Posts

7 Safety tips on the Mobile Internet

It’s time to know all the ways you can make sure you’re safe when in mobile space to prevent identity theft.
1W

  1. It’s 10 pm; do know where the malware is? Malware is stealthy and hides in places you least expect, like search engines, tech-related sites, entertainment sites and web ads. Malware can even be waiting for you when you download what seems to be an innocent app for your favorite game. In fact, gaming and gambling sites are common targets, as are search engines—and these threats aren’t going to disappear too soon. Install antivirus especially on Android phones.
  2. Beware of peeping toms. That is, someone peering over your shoulder to catch you typing in a password. Mobile devices don’t mask passwords with those big dots like a laptop or desktop will. That snooping thief is hoping to get a glimpse of your password. Consider sitting against a wall when using your mobile in public. Cover your device with your other hand when entering PINs
  3. Click with discretion. The mobile webscape is replete with juicy-looking items to click: promotions, ads, weblinks…and it’s pretty much impossible to tell the legit ones from the fraudulent ones. Even the URL can’t indicate this. Scam offers can look legit and trick you into clicks. Don’t let the menagerie of all that stuff to click on overwhelm you. Don’t visit anyplace you’re not sure of.
  4. Don’t get reeled in by phishing e-mails. What should you do if you get an e-mail from eBay or something like that, requesting you click a link to update your credit card information because suspension of your account is imminent? Don’t open. Delete.
  5. Credit card companies, the IRS, banks, etc., will never contact you via e-mail and request your private information. Other scams take the form of announcements you’ve won money, your password has been compromised, or some other emotional message. Make a habit of never even opening these.
  6. Stay with app stores. The mobile webscape is cluttered with enticing offers of free downloads. A minority are fraudulent and it’s impossible to tell which are which. Never download from mobile-only sites or those crammed with ads. Download only from app stores you trust.
  7. No “Jailbreaking or “rooting”. These terms refer to installing software that will break down the walled gardens of your iPhone or Android. Once you do this you oprn the devices up to malware.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Avoid Risky Web Searching on a Mobile Device

The mobile web can be a minefield of malicious links luring you to click so bad guys can infect your device. Search engines do their best to filter out these sites, but nefarious criminals have found ways to get their scammy pages to the top of search results through a process called black hat search engine optimization.

Criminals create fake websites and then use the same techniques as legitimate online businesses do regarding search engine optimization, marketing and online advertising. They use keywords to boost rankings on internet search engines, causing their fake websites to appear alongside legitimate ones.

It is also much harder to tell if a URL is legitimate since due to the limited screen space, mobile browsers especially often truncate web addresses. Also, if you’re clicking on a link to a site from an email you received, it’s hard to see the full sender’s email address; this makes it hard for you to know whether it’s coming from a fake person or company. Finally, the “hover over” option that many of us use to preview URLs on computers doesn’t work yet on most touch screen mobile devices.

Wireless internet also contributes to risky web searching. Unsecured, unprotected, unencrypted and sometimes shared wireless internet communications over WiFi in your home, office or any publicly connected WiFi (such as at a coffee shop, airport or hotel) are vulnerable to sniffers.

On wireless connections that aren’t properly secured—such as public ones—your best line of defense is to use a virtual private network software that protects your identity by ensuring that all web transactions (shopping, filling out forms, downloads) are secured through HTTPS. Hotspot Shield VPN is a good one to use. It’s secure, free to you (supported by ads) and available for PC, Mac, iPhone and Android.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

How do I shop with my mobile securely?

To stay safe while mobile shopping:

Go big. Do your online business with major retailers, or those you already know, like, and trust. The chances of a major online retailer stiffing you, or of their database being compromised, are slimmer than those of an unknown.

Do your homework. If you search for a particular product and wind up at an unfamiliar website, do some research on the retailer before putting down your credit card number. Search for the company’s name and web address to see if there have been complaints.

Don’t give out more personal data than necessary. Many retailers require your name, address, phone number, and credit card information. This is normal. But if you are asked for anything beyond that, like bank account numbers or your Social Security number, run hard and fast.

