Radhika Sarang – McAfee Blogs https://www.mcafee.com/blogs Securing Tomorrow. Today. Tue, 11 Feb 2020 23:41:42 +0000 en-US hourly 1 https://wordpress.org/?v=5.4.1 https://www.mcafee.com/wp-content/uploads/2018/11/cropped-favicon-32x32.png Radhika Sarang – McAfee Blogs https://www.mcafee.com/blogs 32 32 How to Build Your 5G Preparedness Toolkit https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/5g-preparedness-toolkit/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/5g-preparedness-toolkit/#respond Thu, 15 Aug 2019 13:00:51 +0000 https://securingtomorrow.mcafee.com/?p=96418

5G has been nearly a decade in the making but has really dominated the mobile conversation in the last year or so. This isn’t surprising considering the potential benefits this new type of network will provide to organizations and users alike. However, just like with any new technological advancement, there are a lot of questions […]

The post How to Build Your 5G Preparedness Toolkit appeared first on McAfee Blogs.

]]>

5G has been nearly a decade in the making but has really dominated the mobile conversation in the last year or so. This isn’t surprising considering the potential benefits this new type of network will provide to organizations and users alike. However, just like with any new technological advancement, there are a lot of questions being asked and uncertainties being raised around accessibility, as well as cybersecurity. The introduction of this next-generation network could bring more avenues for potential cyberthreats, potentially increasing the likelihood of denial-of-service, or DDoS, attacks due to the sheer number of connected devices. However, as valid as these concerns may be, we may be getting a bit ahead of ourselves here. While 5G has gone from an idea to a reality in a short amount of time for a handful of cities, these advancements haven’t happened without a series of setbacks and speedbumps.

In April 2019, Verizon was the first to launch a next-generation network, with other cellular carriers following closely behind. While a technological milestone in and of itself, some 5G networks are only available in select cities, even limited to just specific parts of the city. Beyond the not-so widespread availability of 5G, internet speeds of the network have performed at a multitude of levels depending on the cellular carrier. Even if users are located in a 5G-enabled area, if they are without a 5G-enabled phone they will not be able to access all the benefits the network provides. These three factors – user location, network limitation of certain wireless carriers, and availability of 5G-enabled smartphones – must align for users to take full advantage of this exciting innovation.

While there is still a lot of uncertainty surrounding the future of 5G, as well as what cyberthreats may emerge as a result of its rollout, there are a few things users can do to prepare for the transition. To get your cybersecurity priorities in order, take a look at our 5G preparedness toolkit to ensure you’re prepared when the nationwide roll-out happens:

  • Follow the news. Since the announcement of a 5G enabled network, stories surrounding the network’s development and updates have been at the forefront of the technology conversation. Be sure to read up on all the latest to ensure you are well-informed to make decisions about whether 5G is something you want to be a part of now or in the future.
  • Do your research. With new 5G-enabled smartphones about to hit the market, ensure you pick the right one for you, as well as one that aligns with your cybersecurity priorities. The right decision for you might be to keep your 4G-enabled phone while the kinks and vulnerabilities of 5G get worked out. Just be sure that you are fully informed before making the switch and that all of your devices are protected.
  • Be sure to update your IoT devices factory settings. 5G will enable more and more IoT products to come online, and most of these connected products aren’t necessarily designed to be “security first.” A device may be vulnerable as soon as the box is opened, and many cybercriminals know how to get into vulnerable IoT devices via default settings. By changing the factory settings, you can instantly upgrade your device’s security and ensure your home network is secure.
  • Add an extra layer of security.As mentioned, with 5G creating more avenues for potential cyberthreats, it is a good idea to invest in comprehensive mobile security to apply to all of your devices to stay secure while on-the-go or at home.

Interested in learning more about IoT and mobile security trends and information? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post How to Build Your 5G Preparedness Toolkit appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/5g-preparedness-toolkit/feed/ 0
School of Cyberthreats: 3 Attacks Impacting Today’s Schools https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/cybercriminals-target-educational-institutions/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/cybercriminals-target-educational-institutions/#respond Tue, 23 Jul 2019 18:55:52 +0000 https://securingtomorrow.mcafee.com/?p=96017

Educational institutions are data-rich gold mines. From student and employee records to sensitive financial information, schools contain a plethora of data that can be obtained by cybercriminals rather easily due to lack of security protocols. This fact has cybercriminals pivoting their strategies, leading to a recent uptick in attacks on the education sector in the […]

The post School of Cyberthreats: 3 Attacks Impacting Today’s Schools appeared first on McAfee Blogs.

]]>

Educational institutions are data-rich gold mines. From student and employee records to sensitive financial information, schools contain a plethora of data that can be obtained by cybercriminals rather easily due to lack of security protocols. This fact has cybercriminals pivoting their strategies, leading to a recent uptick in attacks on the education sector in the United States and around the world. In fact, there are three main threats impacting schools — data breaches, phishing, and ransomware. Let’s take a look at each of these threats, how cybercriminals have executed them, and the precautions students can take in the future.

Data Breaches

Nearly half of the cyberattacks that impacted schools in 2018 were data breaches, which occur when an unauthorized, third-party gains access to a school’s network. From there, cybercriminals gain access to a host of private information on employees and students, including names, dates of birth, addresses, phone numbers, email addresses, and Social Security numbers. After an attack of this nature occurs, educational institutions reassess their current cybersecurity strategy. This usually entails revisiting privacy settings and reviewing all security protocols. 

Phishing

Even the savviest email user can fall for a phishing scheme. These types of schemes usually entail tricking teachers or students out of private information or money. When cybercriminals send emails with fraudulent links, unsuspecting users click on that link because the web address is usually only off by one or two letters. Once the scammer has been given access through the malicious link, they get to work obtaining private information contained on the device. Using this data, they can enact further schemes. There have even been cases of cybercriminals impersonating deans or teachers asking for gift cards, which is a type of spear-phishing where scammers take the information they have obtained about a victim and use it to their advantage. The good news? Users can prevent against these sneaky attacks by staying vigilant and applying security best practices.

Ransomware

When ransomware hits, schools don’t really have a lot of options. If they have data backups in place, then they don’t have to pay the ransom, otherwise educational institutions have no choice but to completely shut down. Considering how much technology has been integrated into classrooms, this isn’t surprising. A ransomware attack usually occurs when a school district’s system is infiltrated by a virus intending to bring operations to a halt. Cybercriminals hold systems hostage for a certain amount of money or ransom until the district decides to pay. The data that is held can range from a variety of things – lesson plans, financial information, personal employee and student records. There aren’t many ways for schools to bypass these types of attacks unless they are prepared beforehand. One way to be prepared is to back up files in multiple places, such as an external hard drive or cloud.

With the uptick in overall cyberthreats against schools, more and more educational institutions need to put protocols into place to avoid the multitude of ever-growing threats. However, students can do their part in prioritizing cybersecurity by following these tips to ensure personal data is secure:

  1. Watch what you are clicking. Phishing schemes are becoming craftier. A too good to be true study guide or deal on a textbook might end in a compromised system. It is always best to check directly with the source of the email or link before handing over money or data.
  2. Make sure you recognize the sender. When responding to a message, first check to see if you recognize the sender’s name and email address. If it looks strange, ignore the message. If you are unsure, check with the sender in person.
  3. Never reuse passwords. Many users reuse the same passwords or slight variations of it, across all of their accounts. That means if a hacker uncovers one password, all other accounts are put at risk. So, it is crucial to use different passcodes to ensure hackers cannot obtain access to all of your accounts.
  4. Stay on a secure network. If you connect to public Wi-Fi, be sure the network is secure. If it is not, consider using a virtual private network (VPN).
  5. Install security software on all devices. Security doesn’t begin or end with personal computers. All devices need to be protected with comprehensive security software, including mobile devices and tablets.
  6. Make sure all device software is up-to-date. This is one of the easiest and best ways to secure devices against threats, as developers are constantly releasing patches for vulnerabilities and flaws.

And as always, if you are interested in learning more about IoT and mobile security trends and information, follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post School of Cyberthreats: 3 Attacks Impacting Today’s Schools appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/cybercriminals-target-educational-institutions/feed/ 0
Evolved IoT Linux Worm Targets Users’ Devices https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/evolution-of-iot-linux-worm/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/evolution-of-iot-linux-worm/#respond Tue, 09 Jul 2019 13:00:19 +0000 https://securingtomorrow.mcafee.com/?p=95814

Since the early ‘90s, Linux has been a cornerstone of computer operating systems. Today, Linux is everywhere — from smartphones and streaming devices to smart cars and refrigerators. This operating system has been historically less susceptible to malware, unlike its contemporaries such as Windows or Mac OS. However, the widespread adoption of IoT devices has […]

The post Evolved IoT Linux Worm Targets Users’ Devices appeared first on McAfee Blogs.

]]>

Since the early ‘90s, Linux has been a cornerstone of computer operating systems. Today, Linux is everywhere — from smartphones and streaming devices to smart cars and refrigerators. This operating system has been historically less susceptible to malware, unlike its contemporaries such as Windows or Mac OS. However, the widespread adoption of IoT devices has changed that, as security vulnerabilities within Linux have been found over time. These flaws have been both examined by researchers in order to make repairs and also exploited by hackers in order to cause disruption.

As recently as last month, a new strain of a Linux bricking worm appeared, targeting IoT devices– like tablets, wearables, and other multimedia players. A bricking worm is a type of malware that aims to permanently disable the system it infects. This particular strain, dubbed Silex, was able to break the operating systems of at least 4,000 devices. By targeting unsecured IoT devices running on Linux, or Unix configurations, the malware went to work. It quickly rendered devices unusable by trashing device storage, as well as removing firewalls and other network configurations. With this threat, many users will initially think their IoT device is broken, when really it is momentarily infected. To resolve the issue, users must manually download and reinstall the device’s firmware, which can be a time consuming and difficult task. And while this incident is now resolved, Silex serves as a cautionary tale to users and manufacturers alike as IoT devices continue to proliferate almost every aspect of everyday life.

With an estimated 75.4 billion IoT connected devices installed worldwide by 2025, it’s important for users to remain focused on securing all their devices. Consider these tips to up your personal device security:

  • Keep your security software up-to-date. Software and firmware patches are always being released by companies. These updates are made to combat newly discovered vulnerabilities, so be sure to update every time you’re prompted to.
  • Pay attention to the news. With more and more information coming out around vulnerabilities and flaws, companies are more frequently sending out updates for IoT devices. While these should come to you automatically, be sure to pay attention to what is going on in the space of IoT security to ensure you’re always in the know.
  • Change your device’s factory security settings. When it comes to IoT products, many manufacturers aren’t thinking “security first.” A device may be vulnerable as soon as the box is opened, and many cybercriminals know how to get into vulnerable IoT devices via default settings. By changing the factory settings, you are instantly upgrading your device’s security.
  • Use best practices for linked accounts. If you connect a service that leverages a credit card, protect that linked service account with strong passwords and two-factor authentication (2FA) where possible. In addition, pay attention to notification emails, especially those regarding new orders for goods or services. If you notice suspicious activity, act accordingly.
  • Set up a separate IoT network. Consider setting up a second network for your IoT devices that doesn’t share access with your other devices and data. You can check your router manufacturer’s website to learn how. You may also want to add another network for guests and their devices.
  • Get security at the start. Lastly, consider getting a router with built-in security features to make it easier to protect all the devices in your home from one place.

Interested in learning more about IoT and mobile security trends and information? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post Evolved IoT Linux Worm Targets Users’ Devices appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/evolution-of-iot-linux-worm/feed/ 0
Catch a Ride Via Wearable https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/catch-a-ride-wearable/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/catch-a-ride-wearable/#respond Tue, 25 Jun 2019 22:44:00 +0000 https://securingtomorrow.mcafee.com/?p=95717

More often than not, commuters and travelers alike want to get to their destination quickly and easily. The advent of wearable payments helps make this a reality, as passengers don’t have to pull out a wallet or phone to pay for entry. Adding to that, users are quickly adopting wearable technology that has this payment […]

The post Catch a Ride Via Wearable appeared first on McAfee Blogs.

]]>

More often than not, commuters and travelers alike want to get to their destination quickly and easily. The advent of wearable payments helps make this a reality, as passengers don’t have to pull out a wallet or phone to pay for entry. Adding to that, users are quickly adopting wearable technology that has this payment technology embedded, causing transportation systems to take notice and adopt corresponding technology as a result. Unfortunately, there’s a chance this rapid adoption may catch the eye of cybercriminals as well.

Just last month, the New York City Subway system introduced turnstiles that open with a simple wave of a wearable, like an Apple Watch or Fitbit. Wearables may provide convenience and ease, but they also provide an open door to cybercriminals. With more connections to secure, there are more vectors for vulnerabilities and potential cyberthreats. This is especially the case with wearables, which often don’t have security built-in from the start.

App developers and manufacturers are hard-pressed to keep up with innovation, so security isn’t always top of mind, which puts user data at risk. As one of the most valuable things cybercriminals can get ahold of, the data stored on wearables can be used for a variety of purposes. These threats include phishing, gaining access to online accounts, or transferring money illegally. While the possibility of these threats looms, the adoption of wearables shows no sign of slowing down, with an estimated 1.1 billion in use by 2022. This means developers, manufacturers, and users need to work together in order to keep these handy gadgets secure and cybercriminals out.

Both consumers and transport systems need to be cautious of how wearables can be used to help, or hinder, us in the near future. Rest assured, even if cybercriminals utilize this technology, McAfee’s security strategy will continue to keep pace with the ever-changing threat landscape. In the meantime, consider these tips to stay secure while traveling to your destination:

  • Always keep your software and apps up-to-date.It’s a best practice to update software and apps when prompted to help fix vulnerabilities when they’re found.
  • Add an extra layer of security. Since wearables connect to smartphones, if it becomes infected, there is a good chance the connected smartphone will be impacted as well. Invest in comprehensive mobile security to apply to your mobile devices to stay secure while on-the-go.
  • Clear your data cache. As previously mentioned, wearables hold a lot of data. Be sure to clear your cache every so often to ensure it doesn’t fall into the wrong hands.
  • Avoid storing critical information. Social Security Numbers (SSN), bank account numbers, and addresses do not need to be stored on your wearable. And if you’re making an online purchase, do so on a laptop with a secure connection.
  • Connect to public Wi-Fi with caution. Cybercriminals can use unsecured public Wi-Fi as a foothold into a wearable. If you need to connect to public Wi-Fi, use a virtual private network, or VPN, to stay secure.

Interested in learning more about IoT and mobile security trends and information? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post Catch a Ride Via Wearable appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/catch-a-ride-wearable/feed/ 0
Say So Long to Robocalls https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/so-long-robocalls/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/so-long-robocalls/#respond Tue, 11 Jun 2019 13:00:54 +0000 https://securingtomorrow.mcafee.com/?p=95470

For as long as you’ve had a phone, you’ve probably experienced in one form or another a robocall. These days it seems like they are only becoming more prevalent too. In fact, it was recently reported that robocall scams surged to 85 million globally, up 325% from 2017. While these scams vary by country, the […]

The post Say So Long to Robocalls appeared first on McAfee Blogs.

]]>

For as long as you’ve had a phone, you’ve probably experienced in one form or another a robocall. These days it seems like they are only becoming more prevalent too. In fact, it was recently reported that robocall scams surged to 85 million globally, up 325% from 2017. While these scams vary by country, the most common type features the impersonation of legitimate organizations — like global tech companies, big banks, or the IRS — with the goal of acquiring user data and money. When a robocall hits, users need to be careful to ensure their personal information is protected.

It’s almost impossible not to feel anxious when receiving a robocall. Whether the calls are just annoying, or a cybercriminal uses the call to scam consumers out of cash or information, this scheme is a big headache for all. To combat robocalls, there has been an uptick in apps and government intervention dedicated to fighting this ever-present annoyance. Unfortunately, things don’t seem to be getting better — while some savvy users are successful at avoiding these schemes, there are still plenty of other vulnerable targets.

Falling into a cybercriminal’s robocall trap can happen for a few reasons. First off, many users don’t know that if they answer a robocall, they may trigger more as a result. That’s because, once a user answers, hackers know there is someone on the other end of the phone line and they have an incentive to keep calling. Cybercriminals also have the ability to spoof numbers, mimic voices, and provide “concrete” background information that makes them sound legitimate. Lastly, it might surprise you to learn that robocalls are actually perfectly legal. It starts to become a grey area, however, when calls come through from predatory callers who are operating on a not-so-legal basis.

While government agencies, like the Federal Communications Commission and Federal Trade Commission, do their part to curb robocalls, the fight to stop robocalls is far from over, and more can always be done. Here are some proactive ways you can say so long to pesky scammers calling your phone.

  1. There’s an app for that. Consider downloading the app Robokiller that will stop robocalls before you even pick up. The app’s block list is constantly updating, so you’re protected.
  2. Let unknown calls go to voicemail. Unless you recognize the number, don’t answer your phone.
  3. Never share personal details over the phone. Unfortunately, there’s a chance that cybercriminals may have previously obtained some of your personal information from other sources to bolster their scheme. However, do not provide any further personal or financial information over the phone, like SSNs or credit card information.
  4. Register for the FCC’s “Do Not Call” list. This can help keep you protected from cybercriminals and telemarketers alike by keeping your number off of their lists.
  5. Consider a comprehensive mobile security platform. Utilize the call blocker capability feature from McAfee Mobile Security. This tool can help reduce the number of calls that come through.

Interested in learning more about IoT and mobile security trends and information? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post Say So Long to Robocalls appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/so-long-robocalls/feed/ 0
3 Things You Need to Know About Summer Cybersecurity https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/summer-travel-security-tips-2019/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/summer-travel-security-tips-2019/#respond Wed, 22 May 2019 19:43:22 +0000 https://securingtomorrow.mcafee.com/?p=95304 summer screen time

The summer season is quickly approaching. Users will take to the skies, roads, and oceans to travel throughout the world for a fun family adventure. But just because users take time off doesn’t mean that their security should. So, with the season’s arrival, we decided to conduct a survey so to better understand users’ cybersecurity […]

The post 3 Things You Need to Know About Summer Cybersecurity appeared first on McAfee Blogs.

]]>
summer screen time

The summer season is quickly approaching. Users will take to the skies, roads, and oceans to travel throughout the world for a fun family adventure. But just because users take time off doesn’t mean that their security should. So, with the season’s arrival, we decided to conduct a survey so to better understand users’ cybersecurity needs, as well as help them leave their cybersecurity woes behind while having some fun in the sun. That’s why we asked our users what they are most concerned about during the summer, so we can help them protect what really matters. Let’s see what they had to say.

Sharing the Fun

When it comes to vacations, we’re constantly taking and sharing snaps of amazing memories. What we don’t plan on sharing is the metadata embedded in each photo that can give away more than we intended. In fact, from our research we found that people are 3x more likely to be concerned about their Social Security number being hacked than their photos. Given the risk a compromised SSN poses for the potential of identity theft, it’s no surprise that respondents were more concerned about it. However, to keep the summer fun secure, it’s also important to keep travel photos private and only share securely.

Flying Safely and Securely

From a young age, we have been taught to keep our Social Security number close to the chest, and this is evident in how we protect SSNs. As a matter of fact, 88% of people would be seriously worried if their Social Security number was hacked. The best way to keep a Social Security number secure this summer – don’t share it when purchasing plane tickets or managing travel reservations. All you need to provide is a credit card and passport.

Making Smartphone Security #1  

While on the go, travelers are often keenly aware of how exposed they are physically when carrying around credit cards, passports, suitcases, gadgets and more. However, they also need to think about securing their digital life, particularly their handheld devices. To keep personal photos protected while traveling this summer season, smartphone security must be a top priority. With nearly 40% of respondents concerned about sensitive personal photos being hacked, jet setters need to be proactive about security, not reactive. In fact, we’re reminded of just how important this fact is as we enter the month of June, Internet Safety Month. Just like your laptop or router, it’s vital to protect the personal data stored within a smartphone.

In order to help you stay secure this season, let’s put your travel security knowledge to the test.

Note: There is a widget embedded within this post, please visit the site to participate in this post's widget.

The post 3 Things You Need to Know About Summer Cybersecurity appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/summer-travel-security-tips-2019/feed/ 0
#Verified — Worth the Risk? https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/verified-worth-the-risk/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/verified-worth-the-risk/#respond Tue, 07 May 2019 18:25:14 +0000 https://securingtomorrow.mcafee.com/?p=95182

In the social media world, a little blue checkmark next to a username is a sought-after status symbol. Celebrities, global brands, famous pets, and public figures alike have verified Instagram accounts, indicating to fans that the account they are following is “verified” as the real deal. With an established social presence and verified status, these […]

The post #Verified — Worth the Risk? appeared first on McAfee Blogs.

]]>

In the social media world, a little blue checkmark next to a username is a sought-after status symbol. Celebrities, global brands, famous pets, and public figures alike have verified Instagram accounts, indicating to fans that the account they are following is “verified” as the real deal. With an established social presence and verified status, these accounts gain additional visibility, influence, and the opportunity to connect with their fans and customer base. Due to the blue checkmark’s highly coveted nature, cybercriminals have entered the social media realm with fake accounts trying to take advantage of up-and-coming influencers, swindling users out of hundreds of dollars.

A seemingly innocent reflection of an influencer’s status can actually lead to big-time problems for others. Con artists have latched on to social media rising stars’ hopes to be verified by contacting them with the promise of getting the coveted blue checkmark — if only for a small fee. However, it is not possible for any user to pay to be verified. While it might take some time to build up a following, anyone promising an end result for money is most likely just looking to make a quick buck. Unfortunately, the scams don’t stop there either.

At the beginning of 2019, it was reported that someone was impersonating Wendi Deng Murdoch, former wife of media mogul Rupert Murdoch. This account was emailing yet-to-be verified, popular social media figures with the assurance of high-profile job opportunities. They specifically targeted a travel photographer with over 60,000 followers on Instagram under the guise of working for Condé Nast Traveler. They offered her a photography assignment in Jakarta, Indonesia. She was asked to pay for everything upfront — flights, permits, hotels, and more — all with the agreement of being reimbursed at a later date. Things began to unravel once she landed in Indonesia and was given the runaround. She spent thousands of dollars to get ahead in her career and establish herself as a credible travel photographer only to be left in a lurch. This story serves as a cautionary tale to all of those wanting to be verified on social media platforms and those preparing for the summer travel season.

Cybercriminals are always looking for the next avenue to take advantage of unsuspecting victims, today it is social media influencers, tomorrow who knows what it could be. However, there’s one thing we know for sure – any social media platform that has a significant number of users is going to draw interest from these crooks. But, if you take proper security precautions, you can avoid falling into a trap and scroll endlessly with confidence. Use these tips to help protect your online identity:

  1. Set your account to private. Only let people you know follow you and vice versa.
  2. Be suspicious of messages from strangers. Avoid clicking on links sent by someone you don’t know personally.
  3. Report any spam posts, questionable messages, or fake profiles. Then the social media platform can stop the threat from spreading to other accounts.
  4. Implement proper security measures across all platforms. If one of your social accounts becomes compromised by a scam, take the necessary security steps to protect any linked personal or financial information. Consider McAfee Total Protection or McAfee Mobile Security for help in securing your accounts.

Interested in learning more about IoT and mobile security trends and information? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post #Verified — Worth the Risk? appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/verified-worth-the-risk/feed/ 0
From Internet to Internet of Things https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/internet-to-iot/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/internet-to-iot/#respond Mon, 22 Apr 2019 13:00:23 +0000 https://securingtomorrow.mcafee.com/?p=94965

Thirty years ago, Tim Berners-Lee set out to accomplish an ambitious idea – the World Wide Web. While most of us take this invention for granted, we have the internet to thank for the technological advances that make up today’s smart home. From smart plugs to voice assistants – these connected devices have changed the […]

The post From Internet to Internet of Things appeared first on McAfee Blogs.

]]>

Thirty years ago, Tim Berners-Lee set out to accomplish an ambitious idea – the World Wide Web. While most of us take this invention for granted, we have the internet to thank for the technological advances that make up today’s smart home. From smart plugs to voice assistants – these connected devices have changed the modern consumer digital lifestyle dramatically. In 2019, the Internet of Things dominates the technological realm we have grown accustomed to – which makes us wonder, where do we go from here? Below, we take a closer look at where IoT began and where it is headed.

A Connected Evolution

Our connected world started to blossom with our first form of digital communication in the late 1800s –– Morse code. From there, technological advancements like the telephone, radio, and satellites made the world a smaller place. By the time the 1970s came about, email became possible through the creation of the internet. Soon enough the internet spread like wildfire, and in the 1990s we got the invention of the World Wide Web, which revolutionized the way people lived around the world. Little did Berners-Lee know that his invention would be used decades, probably even centuries, later to enable the devices that contribute to our connected lives.

Just ten years ago, there were less than one billion IoT devices in use around the world. In the year 2019, that number has been projected to skyrocket to over eight billion throughout the course of this year. In fact, it is predicted that by 2025, there will be almost twenty-two billion IoT devices in use throughout the world. Locks, doorbells, thermostats and other everyday items are becoming “smart,” while security for these devices is lacking quite significantly. With these devices creating more access points throughout our smart homes, it is comparable to leaving a backdoor unlocked for intruders. Without proper security in place, these devices, and by extension our smart homes, are vulnerable to cyberattacks.

Moving Forward with Security Top of Mind

If we’ve learned one thing from this technological evolution, it’s that we aren’t moving backward anytime soon. Society will continue to push the boundaries of what is possible – like taking the first a picture of a black hole. However, in conjunction with these advancements, to steer in the right direction, we have to prioritize security, as well as ease of use. For these reasons, it’s vital to have a security partner that you can trust, that will continue to grow to not only fit evolving needs, but evolving technologies, too. At McAfee, we make IoT device security a priority. We believe that when security is built in from the start, user data is more secure. Therefore, we call on manufacturers, users, and organizations to all equally do their part to safeguard connected devices and protect precious data. From there, we can all enjoy these technological advancements in a secure and stress-free way.

Interested in learning more about IoT and mobile security trends and information? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post From Internet to Internet of Things appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/internet-to-iot/feed/ 0
What’s in Your IoT Cybersecurity Kit? https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/iot-cybersecurity-kit/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/iot-cybersecurity-kit/#respond Tue, 09 Apr 2019 13:00:08 +0000 https://securingtomorrow.mcafee.com/?p=94879

Did you know the average internet-enabled household contains more than ten connected devices? With IoT devices proliferating almost every aspect of our everyday lives, it’s no wonder IoT-based attacks are becoming smarter and more widespread than ever before. From DDoS to home network exposures, it appears cybercriminals have set their sights on the digital dependence […]

The post What’s in Your IoT Cybersecurity Kit? appeared first on McAfee Blogs.

]]>

Did you know the average internet-enabled household contains more than ten connected devices? With IoT devices proliferating almost every aspect of our everyday lives, it’s no wonder IoT-based attacks are becoming smarter and more widespread than ever before. From DDoS to home network exposures, it appears cybercriminals have set their sights on the digital dependence inside the smart home — and users must be prepared.

A smart home in today’s world is no longer a wave of the future, but rather just a sign of the times we live in. You would be hard pressed to find a home that didn’t contain some form of smart device. From digital assistants to smart plugs, with more endpoints comes more avenues bad actors can use to access home networks. As recently as 2018, users saw virtual assistants, smart TVs, and even smart plugs appear secure, but under the surface have security flaws that could facilitate home network exposures by bad actors in the future. Whereas some IoT devices were actually used to conduct botnet attacks, like an IoT thermometer and home Wi-Fi routers.

While federal agencies, like the FBI, and IoT device manufacturers are stepping up to do their part to combat IoT-based cyberattacks, there are still precautions users should take to ensure their smart home and family remain secure. Consider this your IoT cybersecurity kit to keep unwelcome visitors out of your home network.

  • When purchasing an IoT device, make security priority #1. Before your next purchase, conduct due diligence. Prioritize devices that have been on the market for an extended period of time, have a trusted name brand, and/or have a lot of online reviews. By following this vetting protocol, the chances are that the device’s security standards will be higher.
  • Keep your software up-to-date on all devices. To protect against potential vulnerabilities, manufacturers release software updates often. Set your device to auto-update, if possible, so you always have the latest software. This includes the apps you use to control the device.
  • Change factory settings immediately. Once you bring a new device into your home, change the default password to something difficult to guess. Cybercriminals often can find the default settings online and can use them to access your devices. If the device has advanced capabilities, use them.
  • Secure your home network. It’s important to think about security as integrated, not disconnected. Not all IoT devices stay in the home. Many are mobile but reconnect to home networks once they are back in the vicinity of the router. Protect your network of connected devices no matter where they go. Consider investing in advanced internet router that has built-in protection that can secure and monitor any device that connects to your home network.
  • Use comprehensive security software. Vulnerabilities and threats emerge and evolve every day. Protect your network of connected devices no matter where you are with a tool like McAfee Total Protection.

