typing in a password and then a routinely altered confirmation number to protect against attacks on cloud and Web services.

8. Never click Attachments
Your computer can be hijacked when you click on a link sent via e-mail—a link accompanied by a hyped up message that’s designed to get you emotional rather than logical. Tell your friends and family to send you information in text whenever possible. If they must send a file, double check that it’s really from them.

9. Don’t open Emails with a blank Subject Line

An e-mail with a blank subject line may be an innocent lapse in judgment from a person you know, but the blank subject line is also a possible sign of a virus attack waiting for you if you open the e-mail.

If you receive blank subject lines apparently from someone you know, send a message to the sender by creating a new message and asking if they just sent something. Require everyone you know to fill in the subject line.

10. Anti-virus, updated software

Make sure your computer has anti-virus software and that it’s always kept up-to-date.

11. Be an ally
Teach others all you know about hiding online. Even install for others tools like Tor. Ask them to sign up for Stop Watching Us to guard against mass spying. Throw a “cryptoparty.”

12. Offline data

Keep your most secret data written down in a notebook and place where nobody would think to search for it.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Holiday Shopping: Beware of Unethical Online Merchants

We have all encountered a sales clerk who was rude, a customer service representative who was incompetent and an online purchase that went south. Even I’ve been scammed out of an entire order and spent dozens of hours trying to get a return on another.

But when it comes to outrageous and shocking, including threats of violence and outright fraud, this story takes the cake.  An online merchant based in Brooklyn New York retailing designer sunglasses, some counterfeit and some real, thrives on bad customer service, over charging, making threats, stalking and abusing clients into giving up the fight over what’s right.

The merchant prides himself on getting negative feedback on consumer advocacy and review sites such as Get Satisfaction, ComplaintsBoard.comConsumerAffairs.com, RipoffReport.com, Yelp and Epinions.

He thrives on – for example “DO NOT ORDER ANYTHING FROM THIS COMPANY. This has been the most horrific experience EVER. I have extensive knowledge of website management and customer service, and they pretty much break every rule imagined. They are a total scam

The strategy of negativity gets this merchants website ranked high on search when listed with all the different opinion sites. Google and other search engines often rank a website to show on the first page of search based on how many links point to it from other prominent sites. So even though all the negative links are pointing to the unethical site from opinion sites, it still ranks on the first page of search helping its sales.

Beware of making purchases on any website based on how they rank in search. Even a first page organic hit can lead to a scammy company.

Learn from others bad experiences. ALWAYS search “Name Of Company” in Google before you make a purchase. The review sites almost always show on the first page of search when “Name Of Company” has been blacklisted.

More on THIS STORY.

Robert Siciliano personal security expert to Home Security Source discussing scammers and thieves on The Big Idea with Donnie Deutsch.