Vary your passwords. Often, online retailers will ask you to register with their website when you make your first purchase. Never register using the same password you’ve already used for another website. Otherwise, if one website is hacked, your password could be used to infiltrate your other accounts.

Use HTTPS sites. Websites that have a secure checkout process—with “https://” in the web address (as opposed to “http://”)—are safer because they encrypt the transaction against interception by thieves.

Keep mobile security software current. The latest security software, web browser, and operating system are the best defenses against viruses, malware, and other online threats.

Automate software updates. Many software programs can update automatically to defend against known risks. If this is an available option, be sure to turn it on.

Use a free VPN for Wi-Fi security like Hotspot Shield. Itcreates a virtual private network (VPN) between your laptop or iPhone and our Internet gateway. This impenetrable tunnel prevents snoopers, hackers and ISPs from viewing your web browsing activities, instant messages, downloads, credit card information or anything else you send over the network.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures

Maximizing the Use and Efficiency of Your Mobile Device

Time isn’t just money. Time is what you spend with your family, on a vacation or watching a kid’s dance recital. Time can be gained or lost based on how efficiently or inefficiently you use and implement mobile technology.

First and foremost, your mobile phone is a communication tool. It should be set up to access and communicate with everyone in your life that you depend on and who depends on you.

Contacts: There are apps built into all devices that store your contacts’ names, addresses, phone numbers and email addresses, and you really should make sure all these points of data are entered and backed up. Google’s Gmail Contacts is one way to have all your contacts backed up and in sync with your device. It baffles me whenever I text someone and the person responds, “Who is this? I lost my phone and my address book.” Gmail backs up automatically from your desktop or your mobile device.

Calendar: Every device has a built-in calendar. Again, I prefer Google Calendar. I can set appointments from my desktop or device, and every appointment has a set of alerts to remind me one to two days and then two to eight hours ahead of time. I get lots of pings and beeps as reminders, but with a busy life, I need that extra bit of reminding.

Docs: Yes, I use Google Docs too. There are dozens of documents I need access to wherever I am. I have yet to find a more efficient program than Google Docs to safely store and access my documents right on my mobile.

Google Chrome browser: The beauty of this browser on your desktop and on your mobile device is in that you can access whatever tabs you have open on your desktop from your mobile and vice versa.

All this works just as well on a tablet as on iOS and Android. Thank you for saving me time and making life more efficient, Google. Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures

What Threats Are Unique To My Mobile Device?

Imagine your body being targeted by 75 million viruses. That is exactly what’s happening to your digital devices and mobile devices are being targeted like never before. Mobile smartphone and tablets are being targeted in record numbers.

Android has become the most popular platform for new malware, and in McAfee’s Second Quarter Threats Report, was targeted exclusively by all new forms of mobile malware. The Symbian OS (for Nokia handsets) remains the platform with the all-time greatest number of viruses, but Android is the main target for hackers now.

With the increase in mobile malware, it’s always a good idea to stay educated on how you could be exposed. And there are some things to be aware of that are unique threats to your mobile device such as:

QR Code Scams
QR code infections are relatively new. A QR scamworks because, as with a shortened URL, the link destination is obscured by the link itself. Once scanned, a QR code may link to a malicious website or download an unwanted application or mobile virus.It’s a good idea to refrain from clicking QR codes from unfamiliar sources. Stick to codes provided by known advertisers or vendors, as these are least likely to be infected.

SMiShing
SMiShing is a version of phishingin which scammers send text messages rather than emails, which appear to have been sent by a legitimate, trusted organization and request that you click on a link or provide credentials in a text message reply. The term is a condensed way of referring to “short message service phishing,” or “SMS phishing.”Once you understand how it works, you are better positioned to recognize SMiShing, and to avoid clicking links within text messages or otherwise responding to such ruses.

Premium SMS fraud
McAfee Labs™ reports one of the simplest ways to generate profit from malware attacks on mobile devices is to place a call or send texts to pay-for premium numbers. If this activity is infrequent (for example, only once a week during the night) and concealed (by erasing the logs and using the hiding capabilities of rootkits), then it may go unnoticed for a long time.The key property to this malware’s popularity is the software’s ability to covertly send messages. In this case, Android is more risky than iOS because in Android permissions are assigned once at installation and cannot be dynamically controlled.