Interested in learning more about IoT and mobile security trends and information? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post What’s in Your IoT Cybersecurity Kit? appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/iot-cybersecurity-kit/feed/ 0
Social Media: Where Cybercrime Lurks in the Shadows https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/social-media-where-cybercrime-lurks-in-the-shadows/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/social-media-where-cybercrime-lurks-in-the-shadows/#respond Tue, 26 Mar 2019 13:00:30 +0000 https://securingtomorrow.mcafee.com/?p=94780

When you think of cybercrime, the first thing that comes to mind is most likely cybercriminals operating on the dark web. Last year, however, cybercriminals made the jump over to social media and cashed in big – $3 billion worth, as a matter of fact. With approximately 2.77 billion people using one social media account […]

The post Social Media: Where Cybercrime Lurks in the Shadows appeared first on McAfee Blogs.

]]>

When you think of cybercrime, the first thing that comes to mind is most likely cybercriminals operating on the dark web. Last year, however, cybercriminals made the jump over to social media and cashed in big – $3 billion worth, as a matter of fact. With approximately 2.77 billion people using one social media account or more, it’s no wonder these bad actors have followed the masses. While the average user distrusts the dark web, they do trust their chosen social media platforms. Whether it’s sharing birthdates or a current location, or accepting a follow or message request from strangers, users in front of a screen feel secure. Although, as the line between social platforms and the dark web quickly blurs, the events behind the screen are the real issue.

Since 2017, cryptomining malware has exploded on a global scale, with over half of the identified strains found on social media sites. Utilizing apps, advertisements, and malicious links, cybercriminals were able to deliver these attacks and earn $250 million per year. Not only are social media platforms being used to distribute cryptomining malware, but they are also used as a major source for spreading other types of malware – malvertisments, faulty plug-ins, and apps – that draw users in by offering “too good to be true” deals. Once clicked on, the malware attacks. From there, cybercriminals can obtain data, establish keyloggers, dispense ransomware, and lurk in the shadows of social media accounts in wait for the next opportunity.

That next opportunity could also be on a completely different social media platform. As these sites unknowingly make it easier for malware to spread from one site to another. Many social media accounts interconnect with one another across platforms, which enables “chain exploitation,” or where malware can jump from one account to the next.

In short, social media is a cash cow for cybercriminals, and they are showing no sign of slowing down. What it really comes down to is social platforms, like Instagram and Facebook, attract a significant number of users and are going to draw in a criminal component too. However, if you take the proper security precautions ahead of time, you can fight off bad actors and continuously scroll with confidence. Here are some tips to help you get started:

  • Limit the amount of personal information shared in the first place. Avoid posting home addresses, full birth dates, and employer information, as well as exact location details of where you are.
  • Be wary of messages and follow requests from strangers. Avoid clicking on links sent by someone you don’t know personally.
  • Report any spam posts or messages you encounter to the social media platform. Then they can stop the threat from spreading to other accounts.
  • Always use comprehensive security software. To help protect you from viruses, spyware, and other digital threats that may emerge from social media sites, consider McAfee Total Protection or McAfee Mobile Security.

Interested in learning more about IoT and mobile security trends and information?

  • Take our quiz on best practices on how to stay secure on social media
  • Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook

 

Note: There is a widget embedded within this post, please visit the site to participate in this post's widget.

The post Social Media: Where Cybercrime Lurks in the Shadows appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/social-media-where-cybercrime-lurks-in-the-shadows/feed/ 0
You Rang? New Voice Phishing Attack Tricks Unsuspecting Users https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/voice-phishing-tricks-unsuspecting-users/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/voice-phishing-tricks-unsuspecting-users/#respond Tue, 12 Mar 2019 13:00:47 +0000 https://securingtomorrow.mcafee.com/?p=94534

In this digital day and age, the average user is likely familiar with the techniques and avenues cybercriminals use to get ahold of personal data and money. With this knowledge, we’ve become smarter and keen to the tricks of the cybercrime trade. However, cybercriminals have become smarter too, and therefore their attacks have become more […]

The post You Rang? New Voice Phishing Attack Tricks Unsuspecting Users appeared first on McAfee Blogs.

]]>

In this digital day and age, the average user is likely familiar with the techniques and avenues cybercriminals use to get ahold of personal data and money. With this knowledge, we’ve become smarter and keen to the tricks of the cybercrime trade. However, cybercriminals have become smarter too, and therefore their attacks have become more complex. Take phishing, for example. There has been a dramatic shift in phishing attacks, from simple and general to complex and personalized. What was once spoofing emails or websites has now evolved into something more devious – vishing, or voice phishing. This method involves a cybercriminal attempting to gain access to a victim’s personal or financial information by pretending to be a financial institution via phone call. And now a new vishing attack is proving to be more difficult to detect than the typical phishing scams.

In April 2018, Min-Chang Jang, a manager at Korea Financial Security Institute and Korea University, made a breakthrough in his investigation into malicious apps designed to intercept calls to users from legitimate numbers. This tactic puts a new but troubling twist on the original voice phishing cyberattack. To be successful in this venture, a hacker must first convince a user to download a fake app. To do this, a link is sent to the victim, luring them in with an amazing offer around loan refinancing or something similar, which then prompts the user to download the faulty app. If the target takes the bait, calls will start to come in from the financial institution following up on the possible loan refinancing offer. The call, however, isn’t connected to the actual financial company, rather it is intercepted and connected to the bad actor.

We know that as we adjust to the world around us and become smarter about our security, cybercriminals will do the same with their thievery. Today it’s an advanced vishing attack, tomorrow it could be a different type of phishing vector. However, users can rest assured that companies like McAfee are working tirelessly to ensure our users can thwart any cyberattack that comes their way. While this voice phishing attack is hard to detect, here are some proactive steps you can take to ensure you don’t fall victim to cybercriminals’ schemes:

  • Only install apps from authorized sources. To avoid malicious apps getting ahold of your data, only download apps from authorized vendors. For Android users, use the Google Play Store. For iPhone users, use the Apple App Store. Never trust a third-party app with information that could be exploited in the wrong hands.
  • Turn on caller ID or other services. Numerous carriers now offer free services that notify users of possible scam calls. And a lot of phones come with call-identifying capabilities that can give the user a quick diagnostic of whether the call is legitimate or not. With this feature, users can report scam calls to a database too.
  • Always think twice. In addition to tips and apps, there’s no better judge than common sense so if an offer or deal sounds too good to be true, it most likely is.

Interested in learning more about IoT and mobile security trends and information? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post You Rang? New Voice Phishing Attack Tricks Unsuspecting Users appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/voice-phishing-tricks-unsuspecting-users/feed/ 0
Open Backdoors and Voice Assistant Attacks: Key Takeaways from the 2019 Mobile Threat Report https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/2019-mobile-threat-report/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/2019-mobile-threat-report/#respond Tue, 26 Feb 2019 08:00:23 +0000 https://securingtomorrow.mcafee.com/?p=94299

These days, we seem to have a newfound reliance on all things ‘smart.’ We give these devices the keys to our digital lives, entrusting them with tons of personal information. In fact, we are so eager to adopt this technology that we connect 4,800 devices per minute to the internet with no sign of slowing down. […]

The post Open Backdoors and Voice Assistant Attacks: Key Takeaways from the 2019 Mobile Threat Report appeared first on McAfee Blogs.

]]>

These days, we seem to have a newfound reliance on all things ‘smart.’ We give these devices the keys to our digital lives, entrusting them with tons of personal information. In fact, we are so eager to adopt this technology that we connect 4,800 devices per minute to the internet with no sign of slowing down.  This is largely because smart devices make our lives easier and enjoyable. But even though these devices are convenient, it’s important to understand they’re also convenient for cybercriminals, given they contain a treasure trove of personal data. To examine how exactly these hackers plan on capturing that data, we at McAfee have taken a deep dive into the mobile threat landscape in this year’s Mobile Threat Report. In this report, we examine some of the most significant threat trends, including new spyware, mobile malware, and IoT attack surfaces. Let’s take a look at these trends and how you can keep all your devices protected.

Operations RedDawn and FoulGoal

In our 2018 report, we predicted that attacks targeted toward mobile devices would increase, and everything from fake Fortnite apps to increased mobile malware has proven this to be true. However, two recent discoveries, Operation RedDawn and FoulGoal, prove just how targeted these attacks can really get. RedDawn, in particular, has set its sights on North Korean refugees, as the spyware attempts to copy photos, contacts, SMS messages, and other personal data belonging to the victim.

The latter attack, FoulGoal, actually occurred during last year’s World Cup, as the campaign used an app called Golden Cup to install spyware on victims’ devices. This app promised users live streams of games from the Russian 2018 FIFA World Cup, as well as a searchable database of previous World Cup records. In addition to stealing the user’s phone number, device details, and installed packages, FoulGoal also downloaded spyware to expand its infection into SMS messages, contacts, GPS details, and audio recordings.

A Virtual Backdoor

Our smartphones are now like remote controls for our smart homes, controlling everything from lights to locks to kitchen appliances. So, it was only a matter of time before cybercriminals looked for ways to trick users into leaving open a virtual backdoor. Enter TimpDoor, an Android-based malware family that does just that. First appearing in March 2018, it quickly became the leading mobile backdoor family, as it runs a SMiShing campaign that tricks users into downloading fake voice-messaging apps.

These virtual backdoors are now an ever-growing threat as hackers begin to take advantage of the always-connected nature of mobile phones and other connected devices. Once distributed as Trojanized apps through apps stores, like Google Play, these backdoors can come disguised as add-on games or customization tools. And while most are removed fairly quickly from app stores, hackers can still pivot their distribution efforts and leverage popular websites to conceive a socially engineered attack to trick users into enabling unknown sources.

The Voice Heard Around the Home

Around the world, there are already over 25 million voice assistants, or smart speakers, in use. From simple queries to controlling other IoT gadgets throughout the home, these devices play a big role in our living environments. But many of these IoT devices fail to pass even the most basic security practices, and have easily guessable passwords, notable buffer overflow issues, and unpatched vulnerabilities. This makes voice assistants an increasingly valuable and potentially profitable attack vector for cybercrime.

For a typical voice assistant in the home, the attack surface is quite broad. Cybercriminals could gain access to the microphone or listening stream, and then monitor everything said. Additionally, they could command the speakers to perform actions via other speaker devices, such as embedding commands in a TV program or internet video. Crooks could even alter customized actions to somehow aid their malicious schemes. However, some of the most pressing vulnerabilities can come from associated IoT devices, such as smart plugs, door locks, cameras, or connected appliances, which can have their own flaws and could provide unrestrained access to the rest of the home network.

The good news? We at McAfee are working tirelessly to evolve our home and mobile solutions to keep you protected from any current and future threats. Plus, there are quite a few steps you can personally take to secure your devices. Start by following these tips:

  • Delete apps at the first sign of suspicious activity. If an app requests access to anything outside of its service, or didn’t originate from a trusted source, remove it immediately from your device.
  • Protect your devices by protecting your home network. While we continue to embrace the idea of “smart homes” and connected devices, we also need to embrace the idea that with great connectivity, comes great responsibility to secure those connections. Consider built-in network security, which can automatically secure your connected devices at the router-level.
  • Keep your security software up-to-date. Whether it’s an antivirus solution or a comprehensive security suite, always keep your security solutions up-to-date. Software and firmware patches are ever-evolving and are made to combat newly discovered threats, so be sure to update every time you’re prompted to. Better yet, flip on automatic updates.
  • Change your device’s factory security settings. When it comes to products, many manufacturers don’t think “security first.” That means your device can be potentially vulnerable as soon as you open the box. By changing the factory settings you’re instantly upping your smart device’s security.

Interested in learning more about IoT and mobile security trends and information? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post Open Backdoors and Voice Assistant Attacks: Key Takeaways from the 2019 Mobile Threat Report appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/2019-mobile-threat-report/feed/ 0
Roses Are Red, Violets Are Blue – What Does Your Personal Data Say About You? https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/personal-data-and-you/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/personal-data-and-you/#respond Mon, 11 Feb 2019 14:00:48 +0000 https://securingtomorrow.mcafee.com/?p=94098

A classic meet-cute – the moment where two people, destined to be together, meet for the first time. This rom-com cornerstone is turned on its head by Netflix’s latest bingeable series “You.” For those who have watched, we have learned two things. One, never trust someone who is overly protective of their basement. And two, […]

The post Roses Are Red, Violets Are Blue – What Does Your Personal Data Say About You? appeared first on McAfee Blogs.

]]>

A classic meet-cute – the moment where two people, destined to be together, meet for the first time. This rom-com cornerstone is turned on its head by Netflix’s latest bingeable series “You.” For those who have watched, we have learned two things. One, never trust someone who is overly protective of their basement. And two, in the era of social media and dating apps, it’s incredibly easy to take advantage of the amount of personal data consumers readily, and somewhat naively, share online and with the cloud every day.

We first meet Joe Goldberg and Guinevere Beck – the show’s lead characters – in a bookstore, she’s looking for a book, he’s a book clerk. They flirt, she buys a book, he learns her name. For all intents and purposes, this is where their story should end – but it doesn’t. With a simple search of her name, Joe discovers the world of Guinevere Beck’s social media channels, all conveniently set to public. And before we know it, Joe has made himself a figurative rear-window into Beck’s life, which brings to light the dangers of social media and highlights how a lack of digital privacy could put users in situations of unnecessary risk. With this information on Beck, Joe soon becomes both a physical and digital stalker, even managing to steal her phone while trailing her one day, which as luck would have it, is not password protected. From there, Joe follows her every text, plan and move thanks to the cloud.

Now, while Joe and Beck’s situation is unique (and a tad dramatized), the amount of data exposed via their interactions could potentially occur through another romantic avenue – online dating. Many millennial couples meet on dating sites where users are invited to share personal anecdotes, answer questions, and post photos of themselves. The nature of these apps is to get to know a stranger better, but the amount of personal information we choose to share can create security risks. We have to be careful as the line between creepy and cute quickly blurs when users can access someone’s every status update, tweet, and geotagged photo.

While “You” is an extreme case of social media gone wrong, dating app, social media, and cloud usage are all very predominant in 2019. Therefore, if you’re a digital user, be sure to consider these precautions:

  • Always set privacy and security settings. Anyone with access to the internet can view your social media if it’s public, so turn your profiles to private in order to have control over who can follow you. Take it a step further and go into your app settings to control which apps you want to share your location with and which ones you don’t.
  • Use a screen name for social media accounts. If you don’t want a simple search of your name on Google to lead to all your social media accounts, consider using a different variation of your real name.
  • Watch what you post. Before tagging your friends or location on Instagram and posting your location on Facebook, think about what this private information reveals about you publicly and how it could be used by a third-party.
  • Use strong passwords. In the chance your data does become exposed, or your device is stolen, a strong, unique password can help prevent your accounts from being hacked.
  • Leverage two-factor authentication. Remember to always implement two-factor authentication to add an extra layer of security to your device. This will help strengthen your online accounts with a unique, one-time code required to log in and access your data.
  • Use the cloud with caution. If you plan to store your data in the cloud, be sure to set up an additional layer of access security (one way of doing this is through two-factor authentication) so that no one can access the wealth of information your cloud holds. If your smartphone is lost or stolen, you can access your password protected cloud account to lock third-parties out of your device, and more importantly your personal data.

Interested in learning more about IoT and mobile security trends and information? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post Roses Are Red, Violets Are Blue – What Does Your Personal Data Say About You? appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/personal-data-and-you/feed/ 0
5G Is Coming: Security Risks You Need to Know About https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/5g-security-risks-you-need-to-know/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/5g-security-risks-you-need-to-know/#respond Tue, 22 Jan 2019 19:08:43 +0000 https://securingtomorrow.mcafee.com/?p=93911

The future of connectivity is here ­– 5G. This new network is set to roll out across the nation this coming year and bring greater speed to our handheld devices, which means more data and lower latency. But perhaps one of the most anticipated and popular benefits is it will allow even more IoT devices […]

The post 5G Is Coming: Security Risks You Need to Know About appeared first on McAfee Blogs.

]]>

The future of connectivity is here ­– 5G. This new network is set to roll out across the nation this coming year and bring greater speed to our handheld devices, which means more data and lower latency. But perhaps one of the most anticipated and popular benefits is it will allow even more IoT devices to come online and encourage more connection between said devices. This would enable users to remotely connect to or monitor their IoT devices like kitchen or security gadgets. The promise of more connectivity, smoother IoT user experience, and even more devices online, means there are likely more opportunities and avenues for cyberattacks. 5G will no doubt shape the foreseeable future, let’s see how.

Today, interconnected devices operate on low-powered, low-data-rate networks, such as Cat-M and NB-IoT. With the introduction of 5G networks across the world, the capabilities of VR and AR, AI and ML, and automation and robotics will enhance immensely. Take self-driving cars, for example. These machines require close proximity to their computing to reduce the latency of decision making. The capabilities of 5G don’t end there either. From manufacturing, transportation and logistics, to public safety and the establishment of smart cities, industries are at the ready to take their business to the next level with 5G. With this newfound growing anticipation for the future of 5G, the question has to be asked, what are the security implications for smaller IoT devices?

From an innovation standpoint, 5G is a beacon of light, but from a cybersecurity standpoint, 5G is a “hotbed for a new era of intensified cyberwar.” Denial-of-service attacks, or DDoS, are particular causes of concern for cybersecurity researchers. Devices like refrigerators, thermometers, even light bulbs, will be able to come online because of 5G. Users will be able to remotely check on these appliances through a simple app, but these devices can also be usurped by malicious characters. This increased connectivity and power could see big name sites down for days, or even affect city utility capabilities. Government agencies and private entities are not immune either, but they do have plans in place in the event a DDoS attack occurs.

While consumers can only wait and see what happens with the rollout, industries across the board will want to harness the benefits of 5G. However, consumers and organizations alike need to be cautious in terms of how 5G could be used to help, or hinder, us in the future. Rest assured, even if malicious actors utilize this technology, McAfee’s security strategy will continue to keep pace with the ever-changing threat landscape.

Interested in learning more about IoT and mobile security trends and information? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post 5G Is Coming: Security Risks You Need to Know About appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/5g-security-risks-you-need-to-know/feed/ 0
How to Protect Three Common IoT Devices in 2019 https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/how-to-protect-three-common-iot-devices-in-2019/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/how-to-protect-three-common-iot-devices-in-2019/#respond Tue, 08 Jan 2019 14:00:02 +0000 https://securingtomorrow.mcafee.com/?p=93571

It’s no secret – IoT devices are creeping into every facet of our daily lives. In fact, Gartner estimates there will be 20.4 Billion IoT devices by the year 2020. More devices mean greater connectivity and ease of use for their owners, but connectivity also means more opportunities for hacks. With CES 2019 kicking off this […]

The post How to Protect Three Common IoT Devices in 2019 appeared first on McAfee Blogs.

]]>

It’s no secret – IoT devices are creeping into every facet of our daily lives. In fact, Gartner estimates there will be 20.4 Billion IoT devices by the year 2020. More devices mean greater connectivity and ease of use for their owners, but connectivity also means more opportunities for hacks. With CES 2019 kicking off this week, we turn our focus toward the year ahead, and take a look at some of the IoT devices that are particularly high-profile targets for cybercriminals: gaming systems, voice tech, routers, and smart cars.

Routers

Routers are very susceptible to attacks as they often come with factory-set passwords that many owners are unaware of or don’t know how to change, making these devices easy targets for hackers. That’s bad news, since a router is the central hub in a connected home. If a router is compromised and all of the devices share the same Wi-Fi network, then they could potentially all be exposed to an attack. How? When an IoT device talks to its connected router, the device could expose many of its internal mechanisms to the internet. If the device does not require re-authentication, hackers can easily scan for devices that have poorly implemented protocols. Then with that information, cybercriminals can exploit manufacturer missteps to execute their attacks. To help protect your router (and thus all your other devices), a best practice is to consider one with a layer of protection built-in, and be sure to use a long and complex password for your Wi-Fi network.

Gaming Systems

Over ten years ago, researchers found that many video gaming consoles were being distributed with major security issues involved with the Universal Plug and Play protocol (UPnP), a feature that allows IoT devices on a network to see each other and interact with one another. However, not much has been done to solve the problem. Through exploiting the UPnP weaknesses in gaming systems to reroute traffic over and over again, cybercriminals have been able to create “multi-purpose proxy botnets,” which they can use for a variety of purposes.  This is just the jumping-off point for malicious behavior by bad actors. With this sort of access into a gaming system, they can execute DDoS attacks, malware distribution, spamming, phishing, account takeovers, click fraud, and credit card theft. Our recent gaming survey found that 64% of respondents either have or know someone who has been directly affected by a cyberattack, which is an astonishing uptick in attacks on gamers. Considering this shift, follow our tips in the section above for routers and Wi-Fi, never use the same password twice, and be weary of what you click on.

Voice Tech

In 2018, 47.3 million adults had access to smart speakers or voice assistants, making them one of the most popular connected devices for the home. Voice-first devices can be vulnerable largely due to what we enable them to be connected with for convenience; delivery, shopping, and transportation services that leverage our credit cards. While it’s important to note that voice-first devices are most often compromised within the home by people who have regular access to your devices (such as kids) when voice recognition is not properly configured, any digital device can be vulnerable to outside attacks too if proper security is not set up. For example, these always-on, always-listening devices could be infiltrated by cybercriminals through a technique called “voice squatting.” By creating “malicious skills,” hackers have been able to trick voice assistants into continuing to listen after a user finishes speaking. In this scenario an unsuspecting person might think they’re connecting to their bank through their voice device, when unbeknownst to them, they’re giving away their personal information.  Because voice-controlled devices are frequently distributed without proper security protocol in place, they are the perfect vehicle in terms of executing a cyberattack on an unsuspecting consumer. To protect your voice assistants, make sure your Wi-Fi password is strong, and be on the lookout for suspicious activity on linked accounts.

While you can’t predict the future of IoT attacks, here are some additional tips and best practices on how to stay ahead of hackers trying to ruin your year:

  • Keep your security software up-to-date. Software and firmware patches are always being released by companies and are made to combat newly discovered vulnerabilities, so be sure to update every time you’re prompted to.
  • Pay attention to the news. With more and more information coming out around vulnerabilities and flaws, companies are more frequently sending out updates for smart cars and other IoT devices. While these should come to you automatically, be sure to pay attention to what is going on in the space of IoT security.
  • Change your device’s factory security settings. This is the single most important step to take to protect all devices. When it comes to products, many manufacturers aren’t thinking “security first.” A device may be vulnerable as soon as opening the box. By changing the factory settings you’re instantly upgrading your device’s security.
  • Use best practices for linked accounts.  For gaming systems and voice-first devices in particular, if you connect a service that leverages a credit card, protect that linked service account with strong passwords and two-factor authentication (2FA) where possible. In addition, pay attention to notification emails, especially those regarding new orders for goods or services. If you notice suspicious activity, act accordingly.
  • Setup a separate IoT network. Consider setting up a second network for your IoT devices that don’t share access to your other devices and data. Check your router manufacturer’s website to learn how. You might also consider adding in another network for guests and unsecured devices from others. Lastly, consider getting a router with built-in security features to make it easier to protect all the devices in your home from one place.
  • Use a firewall. A firewall is a tool that monitors traffic between an Internet connection and devices to detect unusual or suspicious behavior. Even if a device is infected, a firewall can keep a potential attacker from accessing all the other devices on the same network. When looking for a comprehensive security solution, see if a Firewall is included to ensure that your devices are protected.
  • Up your gaming security. Just announced at CES 2019, we’re bringing a sense of security to the virtual world of video games. Get in on the action with McAfee Gamer Security, Beta, it’s free!

Interested in learning more about IoT and mobile security trends and information? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post How to Protect Three Common IoT Devices in 2019 appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/how-to-protect-three-common-iot-devices-in-2019/feed/ 0
What CES Can Show Us About Evolving Consumer Security Needs: A Timeline https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/ces-evolving-security-needs-a-digital-life-timeline/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/ces-evolving-security-needs-a-digital-life-timeline/#respond Tue, 18 Dec 2018 14:00:01 +0000 https://securingtomorrow.mcafee.com/?p=93230

Appropriately dubbed the ‘Global Stage for Innovation,’ it’s no wonder CES showcases the most cutting-edge consumer technologies coming out in the year ahead. No topic is off the table; Attendees will learn more about connected homes, smart cities and self-driving cars, try out shiny new digital health wearables, headsets, and other connected tech, explore AI-driven […]

The post What CES Can Show Us About Evolving Consumer Security Needs: A Timeline appeared first on McAfee Blogs.

]]>

Appropriately dubbed the ‘Global Stage for Innovation,’ it’s no wonder CES showcases the most cutting-edge consumer technologies coming out in the year ahead. No topic is off the table; Attendees will learn more about connected homes, smart cities and self-driving cars, try out shiny new digital health wearables, headsets, and other connected tech, explore AI-driven technologies, and so much more.

Although events like CES showcase breakthrough technologies, interestingly, they also highlight how rapidly new technology is replaced with the next new thing. The rate at which we are treading on new ground is shifting exponentially, and what we see at CES this January might be obsolete in just a few years.

This rapidly changing technological landscape poses a significant predicament to consumers, a ‘digital dilemma’ if you will: as new technologies accelerate and IoT devices that house them progress, new challenges arise with them. This is particularly the case when it comes to security and privacy. And, just as security and products change and adapt, so do our needs and wants as consumers. Those of a teen differ from those of a parent, from those of a baby boomer, and so on. Let’s see how those needs change over time.

A Digital Life Timeline

2015: The Teen Technologist

Born in the late ‘90s, this teen is an everyday gamer, who loves to play games online with friends. They also love their smartphone, mostly for the access to social media. A teen wouldn’t necessarily be concerned with security, so having a comprehensive system built in is crucial.

2021: The Young Professional

Entering the workforce for the first time, the young professional is finally able to buy the gadgets that were once luxuries. They might have two phones; one for work and a personal device. Additionally, they are bringing more connected devices into their home, so the need for a secure home network has become obvious. They are also always on the go and having to connect to public Wi-Fi, so a Virtual Private Network (VPN) should be considered.

2032: The Concerned Parent

Fast forward almost ten years, the young professional has become a worrying parent. Their kids are spending too much time on screens. Having a way to monitor what they are doing on the internet and limit their time online is crucial, and an application that could  provide parental controls would be welcomed. Also, as they bring larger, more connected devices into the home, like smart refrigerators and thermostats, they are excited about a platform that will bake in security through a home network.

2038: The Brand Loyalists

The concerned parent has found devices they like and those they do not like. But more importantly, they have found brands they love, and they may continue to purchase from to bring the latest technology into their family’s lives. A comprehensive security system that covers all types of devices is exactly what they would need to keep a layer of protection

2045: The Unacquainted User

At this point in a digital journey, our user has stopped keeping up with trends because things have changed so much. Almost to the point where they are unwilling to learn new tech, or are untrusting of it all together. But the need to maintain their security and privacy is still top of mind –especially as cybercriminals often prey on this demographic due to being an easy target. A person like this might worry about ransomware, viruses, and identity theft along with protecting their home network.

As you can see, a person’s security and safety needs, desires, and even their devices evolve depending on the moment in which they are within their life. With so much in flux, the last thing anyone wants to think about is security – but with constantly changing technology at an all-time high, it’s safe to bet that threats will evolve to keep pace, and so should the ways in which we protect devices. For these reasons, it’s important to leverage a security partner that will keep this in mind, and will grow with not only our evolving needs, but evolving technology, too.

To learn more about consumer security and our approach to it, be sure to follow us at @McAfee and @McAfee_Home.

The post What CES Can Show Us About Evolving Consumer Security Needs: A Timeline appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/ces-evolving-security-needs-a-digital-life-timeline/feed/ 0
12 Days of Hack-mas https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/12-days-of-hack-mas/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/12-days-of-hack-mas/#respond Tue, 11 Dec 2018 17:50:39 +0000 https://securingtomorrow.mcafee.com/?p=93036

2018 was a wild ride when it came to cybersecurity. While some hackers worked to source financial data, others garnered personal information to personalize cyberattacks. Some worked to get us to download malware in order to help them mine cryptocurrency or harness our devices to join their botnets. The ways in which they exact their […]

The post 12 Days of Hack-mas appeared first on McAfee Blogs.

]]>

2018 was a wild ride when it came to cybersecurity. While some hackers worked to source financial data, others garnered personal information to personalize cyberattacks. Some worked to get us to download malware in order to help them mine cryptocurrency or harness our devices to join their botnets. The ways in which they exact their attacks are becoming more sophisticated and harder to detect. 2019 shows no sign of slowing down when it comes to the sophistication and multitude of cyberattacks targeted toward consumers.

