computer security

mcafee-213780-b2b-retouched-20180516-750x500-300x200-4.jpg

Here’s What You Need to Know About Your Data Privacy in 2020

Here’s What You Need to Know About Your Data Privacy in 2020 1

The end of 2019 is rapidly approaching, and with the coming of a new year comes the perfect opportunity to reflect on the past and plan for the months ahead. What will 2020 bring when it comes to cybersecurity and what can users do to ensure that they’re protected in the upcoming year? From new data privacy laws to how organizations collect and store user data, the new year will certainly bring plenty of security implications for users. Let’s take a look at a few predictions we have for the year to come.

More Awareness, More Regulations

After a security breach is disclosed, users often learn what can go wrong with their data and may start to wonder what will happen if their information gets into the wrong hands. That’s why new privacy laws will likely be implemented to empower users to better protect and control their data. For example, the new California privacy law set to go into effect January 2020 will allow consumers to instruct companies to delete their personal information and to opt-out of having their private data shared. These new regulations will allow users to better control their data and who has access to it. However, more regulations also create a more complicated landscape for individuals to navigate. Consumers will likely see more “consent” requests attached to any online data collection. That said, it is important to pay close attention to what consumers are agreeing to when they click “consent.”

With these new privacy laws, the method and level of transparency that organizations use to collect and store user data will likely come under scrutiny, particularly as data breaches become public. For example, companies make billions of dollars annually by buying and selling personal information that isn’t theirs to sell. The more data a company has on a user, the more insight cybercriminals have to infiltrate their digital life and trick them into sharing more information. 

New Tricks for the New Year

As more data is collected from various breaches, cybercriminals will look to leverage this information as a way to better understand which users to target and how exactly to target them. With the help of social engineering and artificial intelligence, these crooks will up the ante and turn old cyber tricks into sophisticated, unfamiliar threats. Take call spoofing, for example. By taking advantage of a user’s private data and new technology, cybercriminals could implement a fake call that appears to be coming from the user’s friend or family member. Because users are more likely to pick up a call from someone they know or a number that shares their same area code, cybercriminals increase the chances that their malicious attacks will be successful.

Dark Web Draws in More Data

With the number of breached records growing every day, users need to be aware of how crooks are leveraging this information in the cybercriminal underground and on the Dark Web. According to the McAfee Advanced Threat Research (ATR) team, more than 2.2 billion stolen account credentials were made available on the cybercriminal underground throughout Q1 2019 alone. This growing trend of personal online accounts being brokered on the Dark Web and the increasingly sophisticated threats that have recently emerged means that the 2019 holiday season could be the most dangerous yet.

With these predictions for the cybersecurity landscape in 2020, what resolutions can users make to help ensure that their data is protected? Follow these security tips to help safeguard your personal information:

  • Never reuse passwords. With just one hack, cybercriminals can get their hands on thousands of passwords, which they can then use to try to access multiple accounts. Ensure that all of your passwords are complex and unique.
  • Go directly to the source. Instead of clicking on a link in an email, it’s always best to check directly with the source to verify an offer or shipment.
  • Browse with security protection. Use a comprehensive security solution, like McAfee Total Protection, which can help protect devices against malware, phishing attacks, and other threats. It includes McAfee WebAdvisor, which can help identify malicious websites.
  • Use a tool to help protect your personal information. A solution like McAfee Identity Theft Protection takes a proactive approach to help protect identities with personal and financial monitoring and recovery tools to help keep identities personal and secure.

And, as always, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post Here’s What You Need to Know About Your Data Privacy in 2020 appeared first on McAfee Blogs.

shutterstock_1325841698-300x198.jpg

7 Ways to Wreck a Cybercrook’s Holidays

7 Ways to Wreck a Cybercrook’s Holidays 2

holiday scams’Tis the season for giving and who better to give a giant headache to than the digital scammers working overtime to wreck our holidays? Can we spot and unravel every scam out there? Probably not. But, by taking a few minutes to get equipped to click, we can dodge common traps laid by cybercrooks and wreck their holidays before they get a chance to wreck ours.

Rock ‘Em Sock ‘Em Robo Calls

As informed as most of us may profess to be, American consumers continue to step into cyber traps every day. In fact, according to a recent McAfee survey, in 2019, 74% of those surveyed admitted to losing more than $100 in scams and almost a third (30%) losing more than $500. The survey also revealed that 48% of Americans have been or know someone who has been a victim of robocalling in 2019, making it the most prevalent scam of the year. Email phishing (41%) and text phishing (35%) are also tricks we fell for in 2019.

Cybercrooks call those stats a very happy holiday.

Are you equipped to click?

We can do our part to reduce these statistics. Before we all get distracted with shopping sprees or fall into sugar comas, call a family huddle. Discuss ways to avoid the digital traps and send cybercrooks into a maze of locked doors and dead ends. Here are a few ideas to get you started.