Jailbreaking or Rooting
Jailbreaking is the process of removing the limitations imposed by Apple and associated carriers on devices running the iOS. To ”jailbreak” means to allows the phones owner to gain full root access to the OS and access all its features. Similar to jailbreaking, “rooting” is the term involving the process of removing the limitations on any mobile or tablet running the Android operating system.Jailbroken and rooted phones are much more susceptible to viruses and malware because users can avoid Apple and Google application vetting processes that help ensure users download virus-free apps.

Expect more scams and more scam warnings directed toward your mobile devices going forward. As mobile cybercrime evolves and criminals begin to make some money, they will have the resources to hire crackerjack programmers to do their deeds. The time is now to secure your devices.

Robert Siciliano is an Online Security Evangelist to McAfee. Watch him discussing information he found on used electronic devices YouTube. (Disclosures)

Mobile Device Security in a BYOD World

In the real world there is little difference between an employer’s issued device and a personal mobile device. The most important difference should be that a digital device issued by your employer requires and should have a “company mobile liability policy”. Businesses generally provide and pay for employee mobile devices, and also strictly dictate what you can or cannot do on the device. For IT security reasons, the employer may have remote capabilities to monitor activity and in the event of loss or employee termination wipe the data.

Mobile device security policies” are for the BYOD or “Bring Your Own Device” employees. The employee may pay for the device and its monthly plan and has also imposed security restrictions and limitations on employees who use their personal devices at work.  If you choose to use your personal device for employment purposes at any time for any reason then your employer may take control over that device to protect themselves. In a company mobile liability policy, the employer often has remote capabilities to monitor activity and in the event of loss or employee termination wipe the data.

A recent study shows less than 10% of people BYOD employees auto lock their tablets and people were more security-savvy about their smartphones, with 25% locking.

Most employee issued mobile management software will require the device to be locked and the password to be changed quarterly. These mobile device security programs tell you in the terms and conditions that the contents on the device is subject to being monitored and at any time the device can be wiped by the employer.

The employer is liable for potentially lost data on your mobile. So, to maintain security in a BYOD world, plan on giving up some liberties.

Robert Siciliano personal and small business security specialist toADT Small Business Security discussing ADT Pulse on Fox News. Disclosures

What Are The Risks Of A Lost Or Stolen Mobile Device?

Have you ever thought about what would happen if you lost your mobile phone? These days we rely on our mobile phones more than ever. For a lot of us, it can also be a nightmare if it’s lost, stolen or hacked, especially since today it’s become our most personal computer,

But despite the fact that 1/2 of of us would rather lose our wallet than our mobile phone, only 4% of us have taken steps to protect our mobile device with security.

For most of us, our first reaction when we lose our wallet is I have to cancel my credits cards, get a new license, etc. When we lose our phones, we think about the pain and cost of replacing the device. But that’s just the tip of the iceberg.

We don’t realize that our photos, emails, text messages and our apps can be an open door for thieves into our personal information, privacy and financial accounts.

And the time to replace your smartphone and its contents can consume as much as 18 hours of your life.

Mobile devices are on the move, meaning they can more easily be lost or stolen and their screens and keyboards are easier targets for “over the shoulder” browsing.

Below is an infographic that shows why you should protect your smartphone and some tips to protect you and your device.

 

Take time to protect your mobile device. Here’s some tips to keep your mobile safe:

Never leave your phone unattended in a public place

Put a password on your mobile and set it to auto-lock after a certain period of time.

If you use online banking and shopping sites, always log out and don’t select the “remember me” function

Use mobile device protection that provides anti-theft which can backup and restore the information on your phone, as well as remotely locate it and wipe data in the case of loss or theft, as well as antivirus and web and app protection.