Between the apps and websites we use every day, in addition to the numerous connected devices we continue to add our homes, there are a more ways than ever in which our cybersecurity can be compromised. Let’s take a look at 12 common, connected devices that are vulnerable to attacks –most of which our friends at the “Hackable?” podcast have demonstrated– and what we can do to protect what matters. This way, as we move into the new year, security is top of mind.

Connected Baby Monitors

When you have a child, security and safety fuels the majority of your thoughts. That’s why it’s terrifying to think that a baby monitor, meant to give you peace of mind, could get hacked. Our own “Hackable?” team illustrated exactly how easy it is. They performed a “man-in-the-middle” attack to intercept data from an IoT baby monitor. But the team didn’t stop there; next they overloaded the device with commands and completely crashed the system without warning a parent, potentially putting a baby in danger. If you’re a parent looking to bring baby tech into your home, always be on the lookout for updates, avoid knockoffs or brands you’re not familiar with, and change your passwords regularly.

Smart TVs

With a click of a button or by the sound of our voice, our favorite shows will play, pause, rewind ten seconds, and more – all thanks to smart TVs and streaming devices. But is there a sinister side? Turns out, there is. Some smart TVs can be controlled by cybercriminals by exploiting easy-to-find security flaws. By infecting a computer or mobile device with malware, a cybercriminal could gain control of your smart TV if your devices are using the same Wi-Fi. To prevent an attack, consider purchasing devices from mainstream brands that keep security in mind, and update associated software and apps regularly.

Home Wi-Fi Routers

Wi-Fi is the lifeblood of the 21st century; it’s become a necessity rather than a luxury. But your router is also a cybercriminal’s window into your home. Especially if you have numerous IoT devices hooked up to the same Wi-Fi, a hacker that successfully cracks into your network can get ahold of passwords and personal information, all of which can be used to gain access to your accounts, and launch spear phishing attacks against you to steal your identity or worse. Cybercriminals do this by exploiting weaknesses in your home network. To stay secure, consider a comprehensive security solution like McAfee® Secure Home Platform.

Health Devices and Apps

Digital health is set to dominate the consumer market in the next few years. Ranging from apps to hardware, the ways in which our health is being digitized varies, and so do the types of attacks that can be orchestrated. For example, on physical devices like pacemakers, malware can be implanted directly on to the device, enabling a hacker to control it remotely and inflict real harm to patients. When it comes to apps like pedometers, a hacker could source information like your physical location or regular routines.  Each of these far from benign scenarios highlight the importance of cybersecurity as the health market becomes increasingly reliant on technology and connectivity.

Smart Speakers

It seems like everyone nowadays has at least one smart speaker in their home. However, these speakers are always listening in, and if hacked, could be exploited by cybercriminals through spear phishing attacks. This can be done by spoofing actual websites which trick users into thinking that they are receiving a message from an official source. But once the user clicks on the email, they’ve just given a cybercriminal access to their home network, and by extension, all devices connected to that network too, smart speakers and all. To stay secure, start with protection on your router that extends to your network, change default passwords, and check for built-in security features.

Voice Assistants

Like smart speakers, voice assistants are always listening and, if hacked, could gain a wealth of information about you. But voice assistants are also often used as a central command hub, connecting other devices to them (including other smart speakers, smart lights or smart locks). Some people opt to connect accounts like food delivery, driver services, and shopping lists that use credit cards. If hacked, someone could gain access to your financial information or even access to your home. To keep cybercriminals out, consider a comprehensive security system, know which apps you can trust, and always keep your software up to date.

Connected Cars

Today, cars are essentially computers on wheels. Between backup cameras, video screens, GPS systems, and Wi-Fi networks, they have more electronics stacked in them than ever. The technology makes the experience smoother, but if it has a digital heartbeat, it’s hackable. In fact, an attacker can take control of your car a couple of ways; either by physically implanting a tiny device that grants access to your car through a phone, or by leveraging a black box tool and  your car’s diagnostic port completely remotely. Hacks can range anywhere from cranking the radio up to cutting the transmission or disabling the breaks. To stay secure, limit connectivity between your mobile devices and a car when possible, as phones are exposed to risks every day, and any time you connect it to your car, you put it at risk, too.

Smart Thermostats

A smart thermostat can regulate your home’s temperature and save you money by learning your preferences. But what if your friendly temperature regulator turned against you? If you don’t change your default, factory-set password and login information, a hacker could take control of your device and make it join a botnet

Connected Doorbells

When we think high-tech, the first thing that comes to mind is most likely not a doorbell. But connected doorbells are becoming more popular, especially as IoT devices are more widely adopted in our homes. So how can these devices be hacked, exactly? By sending an official-looking email that requests that a device owner download the doorbell’s app, the user unwittingly gave full access to the unwelcome guest. From there, the hackers could access call logs, the number of devices available, and even video files from past calls. Take heed from this hack; when setting up a new device, watch out for phishing emails and always make sure that an app is legitimate before you download it.

Smart Pet Cameras

We all love our furry friends and when we have to leave them behind as we head out the door. And it’s comforting to know that we can keep an eye on them, even give them the occasional treat through pet cameras. But this pet-nology can be hacked into by cybercriminals to see what’s get an inside look at your home, as proven by the “Hackable?” crew. Through a device’s app, a white-hat hacker was able to access the product’s database and was able to download photos and videos of other device owners. Talk about creepy. To keep prying eyes out of your private photos, get a comprehensive security solution for your home network and devices, avoid checking on your pet from unsecured Wi-Fi, and do your research on smart products you purchase for your pets.

Cell Phones

Mobile phones are one of the most vulnerable devices simply because they go everywhere you go. They essentially operate as a personal remote control to your digital life. In any given day, we access financial accounts, confirm doctor’s appointments and communicate with family and friends. That’s why is shocking to know how surprisingly easy it is for cybercriminals to access the treasure trove of personal data on your cell phone. Phones can be compromised a variety of ways; but here are a few: accessing your personal information by way of public Wi-Fi (say, while you’re at an airport), implanting a bug, leveraging a flaw in the operating system, or by infecting your device with malware by way of a bad link while surfing the web or browsing email.  Luckily, you can help secure your device by using comprehensive security such as McAfee Total Protection, or by leveraging a VPN (virtual private network) if you find yourself needing to use public Wi-Fi.

Virtual Reality Headsets

Once something out of a science fiction, virtual reality (VR) is now a high-tech reality for many. Surprisingly, despite being built on state of the art technology, VR is quite hackable. As an example, though common and easy-to-execute tactics like phishing to prompt someone to download malware, white-hat hackers were able to infect a linked computer and execute a command and control interface that manipulated the VR experience and disorientated the user. While this attack isn’t common yet, it could certainly start to gain traction as more VR headsets make their way into homes. To stay secure, be picky and only download software from reputable sources.

This is only the tip of the iceberg when it comes to hackable, everyday items. And while there’s absolutely no doubt that IoT devices certainly make life easier, what it all comes down to is control versus convenience. As we look toward 2019, we should ask ourselves, “what do we value more?”

Stay up-to-date on the latest trends by subscribing to our podcast, “Hackable?” and follow us on Twitter or Facebook.

The post 12 Days of Hack-mas appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/12-days-of-hack-mas/feed/ 0
Shop till You’re Hacked? 3 Tips to Stay Secure this Holiday Season https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/holiday-shopping-security-tips-2018/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/holiday-shopping-security-tips-2018/#respond Tue, 13 Nov 2018 05:01:17 +0000 https://securingtomorrow.mcafee.com/?p=92638

With just days until Black Friday, the unofficial kick off to the holiday shopping season is quickly approaching. In anticipation of the busiest time of year for e-commerce, this year we conducted a survey, Stressed Holiday Online Shopping, to understand how financial pressure can impact buyer behavior when it comes to online purchasing and cybersecurity. […]

The post Shop till You’re Hacked? 3 Tips to Stay Secure this Holiday Season appeared first on McAfee Blogs.

]]>

With just days until Black Friday, the unofficial kick off to the holiday shopping season is quickly approaching. In anticipation of the busiest time of year for e-commerce, this year we conducted a survey, Stressed Holiday Online Shopping, to understand how financial pressure can impact buyer behavior when it comes to online purchasing and cybersecurity. Let’s take a look at what we can learn from our key findings we garnered from surveying 2,472 adults in the U.S. between the ages of 18 and 55, dive into how the results can help consumers avoid the common pitfalls of holiday shopping and cybersecurity, and learn how they can protect both their devices and digital lives this season.

Deals, deals, deals! When it comes to online shopping, consumers care about saving money

The economic burden of the holidays is something consumers know all too well. With an onslaught of holidays and parties in which gifts are expected for family, friends, or co-workers, it’s no wonder that 79 percent of survey respondents said that holiday shopping puts financial stress on them and/or their families. No doubt, from stretching a budget and bargain shopping to attempting to purchase several perfect gifts when sales are fleeting, browsing and purchasing for the holidays can feel overwhelming, which may be why 53 percent of respondents shared that stress can lead them to be careless when online shopping.

More than half of consumers (56 percent) said that they would use a website they were unfamiliar with if it meant they would save money, while 51 percent shared they would purchase an item from an untrusted online retailer to get a good deal. Thirty-one percent would click on a link in an email to get a bargain, regardless of whether they were familiar with the sender.

This season, many will make online purchases, many will use their phones to do so, and even more will unknowingly put themselves at risk when it comes to cybersecurity

When a good deal pops up, it’s hard to pass up – whether you’re in a tricky financial situation or not. This especially rings true when it comes to mobile purchases. The convenience of our phones – which are always with us – lends itself to taking advantage of deals and flash sales that pop up to make impulsive purchases. This always-on access also paves the way for the path to purchase to be much faster and to occur more often.

Perhaps the accessibility that mobile provides is why this holiday season, e-commerce industry experts are predicting that for the first time ever, more online purchases will be made with mobile phones than any other device. That’s right; rather than reach for a laptop or tablet or call out to our virtual assistants, 68 percent of e-commerce visits will be made from our smartphones that are always by our side – whether we’re in a secure setting or not. In fact, 22 percent of McAfee survey respondents shared that they would make online purchases over public or unsecured Wi-Fi, which could potentially expose their private information and payment details.

Our survey also found that while only 6 percent of respondents would be willing to risk having their bank account details fall into the wrong hands for a good deal, 39 percent would risk sharing their email address, 25 percent would wager their phone number, and 16 percent would provide their home address. The problem with this mentality is that through common attacks like phishing, it takes only a bit of information to lead a hacker to gain more of your personal information under the right circumstances. These results illustrate that when it comes to shopping online –regardless of device type– consumers are in it for the holiday deals while unknowingly ignoring their cybersecurity in the process.

Consumers use a variety of ways to discern whether a site or content is unsafe, but rarely report phishing

Fortunately, most people aren’t completely throwing caution to the wind in terms of cybersecurity. Our survey found that consumers use a variety of tricks to scrutinize a website or email in order to interpret safety and danger signals. Half of the respondents check the website design to make sure it looks professional, and 49 percent check for spelling and grammar.

However, 14 percent shared they had no idea how to verify a website and wouldn’t know where to start. Similarly, many people are unfamiliar with how to discern a fake mobile app from an official one. Which is troubling, since last year it was reported that one in 25 Black Friday apps were fake, with at least 15 malicious Black Friday apps for each of the top five U.S. e-commerce brands.

Tips to Stay Safe While Online Shopping This Year

Between the impact of stress on online behavior and constantly evolving cyberthreats, it’s clear that there is a need for re-education on how to stay safe online, especially as cybercriminals are becoming smarter and more relentless. This holiday season, before you whip out those credit cards and mobile devices, consider these tips:

  • Always connect with caution. Public Wi-Fi might seem like a good idea, but if you are not careful, you could be unknowingly be exposing personal information or credit card details to cybercriminals who are snooping on the network. If you have to conduct transactions on a public Wi-Fi connection use a virtual private network (VPN) such as McAfee® SafeConnect to help keep your connection secure.
  • Think before you click. One of the easiest ways for a cybercriminal to compromise your system is by using phishing emails to lure consumers into clicking links for products or services that could lead to malware, or a phony website designed to steal personal information. If the deal seems too good to be true, or the email was not expected it’s always best to check directly with the source.
  • Browse with security protection. Use comprehensive security protection, like McAfee Total Protection, which can help keep devices protected against malware, phishing attacks, and other threats. It includes McAfee WebAdvisor which can help identify malicious websites.

Starving for more stats? Check out last year’s survey on hackable holiday gifts. Stay on top of the latest consumer and mobile security threats by following @McAfee_Home on Twitter, and ‘Like’ us on Facebook.

The post Shop till You’re Hacked? 3 Tips to Stay Secure this Holiday Season appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/holiday-shopping-security-tips-2018/feed/ 0
Beware: Zombie IoT Botnets https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/zombie-iot-botnets/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/zombie-iot-botnets/#respond Tue, 06 Nov 2018 14:00:06 +0000 https://securingtomorrow.mcafee.com/?p=92430 The ghosts and ghouls of October have come and gone, but the dangers lurking behind virtual walls have hardly disappeared. The threat of zombie bots is real, and it exists 365 days out of the year. Zombie bots, or devices that are taken over by hackers to disseminate different types of malware, viruses, or spam […]

The post Beware: Zombie IoT Botnets appeared first on McAfee Blogs.

]]>
The ghosts and ghouls of October have come and gone, but the dangers lurking behind virtual walls have hardly disappeared. The threat of zombie bots is real, and it exists 365 days out of the year. Zombie bots, or devices that are taken over by hackers to disseminate different types of malware, viruses, or spam to other Internet-connected gadgets, are no longer limited to just home computers. As executed in the Mirai botnet attack, they’ve expanded into the world of IoT connected devices, too.

Adding to their complexity, zombie bots are not just limited to one feature or attack; they can be morphed into whatever their ‘master’ wants them to be. From logging keystrokes or searching through files to updating malware and downloading more malware onto an infected device, zombie botnets are ever-evolving.

To a hacker, zombie bots are more effective and infinitely stronger when they band together.  And so one by one, cybercriminals work to spread their malware of choice to devices to form an army of zombie bots, also known as a botnet. Massive botnets are used in distributed denial of service (DDoS) attacks, which are among the most intimidating types of attacks of which zombie botnet armies are capable. DDoS attacks are growing in number and severity; one report found that they’ve increased by 29% since Q2 2017, with the average attack size having increased by 543% to 26.37 Gbps.

The increase in DDoS attacks is attributed to large scale botnets comprised of insecure IoT devices. The adoption of IoT devices shows no signs of slowing down either. Today, there are currently 23.14 billion IoT devices worldwide. That number is predicted to grow exponentially just in the next 7 years to approximately 75.44 billion by 2025.

New variations of the Mirai and Gafgyt botnets exploit vulnerabilities found in IoT devices, including the security flaw that led to the massive Equifax breach of 2017. Just this past month, a botnet by the name of Chalubo was discovered by security researchers. By targeting poorly-secured IoT devices and servers, the Chalubo botnet compromises users’ devices for the purpose of executing a DDoS attack. Researchers also found that this botnet had copied a few code snippets from Mirai, demonstrating that cybercriminals have realized how effective this type of attack is.

So, why the rise in DDoS and other IoT botnet attacks? IoT devices like security cameras, smart lights, DVRs, and routers are particularly easy to remotely access because they often come with factory-set admin password setups, and many of us never change them to something more secure.  Our collective accumulation of connected devices shows no sign of slowing down, and without proper security in place, they are vulnerable to attacks. And what’s particularly troubling is that more often than not, zombie botnet armies operate in the shadows, unbeknownst to their owners.

Put simply, with more IoT devices in use, the risk of botnets increases, as does the need for awareness around this very real and potentially debilitating cyberthreat. While cybercriminals continue to try and leverage our own devices against us, the best way to protect your devices is through education and security best practices:

  • Keep your security software up-to-date. Whether it’s anti-virus, anti-spyware, or overall security, always keep your security solutions up-to-date. Software and firmware patches are ever-evolving and are made to combat newly discovered vulnerabilities, so be sure to update every time you’re prompted to.
  • Change your device’s factory security settings. When it comes to products, many manufacturers don’t think “security first.” That’s to say, your device can be vulnerable as soon as you open the box. By changing the factory settings you’re instantly upping your device’s security.
  • Proceed with caution when opening emails with file attachments or hyperlinks. One of the most common ways your device can become infected is by clicking on a bad link or attachment, through phishing or click fraud attempts. As a preventative safety measure, avoid engaging with suspicious messages altogether. You can often tell if the email is a hacking attempt if there is awkward language, improper spelling, or other signs. It’s a good idea to send spam directly to the trash.
  • Setup a separate IoT network. Consider setting up a second network for your IoT devices that doesn’t share access to your other devices and data. Check your router manufacturer’s website to learn how. Or, consider getting a router with built-in security features, making it easier to protect all the devices in your home from one access point.
  • Use a firewall. A firewall is a tool that monitors traffic between an Internet connection and devices to detect unusual or suspicious behavior. Even if a device is infected, a firewall can keep a potential attacker from accessing all the other devices on the same network. When looking for comprehensive security solution, to see if a Firewall is included to ensure that your devices are protected.

Interested in learning more about IoT and mobile security trends and information? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post Beware: Zombie IoT Botnets appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/zombie-iot-botnets/feed/ 0
Working Together to Ensure Better Cybersecurity https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/working-together-to-ensure-better-cybersecurity/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/working-together-to-ensure-better-cybersecurity/#respond Tue, 16 Oct 2018 13:00:44 +0000 https://securingtomorrow.mcafee.com/?p=92058 For many, it’s hard to picture a work environment that doesn’t revolve around the use of technology. Digital, cloud-based services coupled with access through mobile and IoT devices have completely reshaped organizations by streamlining business processes and enabling people to work anywhere, anytime. Thanks to these advances, there have also been a variety of recent […]

The post Working Together to Ensure Better Cybersecurity appeared first on McAfee Blogs.

]]>
For many, it’s hard to picture a work environment that doesn’t revolve around the use of technology. Digital, cloud-based services coupled with access through mobile and IoT devices have completely reshaped organizations by streamlining business processes and enabling people to work anywhere, anytime. Thanks to these advances, there have also been a variety of recent shifts in how employers and employees interact with each other, ranging from liberal remote work policies companies asking employees to bring their own devices to work.

Often these changes feel remarkable, efficient and convenient, as they make our work lives much more efficient – but these advancements also create concerns around cybersecurity. Many devices contain both personal and professional data , and when we take our work home or on the go with us, we’re not constantly protected by a company firewall, safe Wi-Fi, or other standard cybersecurity measures. Regardless of what industry you are in, online safety is no longer just IT’s problem. Cybersecurity is now a shared responsibility between an organization and its employees.

Naturally, these changes require education and communication around cybersecurity best practices in order to develop positive habits that will keep both employers and employees safe. Getting a habit to stick also requires an organization to develop culture of security in tandem, in which every individual and department is accountable for cybersecurity and bands together with the shared objective of staying secure.

October is National Cybersecurity Awareness Month, which is a great time to look at how everyone can be a part of the cybersecurity solution within their organization. If cybersecurity has not historically not been a priority within an organization, starting a conversation about it can be difficult, whether you’re an employee or an employer. Consider using these tips to start thinking about personal cybersecurity and how that translates into an overall cybersecurity plan within your organization.

Employers can take the following steps:

  • Identify which company assets are of greatest value, then ensure security measures are in place. Employee, customer, and payment data are all assets that cybercriminals could leverage via phishing, malware, password breaches, and denial-of-service (DoS) attacks. Begin to develop a formal cybersecurity plan based on your specific needs.
  • Set up an alert system. Put a system into place that will alert employees and your organization of an incident. This also includes an avenue for employees to report problems they might notice before they become widespread. The sooner people know about a vulnerability, the faster they can respond and take action.
  • Develop a response plan. Practice an incident response plan to contain an attack or breach. Keep in mind the goal of maintaining business operations in the short term while assessing the long-term effects of the cyber incident.

Employees can follow these guidelines:

  • Regularly update your device’s software. This is the easiest way to ensure your devices are equipped with vital patches that protect against flaws and bugs that cybercriminals can exploit.
  • Take security precautions, even if your company isn’t there yet. Professional and personal information is often intertwined on our devices – especially our mobile phones. Keep all your data secure with comprehensive mobile security, such as McAfee® Mobile Security. Then work within your organization to develop a cybersecurity plan that works for all.

Interested in learning more about IoT and mobile security trends and information? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post Working Together to Ensure Better Cybersecurity appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/working-together-to-ensure-better-cybersecurity/feed/ 0
The VORACLE OpenVPN Attack: What You Need to Know https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/voracle-openvpn-attack-what-consumers-need-to-know/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/voracle-openvpn-attack-what-consumers-need-to-know/#respond Tue, 09 Oct 2018 19:00:46 +0000 https://securingtomorrow.mcafee.com/?p=91856 Many of us know that using a VPN (Virtual Private Network) adds an extra layer of security to our Wi-Fi networks. But VORACLE, a recently discovered vulnerability that was announced at a security conference by security researcher Ahamad Nafeez, is making some people reconsider this this steadfast safety tip. Let’s look under the hood at […]

The post The VORACLE OpenVPN Attack: What You Need to Know appeared first on McAfee Blogs.

]]>
Many of us know that using a VPN (Virtual Private Network) adds an extra layer of security to our Wi-Fi networks. But VORACLE, a recently discovered vulnerability that was announced at a security conference by security researcher Ahamad Nafeez, is making some people reconsider this this steadfast safety tip. Let’s look under the hood at this vulnerability to understand what was impacted and why, and what we should do in the future when it comes to safely connecting to Wi-Fi.

Under the Hood of a VPN

A VPN is a connection between a secure server and your mobile device or computer. Through the VPN your activity and information on the internet is encrypted, making it difficult for anyone else to see your private information. Many of us use a VPN for work when we travel, some of us use them to watch videos online, and more and more of us use them as a best practice to help keep our information safe any time we want to use a Wi-Fi connection that we’re not sure about.

About the VORACLE VPN Vulnerability

At a high level, VORACLE leverages a vulnerability found in the open-source OpenVPN protocol. OpenVPN is an open-source protocol used by the majority of VPN providers, meaning many VPN products are affected.

The VORACLE attack can recover HTTP traffic sent via encrypted VPN connections under certain conditions, the first being that the VPN app in use enables compression via the OpenVPN protocol. A  hacker must be on the same network and able to lure you to an HTTP (not HTTPS) site with malicious code through phishing or a similar other tactic. The attack can happen on all web browsers but Google Chrome, due to the way in which HTTP requests are made.

Luckily the McAfee Safe Connect VPN was not built on the vulnerable OpenVPN code. That said, I want to take this opportunity to remind you of something we talk about a lot in the security industry: relying on only one layer of security is simply not enough today. Here are some tips and best practices to stay safe.

  • Set up multi-factor authentication whenever possible. This tip is especially important for valuable accounts like email or social media, which might be connected to financial information. With multi-factor authentication in place, you’ll be better protected by combining your usual login information with another layer of protection, such as a one-time-password sent to your phone, bio metrics (say, a thumb print), or a security token that you’ll need to confirm before getting access to your account.
  • Use secure websites (HTTPS) whenever possible. The ‘S’ at the end of HTTPS stands for ‘Secure’. It means all communications between your browser and the website are encrypted. Most websites are moving toward this standard practice, so if you notice yourself landing on a website with just HTTP, stay alert.
  • Avoid making financial transactions until you’re on a network you trust. Sharing personal data like your credit card information can lead to unnecessary vulnerabilities. The best bet is to wait until you’re on your home network with additional layers of security such as McAfee’s Secure Home Platform already in place.
  • Consider using your mobile network and being your own hotspot. If your mobile or IoT data plan includes a hot spot, consider using that over Wi-Fi to avoid some of the challenges that come with it in the first place.
  • Do continue to use a personal VPN when you’re on the go and using Wi-Fi– just be sure to do so while having an additional layer of security in place so that if a similar vulnerability is discovered, you’ll already have a backup.

Looking for more mobile security tips and trends? Be sure to follow @McAfee_Home on Twitter, and like us on Facebook.

The post The VORACLE OpenVPN Attack: What You Need to Know appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/voracle-openvpn-attack-what-consumers-need-to-know/feed/ 0
Mobile and Digital Payments: Worth the Risk? https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/sending-money-over-mobile-devices/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/sending-money-over-mobile-devices/#respond Tue, 18 Sep 2018 13:00:54 +0000 https://securingtomorrow.mcafee.com/?p=91540 Thanks in part to the convenience that our mobile devices provide for us, much of the world operates now on instant gratification. From accessing information on the web to doing work –and now sending and receiving digital payments– our devices and applications support us while we’re on the go. Whether we’re paying a friend for […]

The post Mobile and Digital Payments: Worth the Risk? appeared first on McAfee Blogs.

]]>
Thanks in part to the convenience that our mobile devices provide for us, much of the world operates now on instant gratification. From accessing information on the web to doing work –and now sending and receiving digital payments– our devices and applications support us while we’re on the go. Whether we’re paying a friend for dinner, our roommate for rent, or otherwise, many of us use peer-to-peer (P2P) mobile and digital payment apps rather than cash to settle our bills.

P2P mobile and digital payment apps like Cash App, PayPal, Venmo, and Zelle have changed the way we transfer money; today it’s faster, simpler, and easier than ever. In fact, they’re so popular that it’s estimated that in 2018, $700 billion will be transferred in this manner. With so much money being sent and received in this way, the ease of transfer begs the question, how secure are these apps?

While some have turned to using cryptocurrency and blockchain to curtail the known dangers of traditional mobile payment apps, recent cryptojacking incidents have proven that even this new technology is not foolproof when it comes to cybersecurity and the determination of cybercriminals. And while the convenience of digital payments can’t be denied, we seem to be prioritizing ease of use over security. Let’s take a look at how digital payments work, as well as their security implications.

How Digital Payments Work

P2P apps like Venmo, Cash App, and others essentially all work in the same way.  Functioning as a digital wallet, users link the app to their bank accounts or credit and debit cards. Then the app adds or subtracts money based on when users receive or send a payment. From there, users can “cash out” their balance to their preferred digital property, such as the account attached to a card or bank account.

P2P Money Transfer Apps and Cybersecurity Concerns

On the surface, digital money transfers may seem harmless, when in fact, they could lead to a headache of unforeseen cybersecurity concerns. The good news is that most money transfer apps will reimburse you for fraudulent charges. However, if someone has physical access to your phone and you don’t keep it locked, they can send money to themselves or others and you won’t get that money back.

Aside from the obvious concern of losing your phone, if you use an unsecured network to transfer money, it’s easier for someone to launch a phishing attack to gain access to your data. That’s because some payment apps will send request links from other users to download the app on their device. These links can be manipulated by cybercriminals and often contain just a letter or number off so that these changes go unnoticed by day-to-day users. When clicked on, a user can be redirected to a web page and presented with malware or a virus and might be prompted to download it– giving an unfriendly host access to your financial information. Thankfully, leveraging your data plan or a VPN rather than an unsecured or pubic Wi-Fi network can help create an extra layer of protection, making it more difficult for cybercriminals to access your sensitive data.

Lastly, there are often unforeseen holes in software that provide backdoor access to your financial information. Meticulously updating the software on your mobile device can help patch up known security issues, also making it easier to protect your data.

Tips to Stay Safe While Using Peer-to-Peer Money Transfer Apps

If you already use a peer-to-peer money transfer app or are on the fence about downloading one, here are some tips to take into account. By practicing multiple security habits simultaneously, your financial information is much more likely to remain safe on your devices and apps:

  • Set up additional security measures. P2P payment platforms require access to sensitive financial information. Check your account settings to see if you can enable multi-factor authentication, PIN/Password requirement, or use fingerprint recognition.
  • Check your preferred app’s permission or settings. Some might share information about your transactions on social media or on the platform itself, like Venmo. Make adjustments to these settings if and when you see fit.
  • Update your software and apps. It’s a best practice to update software and apps when prompted to help seal vulnerabilities when they’re found.
  • Be aware of where you are conducting your money transfers. Opt to use your data plan or a secure, private Wi-Fi network when using a P2P payment app. If you connected to public Wi-Fi, cybercriminals could use the holes in these networks to access your personal banking information and possibly access your P2P app account. If you must use public Wi-Fi, then it’s a good idea to use a Virtual Private Network (VPN).
  • Confirm the deposit went through. When you receive a payment, that money is added to your in-system balance. This is where it will remain until you initiate the transfer to your bank account or use it for another transaction within the app. If you transfer the balance to your bank, confirm it went through. This could take anywhere from a few days to a week. If it takes longer, it’s worth investigating to stop suspicious behavior in its tracks.
  • Be wary of scammers and cybercriminals. If you don’t know the person to which you are sending a digital transfer (say to purchase tickets to an event), look for poor spelling or grammar from them and read links carefully. If something doesn’t look right, that’s often a tell-tale sign that you’re being led astray. Try to find an alternative way to pay, or better yet – find someone who is more trustworthy.