7 ways to wreck a cybercrook’s holidays

  1. Get real about cybercrime. Don’t sugar coat cybercrime for your kids. Here’s the truth: Over 2.2 billion stolen account credentials were made available on the cybercriminal underground throughout Q1 2019 alone, which puts a priceless amount of user data at risk. Crooks are targeting us. They are shopping the black web for stolen data to use in a variety of illegal ways. If we fail to lock our digital doors, the consequences can be emotionally and financially devastating and may last years.
  2. Shake up your passwords. Never use the same password. By uncovering one of your passwords,  cybercriminals can get their hands on thousands of passwords, which they can then use to try to access multiple accounts. So change passwords often and use a variety, especially around the holidays when online shopping spikes.
  3. Verify emails. Slow down to examine emails. Instead of clicking on an email link, check directly with the source to verify an offer or shipment. Cybercriminals are getting very sophisticated. They are creating full websites that closely mimic brand retailers. Also, they are posing as friends, family, and colleagues in an attempt to get you to click a link that will download malicious malware onto your computer.
  4. Browse securely. Use a comprehensive security solution to help protect devices against malware, phishing attacks, and malicious websites.
  5. Use a tool to help protect your personal information. Take a proactive approach to help protect identities with personal and financial monitoring and recovery tools to help your identity secure.
  6. Verify shipments. Cybercrooks understand consumer habits. They know you’ve likely ordered from several online retailers, so they will exploit that and try to confuse you by sending bogus shipment notifications or reward  you with “added offers.” The email will look legitimate. It will likely have a legitimate-looking email address and branding of the retailer or shipping company. Check directly with the source before clicking any link in an offer or shipment notification.
  7. Protect your identity. Criminals are on the prowl to find weak links anywhere personal data is kept — the includes credit card companies and banks. Get proactive in protecting your identity and the identities of your family members with personal and financial monitoring and recovery tools.

Even with the threats that exist around us, keep your sights fixed on the bigger picture. The holiday season is still merry and bright. People are still good. And, peace on earth — and in your home — is still possible this year. With a little foresight and a few cool tools, you are more than able to protect the things that matter most.

To stay informed on the latest digital news, trends, and family safety insights, subscribe to this and other McAfee blogs. Follow @McAfee_Family on Twitter to join the digital parenting conversation.

The post 7 Ways to Wreck a Cybercrook’s Holidays appeared first on McAfee Blogs.

twitter27-300x169.jpg

2.2 Million Users Affected By Latest Data Exposure: 4 Tips to Stay Secure

2.2 Million Users Affected By Latest Data Exposure: 4 Tips to Stay Secure 3

The digitalization of data allows it to move effortlessly and be accessed from devices and places around the world within a matter of seconds. This also makes it possible for businesses, organizations, and even individuals to collect and analyze this data for a variety of reasons. However, not all of these purposes are well-intentioned. More often than not, cybercriminals use the abundance of digital data to their advantage. According to Ars Technica and security researcher Troy Hunt, password data and other personal information belonging to as many as 2.2 million users of two websites – a cryptocurrency wallet service and a gaming bot provider — has been posted on the Dark Web.

What information is included in these databases? The first data haul includes personal information for as many as 1.4 million accounts from the GateHub cryptocurrency wallet service. The cybercriminal who posted this 3.72GB database stated that it also includes two-factor authentication keys, mnemonic phrases, and wallet hashes. The second haul contains data for about 800,000 accounts on RuneScape’s bot provider EpicBot, including usernames and IP addresses. Both databases include registered email addresses and hashed passwords.

So, what lessons can we learn from this data dump and what can we do to help secure our information? Check out the following security tips to help protect your digital data.

  • Be vigilant when monitoring your personal and financial data. A good way to determine whether your data has been exposed or compromised is to closely monitor your online accounts. If you see anything fishy, take extra precautions by updating your privacy settings, changing your password, or using two-factor authentication.
  • Use strong, unique passwords. Make sure to use complex passwords for each of your accounts, and never reuse your credentials across different platforms. It’s also a good idea to update your passwords consistently to further protect your data.
  • Watch out for other cyberattacks. Be on high alert for other malicious attacks where cybercriminals could use stolen credentials to exploit users, such as spear phishing.
  • Check to see if you’ve been affected. If you or someone you know has a GateHub or EpicBot account, use this tool to check if you could have been potentially affected.

And, of course, to stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post 2.2 Million Users Affected By Latest Data Exposure: 4 Tips to Stay Secure appeared first on McAfee Blogs.

iStock_83885019_SHOPPING-min-300x200.jpg

‘Tis the Season for Cybersecurity: Stay Protected This Holiday Season

‘Tis the Season for Cybersecurity: Stay Protected This Holiday Season 4

It’s beginning to look a lot like the holiday season – and with the holidays comes various opportunities for cyber-scrooges to exploit. While users prepare for the festivities, cybercriminals look for opportunities to scam holiday shoppers with various tricks. To shed more light on how these crooks are putting a damper on user’s holiday season, McAfee surveyed over 8,000 adults over the age of 18 across multiple countries from October 10-20, 2019 on the types of scams they’ve encountered this year.