Robert Siciliano is an Online Security Evangelist to McAfee. Watch him discussing information he found on used electronic devices YouTube. (Disclosures)

Watch for New Attacks Aimed at Mobile Devices

A mobile device is an indispensible extension of your life, containing some of your most private conversations and confidential information. It’s your phone book, email, photo album, social life, and even your wallet, all rolled into one device. Chances are if you own a smartphone or tablet, it is connected to your money or financial accounts. For many, it’s like a right hand (or in my case, left hand), so it’s essential to secure your device and the information it holds.

The phone is moving in to replace the PC for the next generation. Carriers are increasing network speeds, cutting download time in half, and new phones have capacities of up to 64 GB ¾ that’s more hard drive space than my three-year-old laptop.

Software application developers are responding to this shift by focusing primarily on mobile devices, with PCs demoted to a secondary consideration. And as with any major transition to a new technology, the uncertainty and newness fosters a perfect opportunity for scammers to launch attacks.

In McAfee Labs’ report, “Securing Mobile Devices: Present and Future,” Dr. Igor Muttik states, “Despite steady progress in securing desktop computers—using safer hardware, operating systems, and applications—malware is not going extinct. With today’s explosive proliferation of smartphones, tablet computers, and other mobile devices, we have to wonder whether our pocket devices can also be secured. We might assume from our extensive knowledge in protecting desktop computers that the new wave of mobile hardware should be relatively secure because we shall benefit from the lessons we have already learned.” But so far, many have neglected to consider the security of their mobile devices.

As new tablets and smartphones are released, along with thousands of new mobile applications, hackers are working to create bugs and viruses that modify the legitimate software industry’s processes. The burgeoning ubiquity of these mobile devices offers criminals the same sorts of possibilities today that they found in PCs several years ago.

Only download mobile payment applications from a reputable app store. Check user reviews of the app and make sure to read to app’s privacy policy on what data of yours it is accessing and sharing.

Don’t do any mobile transactions over unsecured Wi-Fi connection. It’s much more secure to use your mobile data network.

Keep your mobile software current. This includes the latest updates for your operating system, mobile browser and mobile security software

Robert Siciliano, personal security expert contributor to Just Ask Gemalto. Disclosures


Safe Searching on Your Mobile Device

The web and especially the mobile web can be a minefield of malicious links luring you to click, so bad guys can infect your device. Search engines do their best to filter these sites out but nefarious criminals have found ways to get their scammy pages to the top of search through a process called “Blackhat search engine optimization.”

Criminals create fake websites and then use the same techniques as legitimate online businesses regarding search engine optimization, marketing, and online advertising. They use keywords to boost rankings on Internet search engines, causing their spoofed websites to appear alongside legitimate websites.

It is also much harder to tell if a URL is legitimate since due to the limited screen space, mobile browsers often truncate web addresses. Also, if you’re clicking on a link to a site from an email you received, it’s hard to see the full email sender’s email address making it hard for you to know if it’s coming from a fake person or company.

That’s why going it alone in search isn’t a good idea. Just like it is essential to have antivirus, antispyware, antiphishing and a firewall on your PC, it is equally essential to have protection on your mobile. McAfee Mobile Security provides comprehensive mobile security that includes antivirus, anti-theft, app protection, web protection and call and text filtering.

Web protection comes with McAfee Mobile Security and protects you from potential phishing sites, browser exploits, malicious links within text messages, email, social networking sites, and QR codes. WithMcAfee blocking risky links at the places you visit, you now can click, search and surf worry free. These site ratings are based on tests conducted by McAfee using an army of computers that look for all kinds of threats. ―

To help yourself stay protected you should:

Always double-check the web address of a site when doing a search on your mobile phone

Never click on a link in an unsolicited email or text message

If you land on a site that contains poor grammar, misspellings, and low-resolution pictures be
very suspicious

Rather than doing a search for your bank’s website, type in the correct address to avoid running
into any phony sites, or use your bank’s official app

Monitor your monthly bills to make sure there are no suspicious charges

Use comprehensive mobile security like McAfee Mobile Security

Of course, just using common sense and taking the time to closely check the links and messages you receive will go a long way in increasing your mobile security. Remember, if something doesn’t feel right proceed with caution.

Robert Siciliano is an Online Security Evangelist to McAfee. Watch him discussing information he found on used electronic devices YouTube. (Disclosures)