Interested in learning more about IoT and mobile security tips and trends? Stop by ProtectWhatMatters.online, and follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post Mobile and Digital Payments: Worth the Risk? appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/sending-money-over-mobile-devices/feed/ 0
Trending: IoT Malware Attacks of 2018 https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/top-trending-iot-malware-attacks-of-2018/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/top-trending-iot-malware-attacks-of-2018/#respond Tue, 04 Sep 2018 18:50:19 +0000 https://securingtomorrow.mcafee.com/?p=91361 Since January 1st of 2018, a barrage of cyberattacks and data breaches have hit almost every industry, targeting businesses large and small, many of which are now from IoT devices. By 2025, it is estimated that there will be approximately 75 billion connected devices around the world. With more IoT devices ­–from wearables and pacemakers […]

The post Trending: IoT Malware Attacks of 2018 appeared first on McAfee Blogs.

]]>
Since January 1st of 2018, a barrage of cyberattacks and data breaches have hit almost every industry, targeting businesses large and small, many of which are now from IoT devices. By 2025, it is estimated that there will be approximately 75 billion connected devices around the world. With more IoT devices ­–from wearables and pacemakers to thermometers and smart plugs–on the market and in the home, cybercriminals are keen to leverage them in attacks. This heightened interest is due to the vulnerabilities in many IoT devices, not to mention their ability to connect to each other, which can form an IoT botnet.

In a botnet scenario, a network of internet-connected devices is infected with malware and controlled without the users’ knowledge, in order to launch ransomware and DDoS attacks (distributed denial-of-service). Once unleashed, the consequences of botnet attacks can be devastating. This possible reality sounds like the plot of a science fiction movie, one which we hypothesized in our 2018 Threats Prediction Report. As we head into this year’s final months, we take a look at how this year’s threats compared to our predictions for you, the consumer.

At the end of 2017, we predicted that the convenience and ease of a connected home could lead to a decrease in privacy. Our devices already transmit significant data, with or without the knowledge of the consumer, back to the corporations the devices are made. This unprecedented access to consumer data is what is driving cybercriminals to become more familiar with IoT botnet attacks. Just in 2018 alone, we’ve seen smart TVs, virtual assistants, and even smart plugs display detrimental security flaws that could be exploited by bad actors. Some IoT devices were used to facilitate botnet attacks, like an IoT thermometer and home Wi-Fi routers. In 2017, these security concerns were simply predictions- but now they are very much a reality. And while the window to get ahead of these attacks is closing, consumers need to be prepared in case your IoT devices go haywire.

Be the difference in your home when it comes to security and IoT devices. Protect both you and your family from these threats with these tips:

  • When buying an IoT device, make security a priority. Before your next IoT purchase, do your research. Prioritize purchasing devices that have been on the market for a while, have a name brand, or have a lot of online reviews. If you follow this protocol, the chances are that the device’s security standards will be higher, due to being vetted by the masses.
  • Change default device passwords. As soon as you bring a new device into your home, change the password to something difficult to guess. Cybercriminals often know the default settings and can use them to access your devices. If the device has advanced security options, use them.
  • Keep your software up-to-date. To protect against potential vulnerabilities, manufacturers often release software updates. Set your device to auto-update, if possible, so you always have the latest software.
  • Use a comprehensive security program. It’s important to think about security holistically. Not all IoT devices are restricted to the home; many are mobile (such as smart watches). If you’re out and about, you may need to connect to an unsecured network – say an airport with public Wi-Fi. Your kids may have devices. The scenarios may be different, but the risk is the same. Protect your network of connected devices no matter where you are and consider a suite of security products to protect what matters.

Interested in learning more about IoT and mobile security tips and trends? Stop by ProtectWhatMatters.online, and follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post Trending: IoT Malware Attacks of 2018 appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/top-trending-iot-malware-attacks-of-2018/feed/ 0
Back to School: 5 Cybersecurity Habits to Teach Your Kids https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/back-to-school-cybersecurity-habits-for-kids/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/back-to-school-cybersecurity-habits-for-kids/#respond Mon, 20 Aug 2018 13:00:54 +0000 https://securingtomorrow.mcafee.com/?p=91042 With back-to-school time already here, cybersecurity should be at the forefront of every parent’s mind. Kids are exposed to more devices – both in the classroom and at home. While their school may already be taking precautions to protect their data while they’re in the classroom, and many of their personal phones have parental controls […]

The post Back to School: 5 Cybersecurity Habits to Teach Your Kids appeared first on McAfee Blogs.

]]>
With back-to-school time already here, cybersecurity should be at the forefront of every parent’s mind. Kids are exposed to more devices – both in the classroom and at home. While their school may already be taking precautions to protect their data while they’re in the classroom, and many of their personal phones have parental controls on them, there’s still more to teach them. This is especially the case with the rise of IoT devices and wearables aimed at kids – such as low-cost smart watches – which often skimp on a basic layer of security to make them affordable. So while the cost is low, the risk of them being vulnerable to attacks is high.

Kids, in particular, are easy targets for cybercriminals because they lack awareness of tell-tale warning signs that something is off when browsing the web. Cybercriminals can also hone in on where kids are the most vulnerable and unassuming online -think chat rooms, online video games, and social media.

To get ahead of this, it’s worth being proactive about teaching your kids online safety habits so that when they do encounter a new device, network, or challenge, they have a set of safety habits in place to make smart digital decisions.

Here are some 5 cybersecurity habits to teach your kids about cyberthreats and sharing online to start practicing:

  1. Know where your devices are at all times. Kids are notorious for leaving or forgetting their belongings. It’s vital to teach your kids to be extra careful about not leaving their devices unattended. Bad actors are always on the lookout to steal devices because when they get one, they have unlimited access to personal information.  Teach your kids the importance of keeping their mobile device in a secure place.
  2. Beware of what you’re clicking on. Teach your kids what “phishing” means and help them understand what “phishy” links or messages might look like across email or social media. One accident could lead to a case of stolen identity.
  3. Keep your social media in check. Social media can be fun, but it’s also a source of concern. Teach your kids not to accept friend requests or followers if they don’t personally know them.  Also, keep a close eye on all your child’s accounts and set their privacy settings to the highest level possible to avoid compromising data. Turn off location services on all their devices so people can’t track them. Similarly, teach them not to give out their location when they are posting so people can’t follow them to a real-world location.
  4. When it comes to passwords, sharing isn’t caring. Kids love to chat. Teach your kids that passwords are private and should be kept to themselves unless there is family involved. It is also important to teach them to set up a unique, unbreakable password (i.e. not using their name and changing the factory settings on new purchases). Lastly, start imprinting the habit of changing passwords every so often so it’ll stick with them their entire lives.
  5. Stay on a secure network. If your child can connect to Wi-Fi, teach them the importance of finding a secure network to avoid unnecessary vulnerabilities.

By starting these conversations early and teaching your kids or teens these basic tips, they’ll be set up for success and over time, can learn to turn these regular safety habits.

Interested in learning more about IoT and mobile security tips and trends? Stop by ProtectWhatMatters.online, and follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post Back to School: 5 Cybersecurity Habits to Teach Your Kids appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/back-to-school-cybersecurity-habits-for-kids/feed/ 0
Back to School: Cybersecurity in the Classroom https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/back-to-school-cybersecurity-in-the-classroom/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/back-to-school-cybersecurity-in-the-classroom/#respond Mon, 13 Aug 2018 13:00:03 +0000 https://securingtomorrow.mcafee.com/?p=90848 It’s hard to believe that summer is coming to an end and that back-to-school time is around the corner. For some kids, that means cyberbullies are traded in for school bullies and social engagement will turn into in-person interactions. But for others — dubbed Extreme Internet Users — the screen stays. When it comes time […]

The post Back to School: Cybersecurity in the Classroom appeared first on McAfee Blogs.

]]>
It’s hard to believe that summer is coming to an end and that back-to-school time is around the corner. For some kids, that means cyberbullies are traded in for school bullies and social engagement will turn into in-person interactions. But for others — dubbed Extreme Internet Users — the screen stays. When it comes time to go back to the classroom, the six hours or more a day these kids spent online during summer may be curtailed in favor of educational screen time instead.

Every year around this time, I reflect on how much has changed for children, especially when it comes to mobile devices in the classroom. This trend has become increasingly popular and, on the rise, as technology has improved, education adapts to rapid changes, and our world becomes more interconnected. Either these devices are given to kids or their classrooms by their school, or parents are encouraged to purchase one for their child to help support internet research and to digitize note-taking and homework.

Regardless of whether you’re a technophile or technophobe when it comes to leveraging screens in education, one thing is for sure – their presence in learning environments is here to stay. And with this shift, security is of the utmost importance.

Since January 2016, there have been 353 cybersecurity incidents in the United States related to K-12 public schools and districts. These attacks range include phishing, ransomware, DoS attacks and breaches that have exposed personal data. However, the question – what motivates cybercriminals to target schools? – still persists. The answer is complex, because what cybercriminals could exploit depends on what they want to accomplish.  Extorting school faculty, hacking private student data, disrupting school operations, or disabling, compromising, or re-directing school technology assets are all regular tools of the trade when it comes to hacking schools.

You may not be able to control how your child’s school thinks about cybersecurity, but you can take matters into your own hands. There are steps you can take to make sure your child is ready to face the school year head-on, including protecting their devices and their data.

  • Start a cybersecurity conversation. Talk with school faculty about what is being done in terms of a comprehensive cybersecurity plan for your child’s school. It’s worth starting the conversation to understand where the gaps are and what is being done to patch them.
  • Install security software on all devices. Don’t stop at the laptop, all devices need to be protected with comprehensive security software, including mobile devices and tablets.
  • Make sure all device software is up-to-date. This is one of the easiest and best ways to secure your devices against threats.
  • Teach your child how to connect securely on public Wi-Fi networks. Public Wi-Fi networks are notoriously used as backdoors by hackers trying to gain access to personal information. If Wi-Fi is absolutely necessary, ensure the network is password protected. However, if you want a secure encrypted connection, consider using a virtual private network (VPN).
  • Designate a specific date and time for regular data back-ups. If ransomware hits, you won’t have to pay to get your child’s information back. You can back up that personal data to a physical external hard drive or use an online backup service, such as Dropbox or Google Drive. That way you can access your files even if your device gets compromised.
  • Understand your child’s school bring your own device (BYOD) policy. Each school is different when it comes to BYOD and understanding your child’s school policy will save you a headache down the road. Some schools buy devices for students to rent, with parents having to pay for any incidentals, and some ask parents to buy the devices outright. Take the time to understand your child’s school policy before accidents happen.

Interested in learning more about IoT and mobile security tips and trends? Stop by ProtectWhatMatters.online, and follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post Back to School: Cybersecurity in the Classroom appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/back-to-school-cybersecurity-in-the-classroom/feed/ 0
Are Fake Apps Taking Over Your Phone? https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/fake-apps-taking-over-phone/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/fake-apps-taking-over-phone/#respond Tue, 24 Jul 2018 13:00:48 +0000 https://securingtomorrow.mcafee.com/?p=90443 It seems some malicious app developers have taken the phrase “fake it ‘til you make it” to heart, as fake apps have become a rampant problem for Android and iPhone users alike. Even legitimate sources, such as Google Play and Apple’s App Store, have been infiltrated with illegitimate applications, despite their own due diligence in […]

The post Are Fake Apps Taking Over Your Phone? appeared first on McAfee Blogs.

]]>
It seems some malicious app developers have taken the phrase “fake it ‘til you make it” to heart, as fake apps have become a rampant problem for Android and iPhone users alike. Even legitimate sources, such as Google Play and Apple’s App Store, have been infiltrated with illegitimate applications, despite their own due diligence in combating this phenomenon.

After downloading a fake app, cybercriminals leverage ransomware or malware through ads to run in the background of your device to do damage, making it difficult to notice something’s off. But while you’re minding your own business, your personal data –such as usernames, photos, passwords, and credit card information– can be compromised.

Malicious apps have become more challenging to detect, and even more difficult to delete from a device without causing further damage. The trend of fake apps shows no sign of slowing down either, as bad actors have become more brazen with the apps they work to imitate. From Nordstrom to Fortnite to WhatsApp, it seems no business or industry is off limits.

Luckily, cybercriminals have yet to figure out a sure-fire way to get their fake apps onto our devices. By paying extra attention to detail, you can learn to identify a fake app before downloading it. Here’s how:

  • Check for typos and poor grammar. Double check the app developer name, product title, and description for typos and grammatical errors. Malicious developers often spoof real developer IDs, even just by a single letter, to seem legitimate. If there are promises of discounts, or the description just feels off, those signals should be taken as red flags.
  • Look at the download statistics. If you’re attempting to download a popular app like WhatsApp, but it has an inexplicably low number of downloads, that’s a fairly good indicator that an app is most likely fraudulent.
  • Read what others are saying. When it comes to fake apps, user reviews are your ally. Breezing through a few can provide vital information as to whether an app is authentic or not, so don’t be afraid to crowdsource those insights when you can.

If you do find yourself having accidentally downloaded a fake app, there are steps you can take to rid your phone of it. Here’s what to do:

  • Delete the app immediately or as soon as you notice anything suspicious. If you can’t find it, but you’re still having issues, the app could still be on your device. That’s because, in the interest of self-preservation, fake apps can try and protect themselves from disposal by making their icon and title disappear. If that happens, go to your installed apps page(s) and look for blank spaces, as it may be hiding there.
  • Check the permissions. After installation, check the app’s permissions. Fake apps usually give long lists of frivolous requests in an effort to get access to more data.
  • Clear the app’s cache and data. If you do find the app you want to delete, this is the first step you must take in order to get the app completely off your phone.
  • Take it into your provider. If you’re still having issues after you’ve deleted an app, consider taking your device into your provider to run a diagnostic test.
  • Factory reset. As a last resort, if you can’t find the app because it has “disappeared,” or traces of the app and malware linger, the best way to ensure it is completely gone is to wipe the data, factory reset your device, and start over. This is why it is vital to have backups of your devices.

Even as this ever-growing trend of malicious developers spoofing legitimate applications to gain access to victims’ personal information continues, we can deter their advances simply by paying closer attention to detail. Remember to be vigilant about being aware of the signs to avoid fake apps at all costs.

Interested in learning more about IoT and mobile security tips and trends? Stop by ProtectWhatMatters.online, follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post Are Fake Apps Taking Over Your Phone? appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/fake-apps-taking-over-phone/feed/ 0
Time to Take a Good, Hard Look at Your Cybersecurity Health https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/cybersecurity-health/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/cybersecurity-health/#respond Tue, 10 Jul 2018 13:00:20 +0000 https://securingtomorrow.mcafee.com/?p=90258 What happens when your livelihood is at stake, thanks to someone stealing your identity or draining your account? The real-life possibilities are nerve-wracking, to say the least. The constant barrage of cyberthreats we face as consumers today is exhausting. Just this month, two major situations were revealed.  A Florida marketing firm, Exactis, had their database […]

The post Time to Take a Good, Hard Look at Your Cybersecurity Health appeared first on McAfee Blogs.

]]>
What happens when your livelihood is at stake, thanks to someone stealing your identity or draining your account? The real-life possibilities are nerve-wracking, to say the least. The constant barrage of cyberthreats we face as consumers today is exhausting. Just this month, two major situations were revealed.  A Florida marketing firm, Exactis, had their database on a publicly accessible server. The information exposed ranged from phone numbers, home, and email addresses to the number, age, and gender of a customer’s children. As of now, social security numbers and credit card data have not been leaked. However, what makes this breach particularly anxiety-inducing is that now cybercriminals have the ability to improve the success rate of socially engineered attacks. For example, phishing attacks could become rampant through social media and email.

To add insult to injury, last week, researchers found a way to discover everything you type and read on your phone simply by studying the differing power levels of a smart battery. By implanting a micro-controller into a phone’s battery, they could record the power flowing in and out of the device. Then, with the use of AI, power flows were matched with specific keystrokes. Using this technique, the researchers proved that cybercriminals could record passwords, monitor website activity, access call records, and know the last time the camera was used. Smart batteries are attractive targets because they are not as secure as your phone. In fact, they expose all personal data. While the possibilities are stressful, the good news is that this attack remains theoretical.

The seemingly endless string of security events and the stress they cause can take a serious toll on our well-being. While we can’t prevent breaches from occurring, it’s important to remember that we can be prepared to take the right steps to minimize any damage when one hits. Whether we’re dealing with the repercussions of a data breach, or adapting to new vulnerabilities, developing positive security habits can help improve and maintain your digital health. Taking care of your mobile devices to ensure they remain secure – and therefore optimally functional – is like taking care of your own well-being; to maintain cybersecurity health, you have to perform basic upkeep.

To help you prepare in advance for the next data breach and ensure your device remains in good cybersecurity health, here are some habits you should consider picking up, stat:

  • Be aware of your surroundings. Mindfulness is a habit that can be developed, provides almost instant results, can support longevity, general awareness and well-being. We can learn a lot from mindfulness when it comes to cybersecurity. By taking a little bit of time to be aware of our surroundings, we can prevent vulnerabilities and potential threats simply by paying attention.
  • Set up alerts. Just like going to a doctor regularly for check-ups, you should “check-up” on your accounts. Not all data breaches expose financial data, but personal data that is leaked can still be used to access your financial accounts. Talk with your bank or financial planner about setting up a fraud alert on your cards to maintain control of your accounts.
  • Stay away from untrustworthy emails or messages. The mantra “no bad vibes” is surprisingly full of wisdom. Ridding your life of energy suckers and toxic people supports health – and the same goes for malicious messages. If you see a suspect item from an unknown source in your inbox or via a direct message or comment on social media, do not click on the message. If you do open it, be sure not to click on any links. To be safe, delete the email or message altogether.
  • Avoid public Wi-Fi when possible. Just as sleep is a panacea of sorts that helps to fight off bugs, giving your phone a break from public Wi-Fi is one of the best things you can do to ensure your cybersafety. The use of public Wi-Fi can offer cybercriminals a backdoor into your phone. By spoofing a legitimate website, they can gain access to your sensitive information. Give your device a much-needed break until you can use Wi-Fi you trust, you’ll save yourself a serious headache.
  • Switch up your passwords. It’s been said that variety is the spice of life, the secret to a happy relationship, and a way to stay engaged and aware in old age. The same is true when it comes to your passwords. When you mix it up, you keep cybercriminals guessing. Passwords are your data’s first defense against cybercriminals. Be sure to change them every so often and never use “1234” or “password.” If remembering a difficult password or remembering a multitude of them is hard, consider using a password manager.
  • Consider investing in identity theft protection. Vitamins are excellent supplements to a healthy diet, adding in additional nutrition when and where you need it — but not meant to be taken as the sole way to maintain health. Identity theft protection can be a supplement of sorts to your already positive security habits. With McAfee Identity Theft Protection, users can take proactive steps toward protecting their identities with personal and financial monitoring and recovery tools.

The power of habit actually dictates 40% of our day. As with your body and mind, the more you create healthy, positive habits, the easier it is to maintain health. The same is true for your security “health.” The more you express safe habits, the easier it will become and the safer you will be – both in the short and long term.

Interested in learning more about IoT and mobile security tips and trends? Stop by ProtectWhatMatters.online, and follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post Time to Take a Good, Hard Look at Your Cybersecurity Health appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/cybersecurity-health/feed/ 0
A Traveler’s Guide to International Cybersecurity https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/travelers-guide-to-international-cybersecurity/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/travelers-guide-to-international-cybersecurity/#respond Tue, 26 Jun 2018 13:00:01 +0000 https://securingtomorrow.mcafee.com/?p=90079 When you think of the most valuable thing you could lose while traveling, what comes to mind? Your suitcase, wallet, passport? What comes to my mind is my mobile device. Especially while traveling abroad, my mobile device is my lifeline and is essentially the remote control to my digital life. What many international travelers do […]

The post A Traveler’s Guide to International Cybersecurity appeared first on McAfee Blogs.

]]>
When you think of the most valuable thing you could lose while traveling, what comes to mind? Your suitcase, wallet, passport? What comes to my mind is my mobile device. Especially while traveling abroad, my mobile device is my lifeline and is essentially the remote control to my digital life.

What many international travelers do not realize is that their devices are often more vulnerable when taking a long-distance trip. Because they store and transmit our personal information – from website logins to banking information – these devices are much more valuable than the contents of your wallet or suitcase. Especially while you’re abroad and not used to your surroundings, pickpockets and cybercriminals can prey on your vulnerability to steal or infect your devices. Luckily, there are cybersecurity precautions you can take before, during and after international travel to ensure your information stays safe.

Before Travel

First and foremost, you have to get your device security in order before you hit the skies or hit the road. Now is the time to be proactive, not reactive, when it comes to protecting your information. The best thing to do would be to leave your devices at home where you know they will be safe. However, that’s unrealistic for most people, since we’re tethered to our mobile gadgets. So at the very least, before you head on your trip, make sure to:

  • Clean up your device. Clear your browser history and delete cookies.
  • Consider deleting apps that you don’t use altogether to avoid unnecessary vulnerability.
  • Encrypt any personal data to ensure that information stays protected. Back up any files to an external hard drive or desktop if your encryption fails.

During Travel

Whether you’re home or abroad, it’s important to always be vigilant and aware of your surroundings, both online and in-person. While device theft is uncontrollable, you can control how and where you use your devices. When you’re traveling internationally, public, free Wi-Fi is sometimes the only option for service. Unfortunately, it can be exploited by cybercriminals as a gateway to your devices. By spoofing legitimate Wi-Fi networks, these nefarious folks could gain access to sensitive data and private accounts and potentially request money for the return of your information, making public Wi-Fi the biggest threat to your cybersecurity. To avoid being compromised, be sure to:

  • Mitigate risk and avoid making online purchases or accessing bank accounts while using public Wi-Fi.
  • Use your smartphone to create a personal hotspot, if you are in dire need of an internet connection.
  • Use a Virtual Private Network (VPN) to encrypt any data you may receive while on your trip.

After Travel

Arriving home after travel is an already exhaustive experience – don’t exhaust your device by bringing any malware back with you. Remember that if you connected to local networks abroad, your mobile devices may have been susceptible to malware. So, in order to help your device be ready for its return back home, follow these tips:

  • Update your software. By updating your apps when prompted, you’ll ensure you have the latest patch and avoid any vulnerabilities that may have surfaced while you were away.
  • Delete travel apps you needed for your trip but no longer use. These can store personal information that can be accessed if they are not regularly used or updated.
  • Reset your passwords, pins and other credentials you may have used while abroad, regardless if you think you were compromised or not. Changing them will render the stolen credentials useless.

Interested in learning more about IoT and mobile security tips and trends? Stop by ProtectWhatMatters.online, and follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post A Traveler’s Guide to International Cybersecurity appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/travelers-guide-to-international-cybersecurity/feed/ 0
5 Tips to Stay Safe While Searching the Web https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/5-safety-tips-while-searching-the-web/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/5-safety-tips-while-searching-the-web/#respond Tue, 12 Jun 2018 13:00:27 +0000 https://securingtomorrow.mcafee.com/?p=89557 The internet is infinitely expansive, but that’s often easy to forget as we now have immediate access to it in the palm of our hands. We feel safe scouring the digital world from the comfort of our homes, offices, or local coffee shops, but there is real danger lurking behind those virtual walls. It’s no […]

The post 5 Tips to Stay Safe While Searching the Web appeared first on McAfee Blogs.

]]>
The internet is infinitely expansive, but that’s often easy to forget as we now have immediate access to it in the palm of our hands. We feel safe scouring the digital world from the comfort of our homes, offices, or local coffee shops, but there is real danger lurking behind those virtual walls. It’s no longer science fiction to say that cybercriminals use the internet to infiltrate the Internet of Things (IoT) and our mobile devices. Today’s reality includes hacks, phishing scams, malicious sites, and malware, just to name a few. This world of hyper-connectivity has left us exposed to far greater threats than we could have ever imagined.

According to a recent Pew Research Center survey, 77% of American adults own a smartphone, up from 35% just six years ago. Whether we’re traveling, working, or just having fun, our mobile devices — tablet, smartphone, or laptop — are within reach at all times. Our gadgets make it easier to connect with the world, but they also store tons of sensitive information about our lives. Yes, we may use our devices to talk and text, but we also use applications on those devices to access banking information, share our location, and check emails. This wealth of personal information on an easily hackable device should galvanize us to ensure that data stays out of the hands of cybercriminals. From ransomware to phishing scams, the numerous threats that can infect our IoT and mobile devices through the internet are ever-evolving menaces.

With the rise of IoT, the probability of a debilitating attack increases. Just like everything else online, IoT devices are one part of a massively distributed network. The billions of extra entry points that IoT devices create make them a greater target for cybercriminals. In 2016, this fact was proven and executed by the Mirai botnet, a malware strain that remotely enslaved IoT objects for use in large-scale attacks designed to knock websites and entire networks offline. The authors of Mirai discovered previously unknown vulnerabilities in IoT devices that could be used to strengthen their botnet, which at its height infected 300,000 devices. While this is an extreme example, it is very much a reality that could happen again — only this time worse. These ever-present threats make it crucial to maintain proper cyber hygiene while using the internet.

With new threats appearing every day, the time to be proactive about your online safety is now. Don’t find yourself on the wrong side of the most recent internet threat; follow these tips to stay protected:

  • Secure your devices. Strong passwords or touch ID features are your first line of defense against cybercriminals stealing your sensitive information. With security measures in place, your data is protected in the case of your device being lost or stolen. And reset those default passwords — many of today’s exploits come from leveraging devices where the default settings were never changed.
  • Only use apps you trust. Information about you is collected through the apps you use. Think about who is getting that data and if you’re comfortable with how it could be used.
  • Be picky about what Wi-Fi you’re using. Hotspots and public Wi-Fi networks are often unsecured, meaning anyone can see what you’re doing on your device. Limit your activity and avoid logging into accounts that hold sensitive information. Consider using a virtual private network (VPN) or a personal/mobile hotspot.
  • Disable Wi-Fi and Bluetooth when not in use. Stores and other locations use this information to track your movements when you are in range. Both Bluetooth and Wi-Fi can also act as digital entrances into your phone. When it’s not absolutely necessary, consider turning it off.
  • Keep your devices and apps up-to-date. Having the most up-to-date software and applications is the best defense against threats. If an app is no longer in use, just delete it to ensure your devices clutter-free and no longer housing unsupported or outdated apps.

Interested in learning more about IoT and mobile security tips and trends? Stop by ProtectWhatMatters.online, and follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post 5 Tips to Stay Safe While Searching the Web appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/5-safety-tips-while-searching-the-web/feed/ 0
What the Mobile-Born Mean for IoT and Cybersecurity https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/mobile-born-iot-cybersecurity/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/mobile-born-iot-cybersecurity/#respond Tue, 05 Jun 2018 13:00:52 +0000 https://securingtomorrow.mcafee.com/?p=89306 Since before they knew how to walk, Gen Z – or the mobile-born generation – has had a wealth of information, quite literally, at their fingertips. Their lives are exponentially hyper-connected with social media, music, ride sharing, shopping, and more, all through their mobile devices. But Gen Z’s haste to be on the cutting edge […]

The post What the Mobile-Born Mean for IoT and Cybersecurity appeared first on McAfee Blogs.

]]>
Since before they knew how to walk, Gen Z – or the mobile-born generation – has had a wealth of information, quite literally, at their fingertips. Their lives are exponentially hyper-connected with social media, music, ride sharing, shopping, and more, all through their mobile devices. But Gen Z’s haste to be on the cutting edge of technology and trends can often leave them arrogant to the security implications. They prioritize personalization over privacy and willingly share personal data so they can have a more predictive and personalized experience, without the same sense of security awareness as that of previous generations. Through increased data sharing, and the modern-day usage of social media, the mobile-born could be naively exposing themselves, and loved ones, to security issues they don’t fully realize or understand.

Social Media

Apps such as Snapchat and Facebook constantly know where consumers are located through default settings, geotagging photos, and videos, “checking in” to reap promotional rewards or to just show off their latest experiences. This may not seem pressing, but in actuality, it tells people where you are at any given moment and, depending on your privacy settings, this information could get out to audiences that it wasn’t intended for. If you posted a picture while at home, you are likely taking a GPS location snapshot and potentially letting your home address get into the wrong hands. The metadata within your photo can now be used by cybercriminals to track where you live, opening up your home and devices to a slew of cybersecurity concerns. Geotagging can be fun and beneficial, but issues arise when user data is distributed unknowingly.

Furthermore, past generations have learned the hard way that once something is on the internet, it’s nearly impossible to get it back. We’ve gotten into the habit of oversharing our experiences online – whether mere photos of friends, our pets, birthday celebrations or the address of your favorite spot to hang out on the weekends, you may be giving the keys to all of your data. How does this seemingly harmless series of posts affect personal security? A combination of the information being shared on these social media sites can also be utilized to crack common passwords.

Passwords

Another common theme among Gen Z is poor password hygiene. There is more importance placed on ease and convenience rather than data security. Passwords are often the weakest entry point for hackers and, according to a recent McAfee survey, nearly a quarter of people currently use passwords that are 10 or more years old. While Post-Millennials may not have passwords that old, they still display poor password hygiene by reusing the same credentials among multiple online sites and granting login access to third-party applications through networking platforms like Facebook.

If a cybercriminal cracks one password, they now have the skeleton key to the rest of your digital life. Passwords are our data’s first defense when it comes to cybercriminals, so by differentiating passwords across several accounts or using a password manager, Gen Z-ers can make sure the proper precautions are in place and better defend against unwanted access.

Public Wi-Fi

The mobile-born generation has a totally new outlook on digital experiences and their connection to the online world. They expect to have free, authentic, and secure Internet provided to them at all times, without having to take the necessary security precautions themselves. The internet isn’t just a tool for these digital natives, but rather a way of life and with that expectation, they will connect to public Wi-Fi networks without a second thought toward who’s hosting it and if it’s secure.

If they head to the library or a coffee shop to do homework or stream a video while out to lunch, they’re likely connecting to an unsecured public Wi-Fi network. Connecting to public Wi-Fi can be an easy data/money-saving trick for those on a family shared data plan, but it may be one that puts your data at risk. Much like all individuals have a social security number, all devices have a unique Internet Protocol (IP) address being tracked by Internet Service Providers (ISPs). This allows a device to communicate with the network, but if it’s doing so insecurely, it can act as a watering hole for cybercriminals to eavesdrop, steal personal information, and potentially infect devices with malware.

Educating the Next Generation

Whether it’s ignorant use of social media, poor password protection or careless connection to the internet, the iGeneration does not show the same level of security knowledge or experience as previous generations. Maybe they just don’t know about the various threats out there, or they don’t have the proper education to be using their devices and the internet safely, but it’s our duty to educate our kids about the implications of cybercriminals, privacy breaches, and data exploits to ensure proper cyber hygiene for years to come.

Consider these tips when setting ground rules for keeping you and your family safe:

  • Parental Controls. While these may be a nuisance sometimes, they are also a necessity in keeping you and your children safe from malicious sites. Consider using McAfee Secure Home Platform to ensure your family’s security while in the home.
  • Turn off geolocation. In ‘Settings’ on your device, you can select which apps are allowed to use your location. Make sure only the ones you know you can trust are selected.
  • Restrict access to your information. If you go into your browser, you can adjust your privacy settings to delete information from your browsing history (i.e. cookies, history, saved passwords, or banking information).
  • Install a Virtual Private Network (VPN). A personal VPN extends a private network across a public Wi-Fi network to help secure and encrypt your data and keep your connections safe. Software like McAfee Safe Connect can help protect your data at home and on the go.
  • Talk with your children. Understanding that their personal information is invaluable is the first step towards creating and maintaining safe online habits.

Interested in learning more about IoT and mobile security tips and trends? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post What the Mobile-Born Mean for IoT and Cybersecurity appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/mobile-born-iot-cybersecurity/feed/ 0
America’s Dirty Little Secrets: Opening the Door to Protected Data https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/dirty-little-secrets-protected-data/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/dirty-little-secrets-protected-data/#respond Wed, 23 May 2018 13:00:23 +0000 https://securingtomorrow.mcafee.com/?p=89021 It’s 2018. Digital assistants have started taking over our homes, with adoption growing tenfold. These smart speakers know everything about us, from our shopping habits to our music tastes — they likely know more about our daily lives than we do. This ever-growing, ever-changing relationship between humans and devices highlights the importance of protecting data […]

The post America’s Dirty Little Secrets: Opening the Door to Protected Data appeared first on McAfee Blogs.

]]>
It’s 2018. Digital assistants have started taking over our homes, with adoption growing tenfold. These smart speakers know everything about us, from our shopping habits to our music tastes — they likely know more about our daily lives than we do. This ever-growing, ever-changing relationship between humans and devices highlights the importance of protecting data – verbal or otherwise – in the home. With connected devices using our personal data to be the most comprehensive in-home assistants possible, we need to prioritize Internet of Things (IoT) security, awareness and the implications of using such devices.

It’s estimated that by 2022, over half of U.S. households will have at least one smart speaker in their home — that’s over 70 million households, topping 175 million installed devices. These devices are aimed at making our lives easier and more convenient than ever before, but to do so they require that we willingly share access to our personal and private information. Whether it’s banking and home address stored directly on the device, or learnings it’s picked up from our conversations, the amount of private data that these devices carry opens up a new array of threats. New research from McAfee reveals that 60% of Americans have considered their digital assistants could be recording or listening to them. If so, what are the security implications of using a digital assistant?

From answering a quick question to ordering items online, controlling the lights, or changing thermostat temperature, digital assistants have become a pseudo-family member in many households, connecting to more IoT things than ever before. But if one of these devices is breached, it can open up an entire home Wi-Fi network and our valuable information could get into the wrong hands. Beyond this, many Americans have developed a very personal relationship with their devices, with 50% admitting to being embarrassed if friends or family knew what questions they asked their digital assistants. Now imagine if any of that information fell into the hands of cybercriminals — it could open the door to your personal data and threaten your family’s security.

In addition to the sensitive data that our smart speakers have stored, and the conversations they may or may not be recording, there are other security risks associated with this technology in the home. In 2016, it was determined that music or TV dialogue could take control of our digital assistants with commands undetectable to human ears. Known as the “Dolphin Attack,” this occurrence essentially hides commands in high-frequency sounds that our assistant-enabled gadgets can detect, but we are unable to hear. Instances of TV commercials activating digital assistants have already been reported, so we can see how this technique could be quite easy for cybercriminals to imitate if they wanted to access our smart homes’ network.

The growing trend of connecting these always-listening assistants to our home appliances and smart home gadgets is only exacerbating these concerns. Aside from digital assistants, other IoT devices such as game consoles, home security systems, thermostats, and smartphones may be at risk and must be secured to avoid becoming targets for cybercriminals. We must proceed with caution and be aware of who, or what could be listening in order to protect ourselves accordingly. Whenever bringing any kind of new, connected device into the home, prioritize safety and privacy.

Here are some top tips to securely manage the connected devices in your home:

  • Vary your passwords. Create passwords that are difficult to crack to ensure accounts are secure and update your passwords on a regular basis. Use multi-factor authentication whenever possible. Simplify password management by using a password manager.
  • Consider setting up a PIN code. Particularly for voice command purchases. Help keep cybercriminals away from your data by setting up an extra layer of security.
  • Invest in a router that delivers security for all your connected devices. It’s important to secure your entire connected home network. And the launch of McAfee Secure Home Platform skill for Alexa is set to make this easier and more convenient than ever before.

Technology is changing our everyday lives but being aware of the security concerns is the key to becoming an empowered consumer.

Interested in learning more about IoT and mobile security tips and trends? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post America’s Dirty Little Secrets: Opening the Door to Protected Data appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/dirty-little-secrets-protected-data/feed/ 0
You, Your Company, and BYOD: A Love Triangle https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/you-your-company-and-byod/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/you-your-company-and-byod/#respond Tue, 08 May 2018 13:00:21 +0000 https://securingtomorrow.mcafee.com/?p=88761 BYOD, or bring your own device, has become the new normal in the corporate workplace. But with this convenience comes impending security concerns. Although BYOD costs companies less, mobile devices are often used without proper security measures in place. This makes it difficult for employers to determine how much access employees should receive to company […]

The post You, Your Company, and BYOD: A Love Triangle appeared first on McAfee Blogs.

]]>
BYOD, or bring your own device, has become the new normal in the corporate workplace. But with this convenience comes impending security concerns. Although BYOD costs companies less, mobile devices are often used without proper security measures in place. This makes it difficult for employers to determine how much access employees should receive to company networks. The more access an employee has to company networks, the more opportunities for not only their personal information becoming vulnerable, but company data as well. With BYOD becoming more prevalent in the workplace, it is vital companies and employees understand the perks and security concerns that are associated with BYOD and take necessary steps to ensure personal devices and company information is protected.

BYOD can offer some really great perks: 1) employers spend less on technology and providing devices to employees thus saving the company money and 2) you get to use your own device(s) with which you are already accustomed to. Your company may already allow BYOD in your office, but do you know the associated security risks? They are complicated. Three looming concerns of BYOD that companies and employees should be addressing are accessibility to company data, lost or stolen devices, and overall maintenance. Let’s delve into why these concerns are the most pressing.

  1. Accessibility. The overarching question of BYOD is who gets access to company data on their personal devices, when and where? For example, if you are at a meeting, outside of the office and you are on a limited-access BYOD policy with your employer, you would only be able to access work email and contact but nothing stored on the company servers. If your client asks to see a specific document hosted on your company server during the meeting, you won’t be able to access it because it is sensitive and lives on the private severs. This is where BYOD backfires for the employee.
  2. Lost or stolen devices. A personal device that contains confidential company information poses a huge security threat if it is lost or stolen, and begs the question: who is responsible for retrieving the device and/or data? What is the proper response to this sort of breach? It is your personal device, with both personal and company data, so should it be locked, tracked and retrieved, or completely wiped immediately? There is no clear or correct answer, which is why companies need a clear BYOD policy and culture of security that fits both parties’ needs.
  3. Maintenance and malware. Frequency of device maintenance, software updates and uniformed app downloads can open the door to a slew of security vulnerabilities. Organizations have a hard-enough time implementing their own software across the corporate network, let alone ensuring all employees are adhering to the required software updates from device operating systems and applications. With the breadth of different phones and tablets being used around the globe, it can be nearly impossible to keep track of employees’ security posture on their personal devices.

Without the right security measures in place, there is the possibility of malware being downloaded through sketchy apps or unpatched versions of software, which could be transferred onto corporate servers depending on the employee’s access level. McAfee Labs detected over 16 million mobile malware infestations in the third quarter of 2017 alone, nearly doubling the number one year previously. This uptick in cyberattacks on mobile devices illustrates the importance of comprehensive cybersecurity policies across the board.

So how do you protect yourself when it comes to using your smartphone or tablet for both business and pleasure? Here are a few tips:

  • Practice discretion when alternating between personal and business tasks on your mobile device. Separate the two by using different, verified apps for company and personal uses to maintain safety.
  • Avoid downloading apps from third-party vendors that could make your device prone to malware, and always check permissions of any apps before downloading, particularly those that ask for to access to your device’s data.
  • Regularly update your device to ensure they are equipped with vital patches that protect against flaws and bugs that cybercriminals can exploit.
  • Avoid accessing data-sensitive apps on your device over public Wi-Fi. Cybercriminals could use this as an opportunity to take a look at your mobile data.
  • Keep your personal and work information secure with comprehensive mobile security, such as McAfee® Mobile Security, that will not only scan your device for viruses and threats but also help you identify apps that are accessing too much of your valuable personal information.

McAfee is the device-to-cloud cybersecurity company helping to secure data at all levels, on all devices. We’re helping you stop threats and protect your data wherever it resides, from your fingertips to the skies, enabling you to protect what matters on your digital journey.

 

The post You, Your Company, and BYOD: A Love Triangle appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/you-your-company-and-byod/feed/ 0
Security Calling: Celebrate National Telephone Day by Securing Your Mobile Devices https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/national-telephone-day-2018/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/national-telephone-day-2018/#respond Tue, 24 Apr 2018 13:00:03 +0000 https://securingtomorrow.mcafee.com/?p=88573 April 25 – otherwise known as National Telephone Day – rolls around once a year to remind us of the sheer technologic prowess and influence of the phone. What first started as an industrial revolution invention from Alexander Graham Bell, the phone has undergone quite a remarkable evolution over its nearly 150 years of existence. […]

The post Security Calling: Celebrate National Telephone Day by Securing Your Mobile Devices appeared first on McAfee Blogs.

]]>
April 25 – otherwise known as National Telephone Day – rolls around once a year to remind us of the sheer technologic prowess and influence of the phone. What first started as an industrial revolution invention from Alexander Graham Bell, the phone has undergone quite a remarkable evolution over its nearly 150 years of existence. When people say the word ‘phone’ today, the device they’re talking about is widely different. The phone of the past has become the gateway into our digital identities and now holds the keys to all the connected things in our homes. As dependency on our mobile devices continues to grow, potential cyberthreats and need for mobile security does as well.

Consumers have been quick to adopt mobile phones, more so than at any point in the telephone’s storied history. It’s estimated that 95% of Americans own a cell phone today. This goes to show that the phone has not only become an instrumental device in today’s society, but it also speaks to how it has evolved beyond its initial capabilities to serve as a device that contains our digital persona. A phone is no longer a convenient piece of equipment but a fundamental element of many people’s lifestyles, so much so that many can’t even unplug while on vacation—only 27% say they’re unwilling to leave their smartphones at home when on vacation. As today’s world becomes more digital and interconnected, our mobile phones are at the heart of this transformation.

Of course, with any device that contains this much power and influence, the mobile phone has also become the target of cybercriminals and hackers, making mobile security a cause for much concern. McAfee Labs detected over 16 million mobile malware infestations in the third quarter of 2017, and new threats continue to emerge around the world, most of which target a consumer’s money. However, according to a recent CES Survey, 52% of respondents are either unsure of or have no idea how to check to see if their mobile devices and apps are secure against these kinds of threats—which is worrisome considering these latest mobile trends:

  • More targeted attacks – Following the money, a global spike in banking Trojans has occurred, targeting large multinationals and small regional banks.
  • Virtual bank robberies – With the growing interest in cryptocurrencies, cybercriminals are attempting virtual bank robberies by distributing fake mobile wallets and targeting the cryptocurrency industry.
  • States using malware – North Korean dissidents and journalists using the popular South Korean chat app KakaoTalk were recently targeted in a State-instigated malware attack, with the aim of implanting spyware on the victim’s device.
  • Persistent threats – The increasing proliferation of Internet of Things (IoT) devices are significantly heightening the threat landscape, increasing the number of possible points of attack.

In order to feel safe and secure when you shout “Call me, maybe!”, take some time out of whatever festivities you may have planned for National Telephone Day to consider these tips on how to keep your mobile phones and devices secure:

  • Update regularly – Regularly updating your devices helps ensure they are armed with critical patches that protect against bugs or flaws in their operating systems that cybercriminals can leverage. Though it’s very tempting to skip out on these updates, taking a few minutes to download them means you aren’t recklessly leaving your devices open for hackers. This also applies to apps on your phone as well.
  • Use a complex password – A complex password is a secure password, so there’s no excuse to skate by with your own birthdate or a “1234” code for your mobile devices anymore. It’s good practice to have distinct passwords for every device, even though it’s a bit more burdensome on you. Still, choosing a safe and secure password is always the priority. Be sure to throw in a mix of numbers and symbols to avoid making it easy for potential hackers.
  • Turn off geolocation – When it comes to geolocation or sharing your location with apps and other services on your phone, approach with caution. It’s a good rule of thumb to only activate geolocation permissions when it’s crucial for an app’s ability to work (i.e. Uber, Google Maps, etc.). Otherwise, hackers can start to uncover your exact whereabouts and understand your movement patterns.
  • Use security software – Finally, I can’t stress enough how important it is to use comprehensive security software to protect your mobile phones and devices from the inside out.

Interested in learning more about IoT and mobile security tips and trends? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post Security Calling: Celebrate National Telephone Day by Securing Your Mobile Devices appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/national-telephone-day-2018/feed/ 0
Kick Off Your Digital Spring Cleaning Efforts During World Backup Day https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/digital-spring-cleaning-world-backup-day/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/digital-spring-cleaning-world-backup-day/#respond Thu, 29 Mar 2018 14:00:13 +0000 https://securingtomorrow.mcafee.com/?p=88070 As spring blossoms into full-force, millions of people will start to shed the heavy baggage and gear that kept them warm during winter by partaking in a tried and true practice: spring cleaning.

The post Kick Off Your Digital Spring Cleaning Efforts During World Backup Day appeared first on McAfee Blogs.

]]>
As spring blossoms into full-force, millions of people will start to shed the heavy baggage and gear that kept them warm during winter by partaking in a tried and true practice: spring cleaning. While whipping yourself into a cleaning frenzy around your home, take a moment to extend your spring cleaning efforts into your digital environments as well. And there’s no better time to kick off a digital spring cleaning than during World Backup Day.

What exactly is World Backup Day? I’m glad you asked.

In today’s day and age, data is basically digital gold. It’s imperative to ensure your information is organized and backed up—not just for peace-of-mind, but to protect yourself against potential malware and ransomware threats. Still, a large number of people have never backed up their files, leaving themselves vulnerable to losing everything. In fact, this has become such a systemic problem that a whole day has been devoted to reversing this trend: World Backup Day. One of the main goals of the World Backup Day initiative is to reach people who have never backed their data up or people who aren’t even aware that data backups are a thing, let alone a crucial security measure.

For those who may not know, a backup is a second copy of all your important files and information, everything from photos and documents to emails and passwords. Storing all of that data in one place, like a personal computer or smartphone, is a woefully unsafe practice. Creating another copy of that data through a backup will ensure that it’s stored and kept safe somewhere else should catastrophe befall your personal mobile devices, or if they’re lost or stolen.

Data loss isn’t something that only happens to huge conglomerates or to unsuspecting victims in spy movies. Every individual is susceptible to data loss or theft, and backing up that data is an easy, relatively painless step to protect all of your personal information and prevent pesky hackers from truly swiping your stuff.

Think about it—if you’re targeted by a nasty piece of ransomware but have successfully performed a data backup, there’s absolutely no need for you to pay the ransom because you have a second, secure copy of all that data. It’s a simple preventative measure that can pay off big time should worse come to worst. Even the STOP. THINK. CONNECT. campaign, dedicated to increase awareness around cybersecurity and provide information to help digital citizens protect against malware, lists regular data backups as an important security action to safeguard yourself against cybercrime.

There are two main approaches to backing up your data: either in the cloud or on an external hard drive. A cloud-based backup solution is great for people who don’t want to actively back up their devices and data or worry about the space constraints that come with most external hard drives. Simply subscribing to one of these cloud solutions will do the trick—your device’s files and data will automatically be backed up and protected without you having to lift more than a finger. Cloud-based services typically come with a monthly fee, and you’ll need a good internet connection to access them. If your connection is wonky or the site is undergoing maintenance, it can be difficult to access your backed-up data.

With an external hard drive, you can manually back up all your data and files yourself onto a physical device that you have access to anytime, anywhere. These drives are extremely reliable and a great way to achieve data redundancy. An external hard drive doesn’t hinge on internet access like cloud-based services and is an easy fix when transferring data to a new device. However, using external hard drives requires a more hands-on approach when it comes to actually backing up your data. The responsibility falls upon you to regularly perform these backups yourself. Storage space can also pose a problem. Look for an external drive with at least a terabyte of space to accommodate all of your data, which tends to accumulate quickly.

Here are some other digital spring cleaning tips to consider this World Backup Day:

  • Play it extra safe and go both routes for a thorough backup by using an external drive and subscribing to a cloud-based solution. After all, it’s better safe than sorry when it comes to your personal data.
  • Back up data from your mobile devices onto a central laptop or personal computer for an added layer of security and protection. Then work on backing up these devices with one (or both) of the methods laid out above.
  • Have at least one backup of your initial backup as a fail-safe measure.
  • Test your ability to restore data from backups regularly to ensure your backups have been performed correctly and that they haven’t been compromised.
  • Back up your data with a process and system that’s simple and works best for you—there’s no need to over complicate it!

Interested in learning more about IoT and mobile security tips and trends? Follow @McAfee_Home on Twitter, and ‘Like’ us on Facebook.

The post Kick Off Your Digital Spring Cleaning Efforts During World Backup Day appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/digital-spring-cleaning-world-backup-day/feed/ 0
Key Mobile Threat Takeaways from the 2018 Mobile Threat Report https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/key-mobile-threat-takeaways-2018-mobile-threats-report/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/key-mobile-threat-takeaways-2018-mobile-threats-report/#respond Wed, 28 Feb 2018 14:00:20 +0000 https://securingtomorrow.mcafee.com/?p=84808 The term “mobile” has come to encompass a wide range of devices these days. Mobile devices have become much more than our Androids and iPhones. Wearable watches, tablets, even home devices all fall under the mobile umbrella of IoT and have the ability to impact our lives for better, or for worse. This rich IoT […]

The post Key Mobile Threat Takeaways from the 2018 Mobile Threat Report appeared first on McAfee Blogs.

]]>
The term “mobile” has come to encompass a wide range of devices these days. Mobile devices have become much more than our Androids and iPhones. Wearable watches, tablets, even home devices all fall under the mobile umbrella of IoT and have the ability to impact our lives for better, or for worse.

This rich IoT landscape holds the key to your digital identity, your connected home and potentially, even your kid’s digital future. Gartner predicts that by the year 2020, 20.8 billion connected devices will populate the consumer home. (Current global population is 7.6 billion people.) As these devices continue to increase in presence in our daily lives, it’s important to understand not only the convenience they offer, but the threats they pose as well.

With the dawn of an even more connected era fast approaching, we at McAfee are examining the mobile threats that might be waiting on the horizon. This year’s Mobile Threat Report, takes a deep dive into some significant trends that demonstrate just how these mobile platforms are targeting what’s most sacred to us – our home. Let’s take a look into some of the most common trends in mobile malware, and a few tips on how to protect your home.

Mobile Malware in the IoT Home  

According to Gartner, 8.4 billion connected “things” were in use last year, and chances are one or more of these devices is living in your home today. While many of these devices bring convenience and ease to the home, it’s important to note that they also significantly increase the risk of attack. Many of these devices are developed with innovation in mind, and little to no focus on – security. With that being said, everyday users of mobile devices have grown phenomenally, hence the increased need for security as the frequency of mobile attacks continues to grow.

DDoS Causes SOS  

IoT attacks such as Mirai and Reaper showed the world just how vulnerable smart homes and connected devices can be to malicious code. These attacks targeted millions of IoT devices with the intent of creating a botnet army from trusted connected items within the household.

The Mirai malware authors, leveraged consumer devices such as IP cameras and home routers to create a botnet army, launching distributed denial of service (DDoS) attacks against popular websites. By taking advantage of the low-levels of security on most home connected devices, this malware was able to seize control of millions of devices. All it had to do was guess the factory default password.

The “Reaper” malware strain also took advantage of limited security of many connected home devices. However, these malware authors evolved their tactics by looking for devices with known vulnerabilities to exploit and by implementing a set of hacking tools that showed greater sophistication. The IoT reaper clocked in as many as 2 million infected devices, at nearly ten times the rate as Mirai.

The evolution of the malicious code targeting mobile and IoT devices represents a growing threat to consumers who wish to embrace a culture of connected living. So how can we welcome these devices into our homes without opening the door to cyberthreats? Here are a few tips to consider:

  • Protect your devices, protect your home. As we continue to embrace a culture of smart homes and connected devices, it is also important for us to embrace internet security at a network level. With the presence of targeted attacks growing globally, we must remain vigilant in protecting our connected lives by making sure each individual device is secure, especially the home network. The MTR has dubbed 2018 as “The Year of Mobile Malware,” and very tech user should consider using a home gateway with built-in security to ensure every device in their home is protected.

 

  • Download apps with caution and update them regularly. Malware campaigns having been targeting users on the Google Play stores almost since its inception. In fact, McAfee recently discovered Android Grabos, one of the most significant campaigns of this year, found present within 144 apps on Google Play. Stay current on which applications are supported in your application store and update them regularly. If an app is no longer supported in the play store, delete it immediately.

 

  • Invest in comprehensive security. I can’t stress enough how important is to use comprehensive security software to protect your personal devices. Malware is constantly evolving with technology, so ensure your all of your devices are secured with built-in protection.

Interested in learning more about IoT and mobile security tips and trends? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post Key Mobile Threat Takeaways from the 2018 Mobile Threat Report appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/key-mobile-threat-takeaways-2018-mobile-threats-report/feed/ 0
Warning: Crypto-Currency Mining is Targeting Your Android https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/warning-crypto-currency-mining-targeting-android/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/warning-crypto-currency-mining-targeting-android/#respond Thu, 15 Feb 2018 15:00:13 +0000 https://securingtomorrow.mcafee.com/?p=84485 Cryptocurrency, a virtual form of currency designed to work as a secure form of exchange, has gained a lot of traction in the world of finance and technology. But for many, the concept of obtaining cryptocurrency, or “crypto-mining,” is obscure. Investopedia defines crypto-mining as, “the process by which transactions are verified and added to the […]

The post Warning: Crypto-Currency Mining is Targeting Your Android appeared first on McAfee Blogs.

]]>
Cryptocurrency, a virtual form of currency designed to work as a secure form of exchange, has gained a lot of traction in the world of finance and technology. But for many, the concept of obtaining cryptocurrency, or “crypto-mining,” is obscure. Investopedia defines crypto-mining as, “the process by which transactions are verified and added to the public ledger, known as the blockchain, and also the means through which new currencies such as Bitcoin and Ethereum are released.”

The practice has been around since 2009, and anyone with access to the Internet, the required programs and hardware can participate in mining. In fact, by the end of this month, Forbes Magazine will have published its first “Top Richest” list dedicated to Crypto Millionaires.

With the rise in popularity of digital currency, it’s no surprise that cybercriminals across the globe are leveraging malicious code to obtain it. Hackers would rather develop or utilize mining malware instead of paying the expensive price tag associated with mining machines, which can be upwards of $5000. In China, the ADB Miner malware is spreading and targeting thousands of Android devices for the primary purpose of mining cryptocurrency. The malware is spread through the publicly accessible Android Debug Bridge (abd) on an opened port 5555. This port is typically closed but can be opened by an ADB debug tool. Once infected, a device will look for other devices with the same vulnerability to spread the malware and leverage other Android-based smartphones, tablets, and televisions for crypto-mining.

So why are cybercriminals now targeting Android mobile devices? This could be due to the fact that hackers know they can easily manipulate vulnerabilities in Google Play’s app vetting system. Last year McAfee Mobile Threat Research identified more than 4,000 apps that were removed from Google Play without notification to users. Currently, the app store does not have consistent or centralized reporting available for app purchasers. Even if an app is supported by Google Play at the time of download, it could later be identified as malicious and Android users may be unaware of the fact that they’re harboring a bad app.

Researchers have found over 600 blacklisted malicious cryptocurrency apps across 20 app stores including Apple and Google Play. Google Play was found to have the highest amount of malicious crypto apps, with 272 available for download. In the United States, researchers have found another crypto-mining malware that is so demanding of phone processors, its causing them to implode. Loapi, a newly-discovered Trojan crypto-miner, can cause phone batteries to swell up and burst open the device’s back cover, and has been found in up to 20 mobile apps.

Crypto-mining malware isn’t a new phenomenon. Before the WannaCry attacks last summer, cryptocurrency malware sprung up as another malicious software looking to take advantage of the same Windows vulnerabilities that WannaCry exploited. But, instead of locking down systems with ransomware, these cybercriminals were putting them to work, using a cryptocurrency mining malware called Adylkuzz.

Here are a few tips to ensure your Android-devices are protected from crypto-mining malware:

  • Download your apps from a legitimate source. While some malicious apps may slip through the cracks, app stores like Google Play do have security measures in place to protect users, and it’s much safer than downloading from an unknown source.
  • Delete any apps that you haven’t used over the past 6-months. An app’s security can change over time; applications that were once supported by an app store can be flagged as malicious and removed from the platform without notification. If an app is no longer supported in the app store, you should delete it immediately.
  • Keep all of your software up to date. Many of the more harmful malware attacks we’ve seen, like the Equifax data breach, take advantage of software vulnerabilities in common applications, such as operating systems and browsers. Having the latest software and application versions ensures that any known bugs or exploits are patched, and is one of the best defenses against viruses and malware.
  • Double up on your mobile security software. I can’t stress enough how important is to use comprehensive security software to protect your personal devices.

Interested in learning more about IoT and mobile security tips and trends? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

 

The post Warning: Crypto-Currency Mining is Targeting Your Android appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/warning-crypto-currency-mining-targeting-android/feed/ 0
Share Your Heart, Not Your Identity: Here’s How You Can Stay Safe on Valentine’s Day https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/what-you-need-to-know-about-protecting-your-identity-online/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/what-you-need-to-know-about-protecting-your-identity-online/#respond Tue, 13 Feb 2018 15:00:28 +0000 https://securingtomorrow.mcafee.com/?p=84426 I love Valentine’s day, it’s the one day of the year exclusively dedicated to sharing: we share our feelings, our affection, and special gifts with our loved ones. It’s a great time to show the people in our lives just how much they mean to us. Thanks to social media and mobile friendly retailers, giving […]

The post Share Your Heart, Not Your Identity: Here’s How You Can Stay Safe on Valentine’s Day appeared first on McAfee Blogs.

]]>
I love Valentine’s day, it’s the one day of the year exclusively dedicated to sharing: we share our feelings, our affection, and special gifts with our loved ones. It’s a great time to show the people in our lives just how much they mean to us. Thanks to social media and mobile friendly retailers, giving your loved ones the world is just a few clicks away.

Tech devices have made it so much easier to share our hearts with the people we care about. But, could our emotional vulnerability ultimately leave us vulnerable to cyber-attacks? Historically, Valentine’s day has been a big day for cybercrime. Criminals have found clever ways to take advantage of retail, online dating platforms, and social media to launch attacks against romantic hopefuls. If you’re wondering how to avoid the most common V-day scams, here are a few things to remember when sharing the love online, and some useful tips to keep your precious data safe.

Dating Apps Are a Data Goldmine

Apps like Tinder or Zoosk are very attractive to hackers around this time of year. Considering the amount of intimate details shared on these platforms, dating apps are prime targets for cybercriminals looking to gain access to personal data and even payment information. In fact, online dating has seen a growing number of cyber-threats since 2015.

If you’re wondering “what’s the worst that could happen if my Tinder account is hacked?”, look no further than the hundreds of pages of data that the app keeps stored on its users. This particular dating app doesn’t just match singles looking to spark a connection, it also collects behavioral data, such as how often you connect, when and where you connect, and even your “likes” and posts from other associated accounts. Some of this data might seem trivial to unsuspecting users, but if placed in the wrong hands this information could be detrimental to the security of your identity.

Florist Are a Favorite for Phishing Scams

A bright, beautiful bouquet of roses is my favorite gift to receive when February 14th rolls around. Unsurprisingly, flowers make one of the most common gifts given around Valentine’s Day but, sending and receiving flowers may not be as harmless as it seems. In 2016, cybercriminals leveraged the popularity of flower services to attack unsuspecting vendors through a series of DDoS attacks designed to extort money from them. While these attacks did not result in leaked information, it’s important to be cautious of which vendors you allow to keep your credit card information on file. After all, you’re expecting your florist to deliver an assortment of beautiful flowers, not a bouquet of personal data to cyber criminals!

If an attack on your friendly florist isn’t enough to peak your senses, hackers have also been known to take advantage of admirers looking to send flowers. Cybercriminals prey on the likelihood that you’ve sent flowers to your loved ones to launch phishing scams, using bogus packages and “Failure to Deliver” notices to collect your data.

Social Media Isn’t Always Your “Friend” 

Valentine’s day is easily one of the most socially sharable days of the year. With so much love in the air, you can’t help but share pictures and posts about your loved ones with other friends and family online. Although most people associate cyber-attacks with some form of malware, many do not realize how vulnerable they are when sharing personal information on social media. Through social engineering, hackers use the information you share online to exploit you. The more personal information you choose to share on social media, the easier it is to exploit that information. Through social media, hackers can find out information about your job, the places you frequent, and even your mother’s maiden name. But don’t worry, we’ve got a few tips up our sleeve to help you share all of the love you want across social.

Seasonal events, like Valentine’s Day, present an opportunity for cybercriminals to leverage their schemes. But don’t be deterred from sharing the love— here’s how you can connect securely and keep your data safe from hackers:

  • Get friendly with your privacy settings on your social media apps. Social platforms like Facebook are making it easier to adjust your privacy settings through a  “privacy center” so you can stay on top of the information you share and who you share it with.
  • Be careful of which accounts you link. Being connected to your online community is great, but linking accounts across platforms only gives cybercriminals easier access to your data. While Tinder does require you to link your Facebook account to sign up, you can turn off Tinder Social so that Tinder won’t be able to post anything to Facebook. And, when possible, avoid linking your dating profiles to other personal accounts.
  • Think before you click that link. Hover over it to see if the URL address looks legitimate to avoid phishing scams. If you know you didn’t send flowers, send that scam to your spam.
  • Double up on your security software. There are plenty of apps that keep your phone safe from malicious attacks. Consider using a service for your phone that offers web protection and antivirus.

Interested in learning more about IoT and mobile security tips and trends? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

 

The post Share Your Heart, Not Your Identity: Here’s How You Can Stay Safe on Valentine’s Day appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/what-you-need-to-know-about-protecting-your-identity-online/feed/ 0
The Future of IoT: What to Expect From Our Devices This Year https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/the-future-of-iot-what-to-expect-from-our-devices-this-year/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/the-future-of-iot-what-to-expect-from-our-devices-this-year/#respond Tue, 30 Jan 2018 14:00:15 +0000 https://securingtomorrow.mcafee.com/?p=83457 The beginning of the new year is always an exciting time for consumer technology enthusiasts. Business leaders, pioneers and forward-thinking companies gather in Las Vegas to showcase their latest devices at The International Consumer Electronics Show (CES), where next-generation innovations take center-stage and the world gets a glimpse into the future of IoT. I had […]

The post The Future of IoT: What to Expect From Our Devices This Year appeared first on McAfee Blogs.

]]>
The beginning of the new year is always an exciting time for consumer technology enthusiasts. Business leaders, pioneers and forward-thinking companies gather in Las Vegas to showcase their latest devices at The International Consumer Electronics Show (CES), where next-generation innovations take center-stage and the world gets a glimpse into the future of IoT. I had the pleasure of attending CES with my colleagues this year and was blown away by the breadth of technology showcased. While the innovations stretched across many industries, I’d like to focus on the reoccurring themes in home and personal technology and how we can secure ourselves through the gadget-filled year ahead:

Smart Homes Will Become “Smarter” 

My favorite devices are the ones designed to enhance the smart home. Companies are striving to advance technology and make our lives easier in the comfort of our homes. From smart thermostats to smart assistants, there is certainly no shortage of household innovation; and companies like Google and Samsung are making strides to contribute to the smart home ecosystem. During CES, Samsung pledged to make all of its devices “smarter” by 2020, linking together all devices via its SmartThings cloud. Meanwhile, Google announced that Google Assistant will now be built in (or compatible) with a range of household products including your smart doorbell and ceiling fan.

As our homes become increasingly connected, the need to secure our internet-connected devices is critical. More IoT devices mean more points of data to attack and leverage for cybercrime. Hackers have the ability to access your personal information through connected home devices, which poses a threat to your identity. Consider using a service with built-in security to ensure every device in your home is well protected― especially the ones that often fly under the radar. Secure routers and gateways can protect all of your connected devices, even the ones without screens.

Smart Technology Will Track Your Sleep 

Technology is even changing the way we sleep, with smart sleep solutions for consumers. At CES 2018, Terraillon announced HOMNI, a device designed to help improve a user’s sleep environment. This device tracks the sleeper’s movement, sending your sleep data to a free app so that users can see how well they’ve slept. There’s nothing technology can’t solve for, including a good night’s sleep. However, when it comes to our personal data, it’s wise to be aware of how your data is being tracked or used.

As the use of connected devices in our homes and personal lives grow, so does the need for security beyond your PC or mobile phone. Many of the devices that we welcome into our daily routine aren’t equipped with proper security controls. It’s important to remember that these connected devices often run on our personal information, information such as your name, age, location –and in this case, your sleeping habits. While a sleep tracker may collect your information with the intentions of helping perfect your sleeping patterns, it has the potential to put your information in places that you might not intend. This is another example of why it’s exceedingly important to secure the connection at its source: your home.

“Ask Alexa” Will Live in Your Eyewear

Amazon Alexa has the ability to communicate with just about every connected device, so it’s no wonder that the Alexa Voice Service will have the ability to connect with your glasses soon, too. During CES, Vuzix announced that its latest pair of AR glasses, the Vuzix Blade, can communicate with Amazon Alexa. Blending augmented reality with AI assistant’s functionality, this headset acts as a fully functional computer with the ability to send email and text notifications via Bluetooth through the processing power of Android and unparalleled display.

Amazon Alexa has become a pseudo-family member in many households, offering assistance in the kitchen and even reading bedtime stories to children. To keep Cybercriminals from gaining access to your personal data , be sure you enable an extra measure of security, like setting up a PIN code for your voice command purchases.

Adding an extra layer of security to your smart devices is key to becoming an empowered consumer in today’s day and age. By taking these extra steps you’ll be able to enjoy the benefits of a secured smart home.

Interested in learning more about IoT and mobile security tips and trends? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

 

The post The Future of IoT: What to Expect From Our Devices This Year appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/the-future-of-iot-what-to-expect-from-our-devices-this-year/feed/ 0
5 Ways to Be Proactive When Protecting Your Personal Data https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/5-ways-to-be-proactive-when-protecting-your-personal-data/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/5-ways-to-be-proactive-when-protecting-your-personal-data/#respond Wed, 17 Jan 2018 01:00:31 +0000 https://securingtomorrow.mcafee.com/?p=83459 WannaCry, Equifax and Uber—in the wake of a data emergency, I often find myself hyperconscious of my online security measures: I immediately change my passwords, I’m careful about what emails I open, and what links I click. However, once the news cycle passes, I admit I fall back into my old habits, which aren’t always […]

The post 5 Ways to Be Proactive When Protecting Your Personal Data appeared first on McAfee Blogs.

]]>
WannaCry, Equifax and Uber—in the wake of a data emergency, I often find myself hyperconscious of my online security measures: I immediately change my passwords, I’m careful about what emails I open, and what links I click. However, once the news cycle passes, I admit I fall back into my old habits, which aren’t always as secure as they should be. It’s important to incorporate good practices into your daily routine to keep your digital life safe even before a breach happens, and well after the latest hack becomes old news. Here are 5 simple ways you can help improve your online security.

Take a Break to Update

We all know how frustrating it can be to receive pop-ups for a software update when you’re busy. They can take time, slow down what you’re working on, and often seem unimportant. But, they are important. Updates fix bugs—bugs that potentially could leave your device vulnerable to an attack. In fact, operating systems and browsers require regular updates to stay on top of vulnerabilities. So, take the time to let the updates run as needed—think of it as investing time in your security.

Delete, Delete, Delete

Does your device have pages of apps that haven’t been used in months? If so, it’s time to delete. It’s a good security practice to take a minimalist approach to your application use, especially since some older apps may no longer be supported by the Google or Apple stores. Over time apps can get infected with malware and could be part of a larger data problem. Check the status of your mobile apps regularly, and delete them if they’re no longer supported in stores, and you haven’t used them in months.

Keep Your Private Passwords, Private

The age-old saying, “sharing is caring” should never apply to personal passwords. Last year’s survey showed that 59% of people were open to sharing their passwords. But when it comes to online safety, passwords should never be shared with anyone under any circumstance. It may be exciting to share the latest video streaming app with your friends and loved ones, but your privacy could be compromised. It’s simply not worth the risk, so keep your passwords to yourself.

Stay Current on Your URLs

Hackers are masters of disguise, and often hide behind convincing URLs to launch phishing attacks. Pay close attention before you click on a link — if the link looks “phishy,” go directly to the company site to confirm that the URL is legitimate.

Enlist Some Backup

As major data breaches continue to hit the scene, it’s important to be proactive in protecting your identity. Reviewing your account info, and setting up alerts if there’s a chance your personal data has been compromised is a key component to securing information that has been compromised. Consider using a comprehensive monitoring and recovery tool that can help you take action.

Interested in learning more about mobile security tips and trends? Follow @McAfee_Home on Twitter, and like us on Facebook.

The post 5 Ways to Be Proactive When Protecting Your Personal Data appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/5-ways-to-be-proactive-when-protecting-your-personal-data/feed/ 0
5 Cybersecurity Resolutions to Consider for the New Year https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/5-cybersecurity-resolutions-to-consider-for-the-new-year/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/5-cybersecurity-resolutions-to-consider-for-the-new-year/#respond Tue, 02 Jan 2018 23:00:56 +0000 https://securingtomorrow.mcafee.com/?p=83420 2018 is officially here, and you know what that means: a bunch of resolutions that will probably take a back seat come mid-February. While I’m not one for setting unrealistic expectations of myself, there is something to be said about learning from the previous year so I do not repeat the same mistakes. As I […]

The post 5 Cybersecurity Resolutions to Consider for the New Year appeared first on McAfee Blogs.

]]>
2018 is officially here, and you know what that means: a bunch of resolutions that will probably take a back seat come mid-February. While I’m not one for setting unrealistic expectations of myself, there is something to be said about learning from the previous year so I do not repeat the same mistakes.

As I look back on 2017, I can’t help but think of all of the teachable moments in mobile and IoT security. From fraudsters phishing with social media bait to bitcoin mining at your local coffee shop, this year was full of moments that remind us just how tricky our connected lives can be.

So, in light of all the events in 2017, here are the top five “cyber-resolutions” to consider for 2018.

Secure your Social Media

If there’s one thing phishing scams have taught me, it’s that scammers have gotten savvier at social engineering. While social media does a great job at connecting us to our loved ones, it can also connect us to people we don’t want to share our personal information with. Cybercriminals know how to use the information you share on social media to gain access to your personal data. I’ve said it once and I’ll say it again, always make sure your account is set to “private” and is only visible to family and friends.

Don’t skip your updates

With the holidays in our rear-view, many of us probably have a few new devices in our homes. There are so many new and exciting tech toys on the market, it’s hard to avoid getting caught up in the IoT way of life. When you’re interrupted from your shiny new device by a software update, it’s tempting to hit “skip” when you’re eager to get back to your gadgets. But if our hackable gifts have shown us anything, it’s that skipping your updates leaves the door open for hackers. Software updates are important because they often include critical patches to new bugs or flaws in the system. So, resolve to keep your software up to date!

Don’t fall for the free Wi-Fi

When it comes to public Wi-Fi, a VPN is a VIP. Access to the internet on the go is a privilege of the times. But while the Wi-Fi at your local coffee shop may claim to be secure, public Wi-Fi networks lack encryption. If you’re in the habit of using Wi-Fi on the go, get a VPN to scramble the data being sent over the network. Private online activity such as shopping or accessing your banking information without a VPN could expose your sensitive information to hackers. Investing in a VPN is a smart way to keep your private information, private.

Set Better Passwords

I can’t stress enough that using a secure password is one of the best practices for protection on the web. When you’re trying to keep up with all of your logins, it can be tempting to use the same simple combination for every account. But, choosing a solid password should always take priority. Mix it up, throw in some numbers and symbols to complicate the password, stay away from using your birthday, and remember ‘123456’ is never an acceptable password!

Secure your home

Our homes are more connected now than they’ve ever been. It’s important to make sure each individual device is secure. However, securing your connection at the source is as important as securing your front door. Consider using a home gateway with built-in security to ensure every device in your house is well protected.

Let’s start the year off on the right foot. Don’t give cybercriminals the upper hand when it comes to your personal data.

Interested in learning more about mobile security tips and trends? Follow @McAfee_Home on Twitter, and like us on Facebook.

 

The post 5 Cybersecurity Resolutions to Consider for the New Year appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/5-cybersecurity-resolutions-to-consider-for-the-new-year/feed/ 0
Hacked for the Holidays: Preparing Your Home for Hackable Toys https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/preparing-your-home-for-hackable-toys/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/preparing-your-home-for-hackable-toys/#respond Tue, 12 Dec 2017 18:00:51 +0000 https://securingtomorrow.mcafee.com/?p=82839 The holidays are in full swing and all my kids can think about is their wishlist. With so many new and exciting tech toys on the market, who can blame them? From flying drones to smartphones, the advent of the Internet of Things (IoT) has brought holiday shopping to new and unexpected heights. I’ll be […]

The post Hacked for the Holidays: Preparing Your Home for Hackable Toys appeared first on McAfee Blogs.

]]>
The holidays are in full swing and all my kids can think about is their wishlist. With so many new and exciting tech toys on the market, who can blame them? From flying drones to smartphones, the advent of the Internet of Things (IoT) has brought holiday shopping to new and unexpected heights.

I’ll be the first to admit, I look forward to welcoming some of these connected toys into our home and life as much as my kids do. But, as this year’s hackable gifts show us, it’s important to keep security in mind when shopping for presents that could be a potential target for hackers.

Connected toys offer a fun and unique way to show our loved ones we appreciate them. Whether it’s the gift of unlimited streaming to a movie buff, or a virtual experience to a gaming guru, IoT has made the art of gift-giving that much more personal. However, shoppers should be aware that these devices are just as appealing to cybercriminals because of their access to our personal information.

In our digital lives, we’ve come to understand the importance of adding an extra layer of security to our laptops, smartphones, and tablets. But some devices such as smart home appliances, media players, and streaming sticks often fly under the radar when it comes to proper security. In fact, this year’s Most Hackable Holiday Gifts survey found fewer than 30% of consumers considered the security of popular devices such as drones and VR headsets.

What’s the worst that could happen? It’s just a toy.

You may wonder, what cyberattacks could impact a drone? Believe it or not, drones are near the top of our Most Hackable Gifts list and can be compromised by hackers in mid-flight. If a cyber-hijacking isn’t enough to put a damper on your holidays, consider the threats that connected toys might bring into your home without your knowledge. Earlier this year it was discovered that the interactive Cayla doll not only allowed cybercriminals to record video and audio of you without your consent, but also gave them the ability to unlock smart doors. The severity of attack can vary when it comes to connected devices in the home, so it’s important to add a few extra measures of security to them before they cross your threshold.

So, what can you do to keep your family safe from the hackable toy army? Follow these tips:

Get smart about your smart toys: Before you purchase a connected device, research the latest threats and ensure your intended product has security built-in. For example, if you’re considering purchasing a drone, purchase one that has encrypted communication.

Update: Do not default to the factory security settings on your devices. Update your security settings immediately! Make sure you reset your devices with a new and unique password as soon as you get them. Also, remember to update your device software to account for any new bugs or flaws in the system.

Talk to your kids: Talk to children about cyber threats that could affect the devices they have access to. Make sure they’re in the know on security breaches and scams, and are aware of the dangers of password sharing.

Secure your home: Always secure your connection at its source: your home. Consider using a solution like McAfee Secure Home Platform to ensure every device in your house is well protected.

It’s easy to get in the holiday spirit of giving, just don’t get tricked into giving hackers access to your home!

Interested in learning more about mobile security tips and trends? Follow @McAfee_Home on Twitter, and like us on Facebook.

 

The post Hacked for the Holidays: Preparing Your Home for Hackable Toys appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/preparing-your-home-for-hackable-toys/feed/ 0
5 Apps To Be Thankful For This Season https://www.mcafee.com/blogs/consumer/5-apps-to-be-thankful-for-this-season/ https://www.mcafee.com/blogs/consumer/5-apps-to-be-thankful-for-this-season/#respond Tue, 28 Nov 2017 14:00:40 +0000 https://securingtomorrow.mcafee.com/?p=81570 If ever there was a time of year to reflect on the little things that make life wonderful, it’s the holiday season. While friends, family, and food always top the list of things I’m grateful for, there is also a special place in my heart for the gizmos and gadget that also make life great. […]

The post 5 Apps To Be Thankful For This Season appeared first on McAfee Blogs.

]]>
If ever there was a time of year to reflect on the little things that make life wonderful, it’s the holiday season. While friends, family, and food always top the list of things I’m grateful for, there is also a special place in my heart for the gizmos and gadget that also make life great. The internet of things (IoT) has literally given the world access to technology at our fingertips, allowing us to live well-connected lives.

But know that this well-connected life can also be difficult to navigate; the world of IoT and smart phones coupled with cyber safety can often feel like a complicated waltz.  Once we take the necessary steps to ensure we’re safe online, there is nothing wrong with enjoying the apps that make our lives easier.

Since it is the season of giving thanks, here are the five apps I’m most thankful for this year. Some are well known, and some are welcomed new additions to the mobile world.

Venmo

When I want to go to dinner with my friends, Venmo takes the pressure out of splitting the bill when it’s time for the check. Thanks to this free app, sending and receiving money from loved ones is simple and uncomplicated.  The best part is, this application offers a two-factor authentication that will alert me via text or email if someone attempts to sign in from an unknown device. Talk about instant gratitude.

Skype

If you have loved ones all around the world like I do, it’s likely this application which makes it easier to connect with them. When a phone call simply isn’t enough, Skype lives up to its promise by giving me a chance to share cherished moments, in real-time, with loved ones far away. Calls are encrypted so private moments stay private. Just be sure that you’re logged into a secure network and ensure your connection is secure. If secure WiFi isn’t available, consider a personal VPN to help keep your connection safe.

Facebook

It’s always fun to reflect during this time of year. When I’m feeling nostalgic for friends I haven’t seen in a while, Facebook can connect me with a click of a button. It’s great to share important life moments with friends via Facebook, as long as you remember to adjust your settings to “private” and only allow your friends to view your posts. In the world of digital oversharing, we all know Facebook is a culprit, but if we take the extra steps in securing our posts, I don’t see why we shouldn’t still enjoy it.

Waze

Planning a trip to grandma’s house this holiday? Waze will show you the way. If you spend a lot of time on the road, Waze is like a trusted companion to accompany you on your journey. With real-time traffic insights from other “Wazers”, it’s like having a personal travel guide. I couldn’t imagine navigating without it. But, always be cautious when giving other applications access to your location settings.

Postmates

Food on demand—enough said! Not only does Postmates bring delicious food right to my home, it can also deliver my dry cleaning, or anything else I need at the moment. This app is the epitome of convenience; just remember to stay up to date on your software installments as a security measure.

We should all take a moment to appreciate the little things that make our lives easier. While we revel in the convenience of our apps, it’s important to keep these tips in mind to ensure your devices stay safe:

  • Authenticate! If you’re using an application like Venmo, it’s important to set up your two-factor authentication immediately, to reduce the risk of having your account compromised.
  • Avoid Risky WiFi. I’ve said it once, and I’ll say it again, unsecured networks are an easy target for hackers to gain access to your devices. Steer clear of open networks because you never know who your data could be going to.
  • Exercise safety on social media. It’s important to make sure your account is set to “private” and is only visible to family and friends. Cybercriminals know how to use the information you share on social media to gain access to your personal data. Make sure you know who has their eyes on your account.

Can’t get enough mobile security tips and trends? Follow @McAfee_Home on Twitter, and like us on Facebook.

The post 5 Apps To Be Thankful For This Season appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/5-apps-to-be-thankful-for-this-season/feed/ 0
Warning: Lokibot Is Looking to Access Your Android https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/lokibot-android-malware/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/lokibot-android-malware/#respond Tue, 14 Nov 2017 14:00:27 +0000 https://securingtomorrow.mcafee.com/?p=81566 This time of year is always busy for me. Between pre-holiday online shopping, and the push to connect with friends before the season gets underway, it’s especially a busy time of year for my online activity. In an age of social technology, we use our apps to help get through our active holiday calendar. We […]

The post Warning: Lokibot Is Looking to Access Your Android appeared first on McAfee Blogs.

]]>
This time of year is always busy for me. Between pre-holiday online shopping, and the push to connect with friends before the season gets underway, it’s especially a busy time of year for my online activity.

In an age of social technology, we use our apps to help get through our active holiday calendar. We use our messaging apps to connect with friends on the go, and our banking apps to balance accounts, as well as send and receive money from loved ones. We need our apps to make the holidays happen. Which, unfortunately, makes the new LokiBot malware the perfect Trojan horse to infiltrate your mobile device.

What is Lokibot?

Lokibot is a new Android banking trojan that’s targeting mobile banking applications and communication apps like WhatsApp, Skype, and Outlook. Much like its banking Trojan counterparts, Lokibot disguises itself as the login screen of your banking app, hoping to trick you into giving it administrative access. Once it has access, it can use your browser and SMS texts against you to share your personal information with cybercriminals and spread spam to all of your contacts. According to researchers, this Trojan has targeted at least 119 apps already.

How Does Lokibot work?

Lokibot is like an unwanted guest, it just won’t leave. When users realize they’ve been duped and try to remove the trojan’s administrative privileges, it automatically locks the device and turns into ransomware. Fortunately, the Lokibot ransomware feature is faulty and has only been successful at renaming files instead of encrypting them. Unfortunately, Lokibot still has the ability to lock you out of your phone.

How do I protect myself?

The good news is: if your device has been infected, you can give Lokibot the boot by putting your phone into Safe Mode and removing the malicious application along with its admin user privileges. When it comes to cybersecurity, everybody knows that the best defense is a good offense. You can keep your devices safe by following these tips:

 

  • Don’t fall for the money bait. If you see an unanticipated “deposit” notification from your banking app, contact your bank directly. Lokibot is known to use fake notifications to lure unsuspecting users into its trap.
  • Keep an eye out for fishy looking login screens. Trojans are masters of disguise and often gain access when users give up their access for login to what appears to be a trusted app. If it looks suspicious, proceed with caution.
  • Download your apps from a legitimate source. Google Play has strong security standards for their applications. If an app is no longer supported in the play store, you should delete it immediately.

 

Following these steps will help keep you out of Lokibot’s way, so you can enjoy your busy holiday season.

 

Can’t get enough mobile security tips and trends? Follow @McAfee_Home on Twitter, and like us on Facebook.

The post Warning: Lokibot Is Looking to Access Your Android appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/lokibot-android-malware/feed/ 0
The Top 5 Scariest Mobile Threats https://www.mcafee.com/blogs/consumer/scary-mobile-threats/ https://www.mcafee.com/blogs/consumer/scary-mobile-threats/#comments Tue, 24 Oct 2017 13:00:07 +0000 https://securingtomorrow.mcafee.com/?p=81476 Halloween has to be one of my favorite holidays of the year. Creative costumes, buckets of candy, and pumpkin spice lattes make All Hallows’ Eve a memorable event for people of all ages. But what I love most about Halloween is the traditions associated with it: pumpkin carving, trick or treating and bobbing for apples […]

The post The Top 5 Scariest Mobile Threats appeared first on McAfee Blogs.

]]>
Halloween has to be one of my favorite holidays of the year. Creative costumes, buckets of candy, and pumpkin spice lattes make All Hallows’ Eve a memorable event for people of all ages. But what I love most about Halloween is the traditions associated with it: pumpkin carving, trick or treating and bobbing for apples are just a few of the traditions that have stood the test of time.

The one thing I don’t like about Halloween? All things scary. Ghosts, killer clowns and the undead all give me heebie-jeebies. Oh, and scary mobile threats. And no, I’m not talking about the girl from The Ring, I’m talking about spyware, ghost apps and more!

I Know What You Did Because of Spyware

Spyware is a type of malware that lurks in the shadows of your trusted device, collecting information around your browsing habits, personal information and more. Your private information is then sent to third parties, without your knowledge. Spooky stuff.

Dawn of the Dead Apps

Think haunted graveyards only exist in horror movies, think again! Old apps lying dormant on your phones are like app graveyards, especially since some of these older apps may no longer be supported by Google or Apple stores. These apps can be infected with malware or they could potentially be leaking your data to a third party.

Bone Chilling Botnets

Botnets emulate Invasion of the Body Snatchers, on your mobile device. What is a botnet you ask? When malware infiltrates a mobile device, through something like a sketchy app or phishing scam, the device becomes a “bot”. This bot or bots then become a part of collection of infected internet connected devices, that are used to spread viruses, generate spam, and all sorts of cybercrime. Most mobile device users aren’t even aware that their gadgets are compromised, which is why protecting your device before an attack is so important.

Malicious Click or Treat

Clicking links and mobile devices go together like Frankenstein and his bride. Which is why ad and click fraud through mobile devices is becoming more prevalent for cybercriminals. Whether through a phishing campaign or malicious apps, hackers are able to gain access to your device and your private information. Always remember to click with caution.

IoT Follows

The Internet of Things (IoT) has quickly become a staple in our everyday lives, and hackers are always ready to target easy prey. Most IoT devices connect to mobile devices, so if a hacker is able to gain access to your smartphone, they can infiltrate your connected devices as well. Or vice versa.

Moral of the story: mobile threats can give us all a good spook. But you can keep your devices protected from malicious threats by following these tips:

  • Be a click-buster: Always be on alert when clicking links, especially when they seem too good to be true.
  • Update regularly: Whether you’re updating your devices’ software or just simply getting rid of old apps, this practice helps to ensure your device stays secure.
  • Get secure: We can’t stress enough how important is to use comprehensive security software to protect your personal devices.

Following these precautions will help you steer clear of cybercriminals’ tricks this Halloween, and keep you in the clear from a mobile security breach.

Can’t get enough mobile security tips and trends? Follow @McAfee_Home on Twitter, and like us on Facebook.

 

 

The post The Top 5 Scariest Mobile Threats appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/scary-mobile-threats/feed/ 1
Conquering Fear at McAfee https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/conquering-fear-mcafee/ https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/conquering-fear-mcafee/#respond Mon, 16 Oct 2017 00:00:31 +0000 https://securingtomorrow.mcafee.com/?p=79915

By Radhika, Director of Global Consumer Product Marketing. With the U.S. school year beginning, I’ve been in touch with the jitters my three kids feel as they get their own “startup” energy going. This is especially true with my older son, who is starting college with plans to study bioengineering. He’s experiencing what anyone feels […]

The post Conquering Fear at McAfee appeared first on McAfee Blogs.

]]>

By Radhika, Director of Global Consumer Product Marketing.

With the U.S. school year beginning, I’ve been in touch with the jitters my three kids feel as they get their own “startup” energy going. This is especially true with my older son, who is starting college with plans to study bioengineering. He’s experiencing what anyone feels when entering a new space with a big goal: excitement about the possibilities and fears about the challenges.

I can relate. It sounds a bit like my cybersecurity pursuits here at McAfee (I’ll save the emotional roller coaster about seeing my first child go to college for another day).

Recently, my team and I ventured into unchartered territory with a new, innovative product idea. Like my son, I was faced with both excitement about starting something new and of course that underlying fear that always come with something ambitious. Thankfully, the team and I didn’t succumb to fear and work for a company that not only encourages, but also rewards, creative thinking. Otherwise the world would never have known the Secure Home Platform.

Stage 1: Idea Generation

As director of global consumer product marketing at McAfee, I spend my work time zeroed in on consumer cybersecurity, where the notion of “threat” or fear is always present. And it doesn’t stop when I leave the office. As a mother, and a consumer myself, I want to keep my home and my family safe while taking advantage of all the advancements of modern technology. Whether it’s phones, tablets and PCs or the plethora of now internet-connected devices at home such as baby monitors, thermostats, front door cameras, smart door locks and smart lighting systems. Either way you look at it our homes are, unfortunately, an attractive target for cybercriminals.

To address this threat and meet this need, a few years ago, some of my brilliant engineering colleagues conceived a solution. You guessed it—the Secure Home Platform. This new technology is built-in to your home router and allows you to use the above mentioned connected devices and more, with peace of mind that no one will be hacking into your baby monitor or smart fridge.

Stage 2: Idea Exploration

After every new idea comes the grindingly hard work to transition from innovation to execution and delivery: making the product real, scaling it for global requirements, building relationships with partners and customers, collaborating across our teams, customizing for customers, selling into the marketplace, and constantly re-evaluating and adjusting our competitiveness and value proposition.

And at each step in bringing our new product to market, there was always a voice, or many voices, saying a version of “you won’t succeed.” Sometimes the voice existed in our own heads. Sometimes it emerged in a combination of data, research and varied opinions saying, “I love the product, but don’t you think you’re too early” or “do you think there’ll be market demand?” or “you don’t have the partner relationships.”

We’ve all faced some version of this. Of course, we didn’t ignore possibly good insights or warnings about our new idea. We listened carefully. We assessed. We completed the analysis with our teammates, our managers. Then we decided. This was the right product at the right time that would help cement our position as a market leader. From that point, we rallied to push through the fear and silence any voice saying “you’re going to fail.”

Stage 3: Idea Implementation

To bring the Secure Home Platform to life, my role focused on creating buzz and excitement in the market and creating a strategic go-to-market plan while the engineering team perfected the product itself. Our strategy introduced the right mix of media and business partners to the product and many quickly saw what we did: the Secure Home Platform filled a critical cybersecurity gap.

When it finally came time for product launch, my team and I felt both confident and anxious. Even though we secured key partnerships a number of Telcos and ISPs and we’d just won the coveted Mobile World Congress Innovation Award, it’s impossible not to fear failure.

But with perseverance and teamwork, we got through all the fear and speculation and, one year ago, successfully launched Secure Home Platform.

As I reflect on the last year, my strongest feelings aren’t about fear; they are about the team of people who gave the product life—and who continue to drive the platform’s huge and never-ending mission. Without the wonderful teams spanning engineering, user experience, product management and marketing, partner management and customization—and many more, we wouldn’t have reached success.

What I’ve learned is that the fears don’t actually end. I spend much of each day worrying about threats—threats from competitors trying to catch up to us, from partners looking at competing products, or from market forces that might surprise us. Those are the fears that any product team would have—and should have.

Here’s what makes the difference—working for a company that encourages innovations, risks and experimentation. And knowing that if we do fail—because at times we will—we face it, learn from it, regroup quickly, and begin again, stronger and more resolute. Surrounded by a team with that mentality, a team that pushes through their fears to overcome barriers, is what makes our noble mission possible. We protect all that matters, together.

For more stories like Radhika’s, follow @McAfee on Twitter.

The post Conquering Fear at McAfee appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/conquering-fear-mcafee/feed/ 0
Working 9 to 5 on Mobile Security https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/workplace-mobile-security/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/workplace-mobile-security/#respond Tue, 10 Oct 2017 13:00:13 +0000 https://securingtomorrow.mcafee.com/?p=79769 I love watching old movies, like the classic “9 to 5” and realizing how antiquated the tools used in the workplace are. Rolodexes, typewriters and fax machines – oh my! While devices like these were the standard of their time, technology has evolved, bringing in new equipment that allows employees to be more efficient, but […]

The post Working 9 to 5 on Mobile Security appeared first on McAfee Blogs.

]]>
I love watching old movies, like the classic “9 to 5” and realizing how antiquated the tools used in the workplace are. Rolodexes, typewriters and fax machines – oh my! While devices like these were the standard of their time, technology has evolved, bringing in new equipment that allows employees to be more efficient, but also brings about security concerns.

In the age of technology, there is a growing trend around Bring Your Own Device or BYOD, specifically with mobile devices in the workplace. Companies want employees to have the flexibility to use devices they’re comfortable with, but placing gadgets in the hands of employees can take a turn for the worse.

Security breaches happen, but often times, the source of a breach comes from an internal employee. Think about it. If you use your device (that has data from your work) to check your email and get caught up in a phishing scam or ransomware attack, your company information is exposed.

Most companies do as much as they can to keep their data secure, but what can you do as an employee to make sure you’re keeping yourself and your company safe from threats? Here are some strategies that can potentially reduce the risk of a mobile security breach:

  • Ask questions: Think there’s something fishy or insecure on your phone? Talk to your IT department, they’ll be more than happy to help you stay secure.
  • Pay attention: If your company has an internal training or guide to keeping your devices safe, tune in. As our devices evolve, so do security methods.
  • Follow protocol: If you’re victim to attack, be sure to follow the directives of your IT team and alert them as fast as you can. A quick response to a threat can help to minimize the damage.

Of course, good mobile security hygiene wouldn’t be complete without simple best practices that you can implement every day:

  • Multi-factor authentication: Keep your devices and your accounts (social media channels, emails, etc.) secure with an added layer of security.
  • Complex passwords: It’s 2017, you know better than to have “password” or “1234” as a safeguard for your devices.
  • Selective Wi-Fi: Avoid connecting to unsecure Wi-Fi, especially if you plan on connecting to an internal corporate system.
  • Security, security, and security: Always use comprehensive security software to protect your personal devices. If your company provides you with a device, be sure to follow their directives on the type of security to load on your device.

Can’t get enough mobile security tips and trends? Follow @McAfee_Home on Twitter, and like us on Facebook.

The post Working 9 to 5 on Mobile Security appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/workplace-mobile-security/feed/ 0
Catch Phish If You Can https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/mobile-phishing/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/mobile-phishing/#comments Wed, 27 Sep 2017 13:00:26 +0000 https://securingtomorrow.mcafee.com/?p=79271 There are some movies you can watch over and over again. For me, it’s “Catch Me If You Can,” Steven Spielberg’s 2002 crime film based on the life of con artist, Frank Abagnale. Abagnale, portrayed by Leonardo DiCaprio, poses as a variety of professions (a pilot, a doctor, and a lawyer) as he forges checks […]

The post Catch Phish If You Can appeared first on McAfee Blogs.

]]>
There are some movies you can watch over and over again. For me, it’s “Catch Me If You Can,” Steven Spielberg’s 2002 crime film based on the life of con artist, Frank Abagnale. Abagnale, portrayed by Leonardo DiCaprio, poses as a variety of professions (a pilot, a doctor, and a lawyer) as he forges checks all around world and steals millions of dollars. His attention to detail and ability to charm people are key elements of his schemes, which, as a security expert, reminded me a lot about phishing scams.

Frank convinced banks to give him money through fake checks, but hackers convince you to give up your information through fake emails and URLs. These emails and URLs are nearly identical to emails you might receive from your bank or insurance carriers and often ask you to “confirm” your sensitive information.

Phishing scams also utilize social engineering, a technique DiCaprio’s character used perfectly to his advantage throughout the film. Time and again, Abagnale uses his ability to charm people into trusting him in order to get what he wants; a bank account, a pilot’s uniform, and even a fiancée. Cybercriminals do the exact same — they rely on people’s trusting demeanors in order to get what they want, which in their case is their victim’s personal information.

While there are many comparisons between Frank’s conning tactics and today’s scams, it’s important to remember that the resources and attacks vectors available to today’s criminals have expanded. Even though Frank was successful, he was still limited compared to today’s tech advancements. Digitization has opened new doors for hackers, especially when it comes to mobile devices. In fact, it’s been reported that mobile devices users, specifically iOS devices, are the biggest target for mobile phishing attacks.

So how can you catch these attempts to steal your information? We’re glad you asked.

  • How much is too much? If you’re being asked for too much information, be cautious.
  • Address unknown: Before logging into an account, make sure it has the correct web address.
  • What’s in a name: Do you recognize the sender’s name and email address? Does the company’s email match others you’ve received? Check these before responding!
  • It’s ok to hover: Before you click that link, hover over it to see if the URL address looks legitimate.
  • Is it too good to be true? “Free” offers, or deals that sound out of this world probably are. Avoid these like the plague.
  • Security is key: Always use comprehensive security software to protect your devices and personal data from malware and other threats that might result from a phishing scam.

Remember, as great as movies are for entertainment, reality is much more serious. Always be cautious and protective when it comes to your personal information. Keep up to date on best practices and latest security updates.

Interested in learning more about mobile security tips and trends? Follow @McAfee_Home on Twitter, and like us on Facebook.

The post Catch Phish If You Can appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/mobile-phishing/feed/ 2
The Do You Knows of DDoS Attacks https://www.mcafee.com/blogs/consumer/mobile-ddos/ https://www.mcafee.com/blogs/consumer/mobile-ddos/#respond Tue, 12 Sep 2017 13:00:23 +0000 https://securingtomorrow.mcafee.com/?p=77842 “Where’s my phone?” In a blink of an eye, my home is suddenly flipped upside down—couch cushions overturned, drawers – askew and papers shuffled. After a few repeating buzzes I realize that it’s right under my nose. Relief floods my body. How could I last a day without my phone? With the rise of social […]

The post The Do You Knows of DDoS Attacks appeared first on McAfee Blogs.

]]>
“Where’s my phone?”

In a blink of an eye, my home is suddenly flipped upside down—couch cushions overturned, drawers – askew and papers shuffled. After a few repeating buzzes I realize that it’s right under my nose. Relief floods my body. How could I last a day without my phone?

With the rise of social media, addictive games, and on-demand apps, our mobile devices have become an inextricable part of us, like an additional limb. But, while these devices provide great conveniences, they also can bring major headaches in the form of malware. Which is exactly what happened when a malicious app was used on the Android OS to conduct a denial-of-service attacks (DDoS) attack, called WireX.

DDoS attacks have been making headlines since the late 90’s, but most consumers wouldn’t even notice if their device was taking part of an attack. The WireX botnet (a collection of internet-connected devices) is one of the first and biggest Android DDoS attacks, which is a cause for concern for all mobile device owners, due to its ability to infiltrate the device you depend on so much.  So how did the attack happen and what can you do to protect yourself?

The botnet was hidden behind some 300 apps that were made available in the official Google Play Store. When users installed the app, WireX conscripted the devices into a network, which then sent junk traffic to websites, in the hopes of bringing them down, like any other DDoS attack. So what makes this attack such a big deal?

Researchers saw 130k to 160k unique addresses involved in the attack, across the globe and it was so well hidden, it was hard for companies to defend against the attacks. Luckily, a group of companies were able to take down the botnet, allowing Google to remove the malicious apps from the marketplace and the infected devices.

So, what can you do to win the battle against attacks?  Follow these tips:

  • Think Before You Click: Does that app sounds a little too good to be true? Chances are, it is. Before downloading the app on your phone, make sure to read the reviews and see if others are flagging security inconsistencies.
  • Stay In the Know: In addition to doing your research, make sure to keep your app at its tip-top security shape with the latest app updates.
  • Be Picky: If you see an app with a bad rating, there’s likely another app that has the same functions. If it looks suspicious, it probably is.
  • Right at the Root: Staying vigilant on the latest security threats could be a full-time job, so it doesn’t hurt to have a solution that protects you from mobile malware, like McAfee AntiVirus Plus. This all-inclusive feature also spans over multiple devices, giving you an extra layer of security.

When it comes to cybersecurity, it’s best to be proactive rather than reactive. Be sure to keep up to speed on the latest attacks and cybersecurity best practices.

Interested in learning more about mobile security tips and trends? Follow @McAfee_Home on Twitter, and like us on Facebook.

The post The Do You Knows of DDoS Attacks appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-ddos/feed/ 0
Get Schooled on Security https://www.mcafee.com/blogs/consumer/get-schooled-on-security/ https://www.mcafee.com/blogs/consumer/get-schooled-on-security/#respond Tue, 29 Aug 2017 13:06:58 +0000 https://securingtomorrow.mcafee.com/?p=77251 It’s hard to imagine what college would have been like if I had today’s technology in my arsenal. With spell check, search engines and online resources, meeting deadlines for my assignments would have been a breeze. Late nights in the library would have been condensed to a few quick clicks on the web, but at […]

The post Get Schooled on Security appeared first on McAfee Blogs.

]]>
It’s hard to imagine what college would have been like if I had today’s technology in my arsenal. With spell check, search engines and online resources, meeting deadlines for my assignments would have been a breeze. Late nights in the library would have been condensed to a few quick clicks on the web, but at what cost? While I can appreciate the conveniences technology provides collegiate students, I can’t help but wonder about their online security habits.

Unsurprisingly, today’s college students rely heavily on their mobile devices, laptops, and tablets to navigate through the school year. But, even though students have increased their device usage (most likely due to social media and school-related research), our recent  Back To School study shows there is an apparent disconnect with secure online habits.

So, why is this disconnect happening exactly? With classes and social activities, it can be challenging for students to find time to prioritize cybersecurity. However, hackers find time for students, as they aim to spread phishing scams and mobile malware.

In addition to keeping cybercriminals at bay, practicing safe online habits in college can benefit students in the long term. Want to post a crazy photo from a football tailgate? While funny at the time, it’s important to remember that the content you share reflects who you are and can follow you as you enter into the post grad world. Future employers may perceive your shared content in a way that can hinder potential career opportunities.

The good news? If you stay aware and educated on security and digital composure, cybercriminals will have no way to dampen your college experience. Here are our tips on how students can stay secure  during the school year:

  • Stay Updated: Keep device software and applications secure by regularly utilizing the latest updates.
  • Passwords Please: Did you get that laptop or smartphone as a ‘back to school’ present? All smart devices come with default passwords, and it’s important to change those as soon as possible. The more complicated your password, the better!
  • Locked and Loaded: Install a comprehensive solution like McAfee LiveSafe that protects all your devices from different types of malware, provides virus protection and backs up all your important documents on the cloud.

College should be a fun experience for everyone. If you stay cybersecurity savvy, it reduces the chance of hackers spoiling your fun and ruining your reputation. Prioritize online security and reap the benefits!

Interested in learning more about mobile security tips and trends? Follow @McAfee_Home on Twitter, and like us on Facebook.

The post Get Schooled on Security appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/get-schooled-on-security/feed/ 0
How to Navigate this Connected World https://www.mcafee.com/blogs/consumer/iot-safety-home/ https://www.mcafee.com/blogs/consumer/iot-safety-home/#respond Fri, 18 Aug 2017 21:09:21 +0000 https://securingtomorrow.mcafee.com/?p=76989 This blog was written in collaboration with Kishore Jotwani, Sr. Director of Marketing & Business Development for Intel’s Wireless Consumer Infrastructure Platforms and Bill Zhou, VP of product management, ARRIS.  Doors locked, windows shut, and alarm set. I should be safe… right? The Internet of Things (IoT) is an ever-growing force that makes my everyday life […]

The post How to Navigate this Connected World appeared first on McAfee Blogs.

]]>
This blog was written in collaboration with Kishore Jotwani, Sr. Director of Marketing & Business Development for Intel’s Wireless Consumer Infrastructure Platforms and Bill Zhou, VP of product management, ARRIS. 

Doors locked, windows shut, and alarm set. I should be safe… right?

The Internet of Things (IoT) is an ever-growing force that makes my everyday life easier. With real-world applications aplenty, I can’t imagine my life without IoT devices. Fitness wearables allow me to stay on track with my health goals, smart home security cameras keep my family and home safe, and even my smart oven helps me step up my cooking skills.

Unfortunately, as with anything else, there are two sides to this coin. Highlighted events over the past year have shown us that IoT devices, if not properly secured, can be vulnerable to attacks. In October of 2016,  the Dyn DDoS attack leveraged, and infected, countless connected devices to shut down several popular sites, like Spotify and Twitter. Similarly, the Mirai malware used vulnerable IoT devices, forming them into a botnet army, to stake its claim.

Now more than ever, it’s clear we live in an interconnected world, in which our homes present new opportunities for entry—and I don’t mean breaking a window. Instead of only having to worry about a physical break-in, we’re faced with the threat of a cyber break-in—one that aims to compromise connected home gadgets, and personal data to boot.

I use connected devices to help make my life easier and streamline everyday processes, but without proper security, I’m left as a sitting duck. Also, with the growing number of IoT devices in my home, they’re all competing for network bandwidth and slow down my network speed.

So, what can you do to keep your home, and your family’s data and devices secure without sacrificing network speed?

The most important thing to note is that cybercriminals rely on the assumption that we, as consumers, won’t be proactive when it comes to properly locking down our smart home devices, and the accounts connected to them.

By following these tips, you can stay proactive and beat cybercriminals at their own game:

  • Stay updated: Do your research on smart home devices, and choose the most secure one you can get your hands on. Also, always keep your devices’ software up to date to practice optimal security.
  • Change it up: If you purchase a new, connected device for your home, change the default password right away. Need some help creating a secure login for it? We’ve got you covered.
  • Safety first: Implement a solution that keeps all your smart home devices secure. For an extra layer of security, you can onboard two different routers for your home, dedicating one specifically to your IoT devices. Having one network for your connected devices and another for your other personal devices (laptop and mobile) is considered a best practice. That way, if a hacker gains access of one network, your devices on the other network are safe.
  • Have a one-stop shop: Look for a solution that offers protection at the home network level, like ARRIS Secure Home Internet by McAfee®, now available in the ARRIS SURFboard SBG7580-AC gateway. Because this solution is directly embedded in the gateway, it automatically protects your connected gadgets, without slowing down your network speed.

Remember, cybercriminals are expecting us to slip up with security, so it’s important to stay on top of it. Stay informed on smart home protection best practices, and show those hackers who’s boss!

Interested in learning more about mobile security tips and trends? Follow @McAfee_Home on Twitter, and like us on Facebook.

The post How to Navigate this Connected World appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/iot-safety-home/feed/ 0
Running from Ransomware: A Mobile User’s Guide https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/leaker-locker-mobile-malware/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/leaker-locker-mobile-malware/#respond Tue, 25 Jul 2017 13:00:52 +0000 https://securingtomorrow.mcafee.com/?p=76322 From the second my alarm goes off, my day goes 100 miles a minute. In addition to getting myself ready for work, I have to pack my kids some brag-worthy lunches, conquer the stack of unwashed dishes in the sink from the night before, and make sure that everyone is out the door on time. […]

The post Running from Ransomware: A Mobile User’s Guide appeared first on McAfee Blogs.

]]>
From the second my alarm goes off, my day goes 100 miles a minute. In addition to getting myself ready for work, I have to pack my kids some brag-worthy lunches, conquer the stack of unwashed dishes in the sink from the night before, and make sure that everyone is out the door on time. One day, in  the midst of all the usual mania, I had a horrible realization that I had forgotten to buy my mom’s birthday present.

To save myself some time, I whipped out my phone, scrolled through the net and explored a few last-minute gift options. In the corner of my eye, I saw an ad for some cute shoes she’d like from a retail site I had previously visited. Zoom, tap, bam! Browsing history comes through to help me find a present in the blink of an eye.

Last-minute online shopping isn’t the only thing our connected devices are good for. We rely on our mobile phones for the simplest things to navigate through our daily lives. From mapping directions, to scrolling through nearby restaurant reviews, to quickly scanning newsworthy articles, our devices accumulate a lot of personal data through our browsing history.

Although browsing history has come handy for me in certain situations, it often gets a bad rap on its own. Leaker Locker, the new mobile malware discovered by the McAfee team, has created a browsing history nightmare by leveraging surfing habits against mobile users.

When we’re navigating through the net, we usually (often wrongfully) assume that our information will remain private. Unfortunately, that’s not always the case. Our increased trust of the web and dependence on our connected devices has excited cybercriminals, causing the number of mobile malware threats to grow over 80% in the last year.

Hiding behind apps that can be found in the Google Play store, Leaker Locker harnesses its malicious ransomware by disguising itself as an unauthorized mobile backup. Present on two apps on the Google Play store, this ransomware disguised as an app leaves the everyday consumer, like you and me, vulnerable.

So how does Leaker Locker work? It attacks when the user allows device permissions to the newly downloaded, disguised app. Once the malicious app gains access to the device, the device is locked down, and a message pops up on-screen, announcing  that the owner’s sensitive information has been compromised. This private information is then used as a bargaining chip for a ransom.

Want to make sure you’re not the next victim of this ransomware? Follow these tips:

  • Attention, Please: Scope out the app’s listing on the app store, and read through its reviews carefully. Sure, an app might look like a fun game or seem to make your life convenient, but it pays to be vigilant. Many users leave helpful warnings to others about if a specific app has been disguised as a hub for ransomware. If the reviews or actual app listings seem fishy, steer clear.
  • Don’t Pay to Play: Cybercriminals love to demand money in exchange for the “safety” of your personal data. Although paying the ransom seems like a good idea, don’t fall for this trap! Paying the ransom doesn’t guarantee the return of your information. Be extra cautious and try to keep sensitive data off your mobile device.
  • Back It Up: Back up your personal information and files by taking advantage of both an external hard drive and the cloud. In the event that you get locked out of your mobile device, you’ll still have access to important data. This back up plan will give you a better peace of mind.

Mobile ransomware has been making headlines, and cybercriminals don’t plan on stopping anytime soon. Get educated and be familiar with their actions. To cover all of your bases, consider turning to a mobile security solution like McAfee Mobile Security (MMS) for Android. With newly designed features that allow you to browse more securely on mobile, MMS provides real time malware (ransomware included) detection capabilities. Most importantly, it gives you the power to safeguard against threats like Leaker Locker a single tap.

The post Running from Ransomware: A Mobile User’s Guide appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/leaker-locker-mobile-malware/feed/ 0
123456 Is Not an Acceptable Password in 2017 https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/password-checklist/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/password-checklist/#respond Tue, 11 Jul 2017 13:00:25 +0000 https://securingtomorrow.mcafee.com/?p=75869 Mirror, mirror on the wall, what is the safest password of them all? We all know using a secure password is one of the best practices for protection on the web, but we don’t always practice what we preach. We’ve all been guilty of using our first street address or our first pet’s name as […]

The post 123456 Is Not an Acceptable Password in 2017 appeared first on McAfee Blogs.

]]>
Mirror, mirror on the wall, what is the safest password of them all?

We all know using a secure password is one of the best practices for protection on the web, but we don’t always practice what we preach. We’ve all been guilty of using our first street address or our first pet’s name as passwords, and dedicating that one login to all of our online accounts for the sake of simplicity. I can even admit that there was once a time that my phone was PIN-free—it’s just plain easier, and faster. I understand the long sigh that comes with having to sign in every time you want to use a device. However, it’s never a good idea to trade security for convenience, especially with devices or accounts that hold information as personal as your bank info or family address. Complex passwords help protect your online banking account, emails, and personal information from being accessed by prying eyes.

Yes, secure logins are a crucial layer for account protection, but in all honesty, humans are creatures of habit. We love to use the same password for multiple accounts, use easy-to-remember birthdays or nicknames, or simply don’t change default passwords on devices.

Recent breaches have reminded us that passwords should always take priority (they’re so important, we’ve acknowledged a World Password Day dedicated to changing your passwords!). History has shown us that hackers love and live for bad passwords, so using poor passwords for important accounts will increase your vulnerability to a hack. To make sure that you don’t a commit a security faux pas, check out this secure password checklist:

  • Don’t Use a Real Word: If your password contains a word from the dictionary, nix it. Don’t use the name of your favorite flower or the name of your pet. Instead, consider using either a made-up word, mix of ‘slang’ words, or even gibberish. The more complicated, the better!
  • Mix It Up: As almost all password readers are case-sensitive, consider using a mix of upper- and lowercase letters to be extra secure. Throw in some numbers and symbols to complicate the password, and stay away from your standard birthday or ‘123456’ password.
  • Use the Default and You’ll Be At Fault: All “smart” devices are equipped with default passwords, from your new smart thermostat to the drone you just got for your birthday. As soon as you take your gadget out of the box and set it up for use, change the password immediately, and make sure you update these passwords regularly.
  • “One Size Fits All” Doesn’t Apply: Don’t use the same password for multiple accounts. Although it may seem like a hassle to remember these passwords, the can’t-beat security will be worth the extra effort down the line. Password management solutions like True Key are helpful to keep track of all your login info, as well as generate secure, unique passwords for you.

It’s important to remember to change passwords early, and change them often, across all devices—this makes it extra difficult for cybercriminals to access your personal information. Protecting accounts and devices from their wired connection up to their web logins will help keep hackers at bay.

Interested in learning more about mobile security tips and trends? Follow @McAfee_Home on Twitter, and like us on Facebook.

The post 123456 Is Not an Acceptable Password in 2017 appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/password-checklist/feed/ 0
Will Your Smart Home Be Your Next House Sitter? https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/smart-home-summer-vacation/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/smart-home-summer-vacation/#respond Fri, 23 Jun 2017 13:00:42 +0000 https://securingtomorrow.mcafee.com/?p=75355 As I rush to catch a flight, I’ll often think in a panic, “Do I have my keys? Passport? Plane ticket?” Once I plop down in my seat, a terrifying visualization of everything else I may have forgotten flashes across my mind: “Did I turn the lights off in the main hallway?” “Did I set […]

The post Will Your Smart Home Be Your Next House Sitter? appeared first on McAfee Blogs.

]]>
As I rush to catch a flight, I’ll often think in a panic, “Do I have my keys? Passport? Plane ticket?” Once I plop down in my seat, a terrifying visualization of everything else I may have forgotten flashes across my mind: “Did I turn the lights off in the main hallway?” “Did I set the alarms?” “Did I lower the temperature on the thermostat?” With all the moving parts involved in leaving for a vacation, I’ve started to rely on smart home devices to do some of the work for me.

Since we’ve begun to rely on smart devices more, however, the inherent convenience they provide for the home is sometimes met with headaches—including concerns around the risk of malware and phishing scams. These new intuitive devices are designed to help us perform everyday tasks with ease, but when not secured, they can become a hacker’s playground.

A previous blog went into detail about smart home appliance vulnerabilities, and how you can arm yourself with the proper tools to help you combat cybercriminals. To keep you in the know, I’ve compiled a list of smart devices to consider locking down.

  • Smart Home Security Cameras: Smart home security cameras can help monitor your home to make sure it’s safe and sound from unwanted visitors, but hackers have been known to prey on unprotected devices and turn them into spying tools.
  • Smart TVs: Smart TVs can recommend new shows for you to watch, but if not safeguarded, bad actors could utilize the video and audio functions of these devices to track your every move.
  • Smart Thermostats: Smart thermostats allow you to control the temperature of your home from your smartphone, but researchers have recently found that they can be used as bargaining tools when not locked down. “Want to turn the heat back on? Pay up!”
  • Smart Refrigerators: Although smart refrigerators remind you to get eggs and milk when you run out, an unprotected one in your home could expose the email account embedded into its integrated home calendar. Now that’s what I’d call interrupting your dinner plans.

So, what can you do to lock down all your smart home gadgets? To keep hackers away from your devices, install protection to combat the bad guys right from the source—your router.

With security based at the router level, you can have the best of both worlds. Router-based protection, like McAfee Secure Home Platform, provides an always-on solution that alerts you of emerging vulnerabilities, plus protection for connected devices. What’s more? If you’re away from home, you can manage your device connections through the mobile app. Now that’s something convenience-lovers will have a field day for.

Vacation is supposed to be a time for relaxation and quality time with your family. So before jetting off, make sure you know the ropes of securing your nest. Take the quiz below to test your knowledge, and make sure your home and devices are vacation-ready!

Interested in learning more about mobile security tips and trends? Follow @McAfee_Home on Twitter, and like us on Facebook.

 

 

 

 

 

 

Note: There is a widget embedded within this post, please visit the site to participate in this post's widget.

The post Will Your Smart Home Be Your Next House Sitter? appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/smart-home-summer-vacation/feed/ 0
 We’ve Mastered Encrypted Messaging, So Are Encrypted Calls Next? https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/encrypted-calling/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/encrypted-calling/#respond Tue, 13 Jun 2017 13:00:56 +0000 https://securingtomorrow.mcafee.com/?p=74997 We’ve all heard the names before – WhatsApp, Viber, Telegram, Wire, Signal, Allo… with so many cyberattacks in the news recently, people have begun to rely on encrypted messaging apps to protect their privacy from potential hackers. These services secure end-to-end connections using varying tactics and levels of encryption – you may find yourself questioning […]

The post  We’ve Mastered Encrypted Messaging, So Are Encrypted Calls Next? appeared first on McAfee Blogs.

]]>
We’ve all heard the names before – WhatsApp, Viber, Telegram, Wire, Signal, Allo… with so many cyberattacks in the news recently, people have begun to rely on encrypted messaging apps to protect their privacy from potential hackers. These services secure end-to-end connections using varying tactics and levels of encryption – you may find yourself questioning what any of that means. How do you encrypt your messages? Can anyone do it? What is being protected when you use an encrypted messaging system? If encrypted messaging is so great, why isn’t everyone using encrypted messages? It sure could put an end to all the celebrity phone hacks and government information leaks…  Here’s what you should know about encryption, and find the answers to all your questions.

When people encrypt their communications, it means that only the sender and the recipient can see one another’s messages. While the message is in transit, it cannot be decoded or unraveled by outsiders or the maker of the application, which allows for privacy and security. Some apps do this by protecting individual messages sent to and from the device, some have encryption built in, and others offer a “secret” mode that can be switched on and off. Certain apps, namely Wire and Signal, encrypt messages by design. By installing and signing into the app, all communications are automatically encrypted.

People use encryption for all kinds of communication – for a long time, these apps could only offer encryption for text-based chat, but introducing encrypted calls has been natural next-step and layer of protection in today’s digital world. Encrypted calls would be highly valuable, with the ability to thwart any snooping. However, developing the technology to create such protection for voice calls has proven difficult for programmers.

One of the main challenges that developers face is mastering internet-based calls, which still are not the most reliable way to communicate. Wi-Fi or Ethernet connections are the most stable, but many people still use cellular data to make VoIP (or Voice Over Internet Protocol) calls. In 2014, Signal, one of the many platforms offering encrypted communication, began to offer encrypted calling despite the complications with dropped calls and connection reliability, as did Wire. When WhatsApp introduced encrypted calls and video chat to their one billion users in 2016, other secure messaging apps finally began to pick up the pace and develop secure calling services of their own.

So, now that both encrypted texting services and encrypted calling services have been developed, it seems like all of our calls and texts should be secured by encryption, no questions asked. However, there are many factors slowing down adoption among potential users, one of the main reasons being that both parties must be using the same system for end-to-end encryption to function. Think about it this way – you may find an app that you love to use, but it might be difficult to convince all your friends and family to go through the steps to downloading and using the new app regularly. Everyone has their preferences, and getting everyone in your life to be on the same page can be difficult. Now, expand that to everyone in their lives – and so on, and so forth.

The resolution to this particular problem would be to fully open source these encryption products, so that people can communicate securely within different interfaces and applications. Developers can implement this by making all end-to-end encryption protocols the same, so they could speak to each other cross-product. While some small companies have adopted the Open Secure Telphony Network, or “OTSN,” many of the larger names in encryption – like Skype, Google, and Apple – have decided to brave the world of secure communication on their own, and forego open sourcing (much to the chagrin of people who need complete and total security). The potential security flaws with open-source code can be reason enough for these larger companies to privatize their communications, which defeats the whole purpose. Until developers find the right solution, what’s the best way to keep your private communications safe?

  • Avoid Risky Wi-Fi. Don’t trust unsecured Wi-Fi networks when sending personal information. While it’s great in theory that Wi-Fi is almost always readily available, those unsecured networks are an easy target for hackers to gain access to hundreds of personal devices. If you send personal information over an open network, you don’t know who could be spying on your device – or who could be sharing your data.
  • Keep Your Secrets to Yourself. Generally, it’s a good idea to keep any super sensitive data off mobile devices and messaging apps. Besides not knowing who might be spying on your phone, devices can get lost or stolen, and physically broken into. There are many ways your data can be stolen from a phone, but if you never keep it there in the first place, you’re much more likely to keep it secure.
  • Security Software Goes a Long Way. I highly recommend trusting a security software to have your back as a last resort. McAfee Mobile Security, which is free for Android and iOS, will warn you if you’re about to connect to an unsecured Wi-Fi network. That way, you’ll be more cautious if you are about to send any personal information over your phone.

Looking for more mobile security tips and trends? Be sure to follow @McAfee_Home on Twitter, and like us on Facebook.

The post  We’ve Mastered Encrypted Messaging, So Are Encrypted Calls Next? appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/encrypted-calling/feed/ 0
How Using A VPN Could Save Your Summer https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/vpn-mms-protection/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/vpn-mms-protection/#respond Tue, 23 May 2017 13:00:34 +0000 https://securingtomorrow.mcafee.com/?p=74376 As summer inches closer, I begin to daydream about all the trips I’ll get to take with my family. However, whether our days are spent on the beach or walking around cities we’ve never explored, they all start the same: long-haul flights, airports, and hotels. While the Wi-Fi at the airport may claim to be […]

The post How Using A VPN Could Save Your Summer appeared first on McAfee Blogs.

]]>
As summer inches closer, I begin to daydream about all the trips I’ll get to take with my family. However, whether our days are spent on the beach or walking around cities we’ve never explored, they all start the same: long-haul flights, airports, and hotels. While the Wi-Fi at the airport may claim to be secure in the network name, public Wi-Fi networks lack encryption, which scrambles the data being sent over the network. Without encryption, cybercriminals can intercept shared information and gain access to personal passwords, financials, or identity information.

Traveling often means I’ll be surrounded by (and connecting to) unfamiliar Wi-Fi networks, which makes it especially important to have a smart security solution in place for all my devices. I rely on two different tools to keep my devices and my family’s devices safe while we’re on the road. One is a personal VPN, which keeps my connections safe, even if I need to log into an insecure Wi-Fi network. Personal VPNs encrypt online activities in both public and secure Wi-Fi networks, allowing users to surf the web safely and feel at peace knowing that sensitive information will be kept private.

If you tend to spend a lot of browsing or doing work from your device while traveling, make sure to download security apps that protect your devices directly. It’s nice to have that extra layer of security, as these apps analyze the applications already installed on my phone that use my private information, and secure my data accordingly. If you’re traveling to cities where pickpocketing is common (or if you’re simply forgetful), many of the security apps also offer anti-theft protection that allow the user to back up, lock, and wipe the device remotely.

My family likes to travel to many different places in one vacation, which makes these apps perfect – since we’re bouncing between hotels or vacation rentals, we’re often surrounded by unknown networks. If your device has made an unknown connection, you’re potentially at risk of downloading fishy viruses or malware through the network. I’ve found that it’s always smart to have extra protection if your devices have a higher chance of making an insecure connection.

While these tools are important to have, we’ve learned that technology can occasionally fail us. One of the most trustworthy ways to keep your devices safe while jet-setting around this summer is to understand what an insecure Wi-Fi connection looks like. If you can determine whether the connections around you are safe or not, it will potentially save you and your loved ones a massive headache down the road. Look out for these warning signs of an insecure network, and stay away from connecting if the network looks suspicious.

  • Check the Authenticity. If there is no WPA or WP2 password for protected access, the connection is open, or unencrypted. You can check the authenticity of the network by going into internet settings and looking to see if it’s protected with a WPA or WPA2, or if it says it’s “open.”
  • HTTP vs. HTTPS? Make sure that the web pages you visit are “HTTPS” encrypted whenever possible. Do this by looking at the beginning of the URL you are accessing – if the URL starts with “HTTP”, log out – particularly if you’re doing something sensitive.
  • Pay Attention to the Warning Signs. SSL and TLS warnings are the messages that pop up in your browser when you’re in danger of connecting to an insecure connection – and it’s likely that you’ve clicked through the notification without a second thought. Take a moment to think about what you’re agreeing to before moving past the notifications next time, because it could mean you’re putting your devices in danger.
  • Be Picky. Don’t set your device to automatically connect to Wi-Fi networks. Rather, make sure your laptops, tablets, or smartphones will “forget” certain networks when you disconnect, and that they’ll only reconnect when you choose to do so manually.

From the “secure Wi-Fi” you find at the airport and airplane, to whatever you can connect to in your hotel or vacation rental, it’s smart to have a secure solution if you plan to stay connected while traveling.  Know the warning signs of an insecure Wi-Fi connection and use a personal VPN and/or mobile security solution whenever possible to keep your data as protected as possible. Have a secure summer, and happy travels!

Looking for more mobile security tips and trends? Be sure to follow @McAfee_Home on Twitter, and like us on Facebook.

The post How Using A VPN Could Save Your Summer appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/vpn-mms-protection/feed/ 0
Instagram Has Hopped Aboard the Two-Factor Authentication Train Plus A Quiz for #SocialMediaDay https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/instagram-two-factor-authentication/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/instagram-two-factor-authentication/#respond Tue, 09 May 2017 13:00:57 +0000 https://securingtomorrow.mcafee.com/?p=73671 With over 500 million users, Instagram has quickly become one of the top dogs of social media. Between the many features that combine the best of Facebook and Snapchat and a gorgeous, visual interface that lets you share your thoughts in over 140 characters, I understand why so many people are turning to the platform […]

The post Instagram Has Hopped Aboard the Two-Factor Authentication Train Plus A Quiz for #SocialMediaDay appeared first on McAfee Blogs.

]]>
With over 500 million users, Instagram has quickly become one of the top dogs of social media. Between the many features that combine the best of Facebook and Snapchat and a gorgeous, visual interface that lets you share your thoughts in over 140 characters, I understand why so many people are turning to the platform to communicate with friends and family through daily posts, direct messages, and live video streaming. But, as the age-old saying going, “with great power comes great responsibility.” As the platform gains more users every week and becomes a growing target for hackers, Instagram has a responsibility to their users to increase security measures to maintain user privacy.

After a long-awaited increase in account security, Instagram has finally released a two-factor authentication capability, so that users can up their level of personal security hygiene. Two-factor and multi-factor authentication are terms that have been thrown around a lot recently, with Twitter having added support for 2FA apps, and now Instagram introducing a system of its own into the login process. In case you need a refresher on the difference between the two (or need a quick overview of what they mean to begin with), here’s a quick guide. 

Two-Factor Authentication

Used to add a layer of security to online accounts, two-factor authentication asks for another piece of information after a user enters their password to log in (this is their first verification factor). The second factor can range from a question asking for something the user already knows (like a password, PIN, zip code, or mother’s maiden name), to a biometric verification like a fingerprint, to a confirmation number sent through an SMS message.

This is the most common type of verification, and I’m sure almost all of us have received single-use codes from some of our favorite apps and websites to confirm our identity. Though Twitter, LinkedIn, Facebook, and Instagram all offer 2FA logins, it’s not just social networking sites that offer the extra protection. Amazon, Dropbox, Apple, Microsoft, Google, and PayPal all allow users to switch on two-factor verification. This quick guide explains how to switch it on for all your favorite platforms.

Multi-factor Authentication

Two-factor authentication is a great option, of course, if the only other choice is to have single-factor authentication for your login. However, multi-factor authentication, or MFA, essentially protects your personal account information with more than two locks, and is always the best option when given a choice. Hackers find it much less appealing to try to hack in to a personal account that’s been safeguarded with multi-factor authentication, because it won’t be simple. The True Key App is a great example of a system that uses MFA to ensure maximum security for your stored passwords.

Now, how can you turn on the new 2FA feature for your Instagram account? Here’s a quick, step-by-step guide to setup:

  • Open the Instagram app on your phone, then go to your profile page.
  • Click on the three dots in the upper-right corner, and go to Settings.
  • Scroll down to the “require security code” option, and select “Turn On”.
  • You’re all set, and so much more secure!

Setting up multi- or two-factor authentication systems on all accounts may seem like an extra or unnecessary step, but it’s quite the contrary. The extra step of checking for a verification code, providing a thumbprint, or answering an extra question or two before getting into your account is worth the protection against account hacks. In the meantime, organizations are working to make identity verification quick and easy (while equally secure), to minimize the “hassle” that can come with requiring multiple layers of authentication to gain access to your accounts.  Until then—I think we can all agree it’s worth spending that extra minute or two to make sure our accounts are 100% locked down.

Looking for more mobile security tips and trends? Be sure to follow @McAfee_Home on Twitter, and like us on Facebook.

The post Instagram Has Hopped Aboard the Two-Factor Authentication Train Plus A Quiz for #SocialMediaDay appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/instagram-two-factor-authentication/feed/ 0
So, Your Phone Got Stolen. Here’s What to Do. https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/coachella-phone-theives/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/coachella-phone-theives/#comments Thu, 27 Apr 2017 13:00:17 +0000 https://securingtomorrow.mcafee.com/?p=73024 The Coachella Music and Arts Festival is known for 3 days of desert heat, trendy tunes, and breathtaking art installations, but it may get a new reputation by many as the weekend of stolen cell phones. Hundreds of mobile devices were stolen over the first weekend of the concert earlier this month, after a ring […]

The post So, Your Phone Got Stolen. Here’s What to Do. appeared first on McAfee Blogs.

]]>
The Coachella Music and Arts Festival is known for 3 days of desert heat, trendy tunes, and breathtaking art installations, but it may get a new reputation by many as the weekend of stolen cell phones. Hundreds of mobile devices were stolen over the first weekend of the concert earlier this month, after a ring of thieves flew in from New York to attend the festival and take advantage of distracted concert-goers.

While the majority of the stolen phones were not found, one Coachella attendee noticed that their phone had gone missing, and was able to use the Find My iPhone app to help the police locate the man who had snatched the device. While they recovered more than 100 devices, there are still hundreds more out there – likely in the hands of criminals. Since the other members of the ring turned the phones off, the true hero in the story is the victim who acted quickly enough to use a tracking app to locate the thief.

Even if you didn’t go to Coachella, stolen phones are (unfortunately) a common occurrence, which is why it’s important to have the correct security measures in place. Switching on the right features can be the difference between personal data lost forever, and a speedy device recovery. Check out the below suggestions for the settings to proactively implement (and avoid) in the event your device is stolen.

  • Look Alive: One of the best ways to avoid mobile phone theft is to stay aware of your surroundings. If you know where you are and where your smartphone is, you’re more likely to notice if a shady character is trying to take your device away.
  • Lock It Down: Secure your device using a complicated PIN or a passcode. If a thief gets their hands on your device, the last thing you want is for your phone to be easily broken into (or not secured with a pin at all). Apple changed from their original 4-digit passcode to a more complicated 6-digit passcode in recent years, which makes the likelihood of that thief guessing your passcode correctly 1 in 1 million, instead of 1 in 10,000 (as was the case with the 4-digit passcode). You can also apply two-factor authentication to your Apple ID, adding another layer of personal protection in the event that your passcode happens to be that 1 in 1 million.
  • Back It Up: Keep your data backed up to the cloud, a physical drive, or heck, even to both (that’s our recommendation) to ensure maximum safety. By doing this, you’ll still have access to all personal data saved if the phone is wiped after being snatched. Whether you need to get a replacement phone, or recover your phone from the thief, you can upload the most recent back up­–so make sure you do this often! You can set up auto-backups to the cloud, and know that you won’t be stuck wishing you had backed up recent pictures and contacts after it’s too late.
  • Install Software: There are many different phone apps that exist to help keep mobile devices safe through phone-tracking and mobile security software. McAfee Mobile Security offers anti-theft protection, so you can locate your missing device on a map and switch on an alarm that will help you find it fast. Through the app, you can also lock the phone, back it up, and wipe it to make sure all your data is protected.
  • Since you don’t want your phone to die while you’re hunting for it, an app that helps manage battery life like the Mobile Booster is key. It allows you to monitor data usage and save battery life by turning off unnecessary apps and settings running in the background. If anything does happen to your mobile device, you’ll have ample time to search for it before it loses power.
  • Disable Auto-Logins: Sure, auto-logins to apps may make life easier, but taking the extra 10 seconds to login to social media accounts or email is worth keeping your personal information safe. We keep so much data about our personal lives, our loved ones, and sometimes people we hardly know inside these tiny devices, so it’s important to protect their privacy as well as your own.

Over 10 million devices were stolen globally in the first two months of 2016, and 36% of stolen cell phones were not blocked by their operators. This means that the criminals behind each theft potentially gained access to the data stored on each device. It’s vital to implement these security settings so that your device can be locked down and found should a theft occur.
To keep up with the latest security threats, make sure to follow @McAfeeConsumer on Twitter and like us on Facebook.

The post So, Your Phone Got Stolen. Here’s What to Do. appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/coachella-phone-theives/feed/ 1
Smart Home Goes Scandi As IKEA Rolls Out a Smart Home Lineup https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/ikea-smart-home-system/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/ikea-smart-home-system/#respond Tue, 11 Apr 2017 13:00:16 +0000 https://securingtomorrow.mcafee.com/?p=71318 Ah, IKEA. The furniture store probably best known for simple furnishings with not-so-simple assembly instructions (and simply delicious Swedish meatballs) is expanding into the smart home market with a new lineup of connected lighting systems. The furniture giant is diving into the IoT space with everything from standalone light bulbs (which run from a ZigBee […]

The post Smart Home Goes Scandi As IKEA Rolls Out a Smart Home Lineup appeared first on McAfee Blogs.

]]>
Ah, IKEA. The furniture store probably best known for simple furnishings with not-so-simple assembly instructions (and simply delicious Swedish meatballs) is expanding into the smart home market with a new lineup of connected lighting systems. The furniture giant is diving into the IoT space with everything from standalone light bulbs (which run from a ZigBee hub, the same system on which Philips Hue bulbs operate) to pre-installed cabinet systems, and everything in between.

It’s the perfect marriage – IKEA, arguably the world’s most accessible furniture giant, is making connected living even more accessible. Now, smart lights and other screenless IoT devices like thermostats or refrigerators may not feel as privacy-sensitive as your computer, mobile phone, or even your smart car. But in today’s connected reality, cybercriminals can find vulnerabilities in any network-connected device and turn them hostile.

For example, back in November, researchers infected Philips Hue light bulbs throughout an office tower with a virus that let attackers control the lights. The cybercriminals used a drone that could take control of the bulbs to first spread the virus. From there, the infection jumped from bulb to bulb within the network, and cybercriminals used their control of the system to make the lights blink an “S.O.S.” message in Morse code.

Similarly, other white-hat hackers (or, hackers working for “The Good Guys”) have found vulnerabilities in smart thermostats that could potentially allow cybercriminals to lock down the devices for a ransom. Ransomware installation in thermostats could potentially very dangerous: imagine living somewhere cold in the dead of winter, and not being able to turn your heat on because cybercriminals have locked your heating system with ransomware. Alternatively, they could turn your house temperature up to 108º and refuse to turn it down until you pay up.

So, before you invest in any smart home devices, study up on these security measures for the connected home.

  1. Change the default password. Many connected devices come with default passwords like 0000 or 1234, which makes it easy to connect to your network for the first time. However, it can be easy to forget to change that password once you’ve got your system up and running. Remembering to swap the old out for a new, more complex password is vital to keeping hackers at bay and maintaining the security of your devices long after you’ve opened the box.
  1. Secure your network. Changing the password on your devices is one way to block out hackers, but it’s also important to keep them out of your network from the back end. Make sure your home network, and all devices connected to it, are armed with complex passwords. You may even consider siphoning off one separate network for your connected home devices and one for your personal computer and mobile devices. That way, if one network is breached, the hacker won’t have the keys to your entire connected kingdom.
  1. Safeguard your home. Go beyond locking down your networks with McAfee Secure Home Platform. Gateways that come protected with Secure Home platform protect all connected devices, including IoT devices in the home network, from connecting to known malicious sites. By securing all devices connected to the network through the gateway itself, McAfee Secure Home Platform adds an extra layer of security onto your connected devices. McAfee Secure Home Platform will be available on the Arris Surfboard Gateway and Humax routers in retailers across the US, Germany, and Thailand soon. Keep an eye out this Spring for gateways that have the McAfee Secure Home Platform built-in.

As IKEA rolls out smart lighting systems in their fast-furnishings model, and AI-designed personal assistants like Alexa and Google Home become more affordable and consumer friendly, we must welcome the fact that connected devices aren’t going anywhere anytime soon. By remembering these easy security tips, you can get the most out of connected devices with the peace of mind that your data isn’t up for grabs.

Looking for more mobile security tips and trends? Be sure to follow @McAfee_Home on Twitter, and like us on Facebook.

The post Smart Home Goes Scandi As IKEA Rolls Out a Smart Home Lineup appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/ikea-smart-home-system/feed/ 0
These Cute Teddy Bears Have Been Recording Your Kids https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/cloudpets-hack/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/cloudpets-hack/#respond Tue, 28 Mar 2017 13:00:54 +0000 https://securingtomorrow.mcafee.com/?p=70762 When we think of cyberhacks, we often think of criminals trying to break into a network of important information protected behind a screen. You might think of enterprises and large organizations as victims of cyberattacks, but actors are moving their target to the home. Living with three kids, I try to make my home––and my […]

The post These Cute Teddy Bears Have Been Recording Your Kids appeared first on McAfee Blogs.

]]>
When we think of cyberhacks, we often think of criminals trying to break into a network of important information protected behind a screen. You might think of enterprises and large organizations as victims of cyberattacks, but actors are moving their target to the home. Living with three kids, I try to make my home––and my tech––as safe for my kids as possible.

Cybercriminals are tricky, however, and sometimes sneak in to our homes in ways we’d never imagine possible. Recent attacks are even targeting children’s toys that connect to the internet, putting not only you, but your children’s privacy at risk.

CloudPets are loveable plush toys that allow kids to communicate directly with loved ones from afar. Friends and family members from around the globe can record voice messages on the CloudPets mobile app and upload it to a child’s stuffed animal, which will then play it for the owner. Kids can respond back by recording their own message through the stuffed animal’s built-in recording mechanism.

Security expert Troy Hunt was contacted last month by an unknown source, who told Hunt they had access to the entire CloudPets database of passwords and recordings. The source sent a snippet of about half a million recordings to Hunt, who then began to work on verifying their authenticity. He had been leading a security course at the time, and one of his students in the class was registered as a CloudPets parent. Using his student’s information, Hunt was able to locate his student’s email in the database, match the passwords, and authenticate the data. The leaked information included audio recordings of both children and adult voices with direct links, as well as the account profile photos of the kids who possessed the toys.

So, what does this mean for our children and their security? While this leak wasn’t as bad as the VTech breach that occurred a few years back, it’s still unclear how many people accessed the data that was exposed by this vulnerability. Because CloudPets didn’t have any complexity requirements for account passwords, it means it’s that much more vital to teach our children the importance of creating secure, complex logins. As the industry learns from attacks and fights back, there are a few proactive steps you––and your kids––can take. For now, know these three “S’s” to make your family more secure while using IoT devices at home.

  • Secure: How do you manage the passwords you use to protect your online accounts? You may only have one or two passwords for all online services you’re registered for (studies show that most of us use between 15 and 20 accounts each, but some of use 100 or more). This means that if one account is breached, all other accounts are at risk. Instead of relying on your brain to be your password manager, create your own algorithm to constructing secure passwords, and use a password manager like the True Key app, which keeps track of your logins, creates strong passwords, and signs you in with biometric security—just make sure each account has a unique password, and that you update your passwords regularly!
  • Separate: Connecting your devices to separate networks creates distinct connections and minimizes opportunity for a hack. We recommend using at least three different networks: one for your personal laptops, smartphones and tablets; one for guests’ devices; and one for IoT devices. This way, should a smart device become compromised, the breach will be limited to other devices connected to that network, and protect your personal devices from a threat. Smart Home products will exist in 50% of households by 2020, so it’s vital that we lock down our devices now as threats become smarter.
  • Safeguard: Invest in an internet router that protects your devices from within the system. McAfee Secure Home Platform does just that, securing internet-connected devices through the connection itself, to ensure maximum security. McAfee Secure Home Platform will be available on the Arris Surfboard Gateway and Humax routers in retailers across the US, Germany, and Thailand soon. Keep an eye out this Spring for gateways that have the McAfee Secure Home Platform built-in.

From improving personal safety, to increasing the ease of day-to-day tasks, IoT devices and smart home technology make your home and life more efficient. By remembering these easy tips to ensure IoT device safety and staying vigilant of suspicious behavior, you can get the most out of connected devices with the peace of mind that your data isn’t up for grabs.

Looking for more mobile security tips and trends? Be sure to follow @McAfee_Home on Twitter and like us on Facebook.

The post These Cute Teddy Bears Have Been Recording Your Kids appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/cloudpets-hack/feed/ 0
How To Protect Today’s Smart Home https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/smart-home-for-family/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/smart-home-for-family/#comments Tue, 14 Mar 2017 13:00:16 +0000 https://securingtomorrow.mcafee.com/?p=70401 We love our kids, and we want the best for them. In today’s connected world, the role of a parent includes deciding how much to let technology impact our kids’ lives. Sometimes that role involves the choice to either disconnect more so our little ones can develop without too much tech influence, or to take […]

The post How To Protect Today’s Smart Home appeared first on McAfee Blogs.

]]>
We love our kids, and we want the best for them. In today’s connected world, the role of a parent includes deciding how much to let technology impact our kids’ lives. Sometimes that role involves the choice to either disconnect more so our little ones can develop without too much tech influence, or to take advantage of the benefits that smart devices offer. Web-connected technology built specifically for families makes parenting simpler in too many ways to count, but not all are created equal. To clear up the good and the bad, we rounded up the best family-centric smart home devices, their vulnerability, and how to keep them secure.

Virtual Assistant: Whether you’re already devoted to your Amazon Echo or have been eyeing the Google Home, virtual assistants have become a pseudo family member in many homes. Among an extensive list of capabilities that continues to grow, these hands-free devices can crawl the web for random info, read audiobooks to kids before bed, and act as the ultimate kitchen helper by searching for recipes and setting timers (no more screen smudges!). As these devices are connected to your online accounts, web-connected household devices, and more, it’s important to make sure these devices stay secure.

The Hack: Should your Alexa or Home become compromised, the hacker may be able to gain control over a large portion of your sensitive personal information. Additionally, the “always on” feature listens to and records what you say around the device once activated, which affects your personal privacy in the long-run.

Security Systems: As a parent, protecting our family from whatever goes “bump” in the night is priority number one. We want to know that our house is secure and that our family is safe from intrusions, including virtual ones. The iSmart Home Security System is just one of the many security systems that provides intelligent, connected protection for your home’s devices, including cameras, front door locks, and alarm systems.

The Hack: If hackers gain access to your security system, they can use ransomware to lock or unlock your doors, set off your alarms, or spy through your cameras.

Thermostats: In 2012, Nest began selling smart thermostats, and over the past five years, the company has expanded their repertoire to include smoke detectors and security cameras. However, the smart thermostat remains their most popular product, with its ability to learn your family’s temperature preferences and schedule patterns, and adjust accordingly. Nest has remained the household name in smart thermostats, but the ecobee is another system with a touch-enabled display and remote-sensor capabilities.

The Hack: “White hat” hackers recently made the first case for a smart thermostat ransomware hack that turns the heat all the way up in your home until you pay a fine.

Lighting Systems: Like smart thermostats, connected lighting systems like the Phillips Hue bulbs are an awesome way to keep an environmentally friendly home. You can keep your lights on a timer to be sure that they shut off when you aren’t home, which conserves both energy and the dough in your wallet. The bulbs connect to several other smart home devices, which means that you can control them on the go from your Amazon Echo or Google Home.

The Hack: A bug in smart bulbs can brick your bulbs, make them flicker or turn on whenever the hacker sets them to, or create a virus that spreads through nearby bulbs.

With all the devices connecting your home to the internet, it’s important to know you are protected from cybercriminals attempting to score your personal data. To prevent an attack, secure your home Wi-Fi by creating a safe password and change the default password on all of your IoT devices. Solutions such as McAfee Secure Home Platform––available on the Arris Surfboard Gateway and Humax routers in retailers soon––can secure devices through your internet router to make sure every internet-connected device is safe. Keep an eye out this year for gateways that have the Secure Home Platform built in.

Looking for more mobile security tips and trends? Be sure to follow @McAfee_Home on Twitter and like us on Facebook.

The post How To Protect Today’s Smart Home appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/smart-home-for-family/feed/ 1