The Scams of Christmas Past

Cyber-scrooges have upped the ante over the years, using more sophisticated measures to adapt to consumers’ evolving digital lifestyles. However, scams of Christmas Past are still haunting users today, as global findings indicate that email and text phishing are still prevalent. For example, the percentage of respondents stating that they still experience email phishing ranges from 25% in India to a whopping 42% in France. Respondents stating that they still experience text phishing ranged from 21% in India to 35% in Australia.

Additionally, robocalling has seen an increase in popularity in 2019. Fifty-one percent of respondents in France stated that they still receive robocalls. The survey found that 48% of respondents in the U.S. and 32% of Australians receive robocalls, as well as 34% in Spain, and 33% in Germany claimed that they have fallen victim to robocalls.

The Scams of Christmas Present

During the holidays, cyber-scrooges are likely to further exploit scams of Christmas Present to take advantage of users’ generosity. For example, several survey respondents in the U.K., France, Germany, Spain, Australia, India, and Singapore stated that they had fallen victim to fake charity scams in 2019. Knowing that many people enjoy making donations during this time of year, cybercriminals will likely pose as a charity online as a ploy to collect financial data and money from unsuspecting users.

Since many people do a lot of their holiday shopping online, users should also beware of shipping notification scams, as respondents in the U.K., Spain, Australia, India, and Singapore have fallen victim to these scams throughout this year. This scam, along with all those of Christmas Past and Present, proves that as people continue to adopt technology into their everyday lives, they are in turn giving cybercriminals more opportunities to exploit during the holiday season.

The Scams of Christmas Future

Whether it be email phishing or fake charity scams, users must stay updated on common cyber-scrooge practices to help protect their personal and financial data. As more data and user credentials are gathered from breaches, cybercriminals are looking to take their business to the next level and leverage more advanced techniques. For example, the cybercriminal underground poses a threat to users with more than 2.2 billion stolen account credentials made available for purchase in Q1 2019. These crooks will likely continue to sell and share user data across the Dark Web for the possibility of more profit.

Cybercriminals will also leverage data collected from breaches to better understand which users to target and how they can easily target them with social engineering and AI (artificial intelligence). Most users will probably ignore a call from an unknown number, but what about a call from a family member? Cybercriminals will create more sophisticated scams by including a family member’s caller ID in the hopes of exploiting users through more personal engagement.

Attacks will not only likely grow in sophistication but in volume in the future as well. From interactive speakers to IP cameras to other internet-connected devices like thermostats and appliances — IoT devices have greatly increased the attack surface. As we see an increase in the volume of devices going into homes with a lack of security controls built-in, cybercriminals will likely focus on exploiting consumers through these gadgets. The good news? As we look ahead towards the scams of Christmas Future, we can also work to better prepare our networks and devices before we fall into cybercriminals’ traps.

Even though users believe that cyber-scams become more prevalent during the holiday season, a third don’t actually take steps to change their online behavior. To help ensure your holiday season goes off without a hitch, follow these tips to help stay secure:

  • Say so long to robocalls. Consider downloading the app Robokiller that will stop robocalls before you even pick up. The app’s block list is constantly updating, so you’re protected. Let all other unknown calls go to voicemail and never share personal details over the phone.
  • Go directly to the source. Be skeptical of emails or texts claiming to be from companies or charities with peculiar asks or messages. Instead of clicking on a link within the email or text message, it’s best to go straight to the company’s website or contact customer service.
  • Hover over links to verify the URL. If someone sends you an email with a link, hover over the link without actually clicking on it. This will allow you to see a link preview. If the URL looks suspicious, don’t interact with it and delete the email altogether.
  • Use a comprehensive security solution. Using a solution like McAfee Total Protection can help your holiday shopping spree go smoothly by providing safe web browsing, virus protection, and more.

And, as always, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post ‘Tis the Season for Cybersecurity: Stay Protected This Holiday Season appeared first on McAfee Blogs.

McAfee_consumer_1parent1daughter_tablet_cooking_72dpi-300x200-2.jpg

What You Need to Know About the Google Chrome Vulnerabilities

What You Need to Know About the Google Chrome Vulnerabilities 5

While you might have been preoccupied with ghosts and goblins on Halloween night, a different kind of spook began haunting Google Chrome browsers. On October 31st, Google Chrome engineers issued an urgent announcement for the browser across platforms due to two zero-day security vulnerabilities, one of which is being actively exploited in the wild (CVE-2019-13720).

So, what is the Google Chrome zero-day exploit? While there are few specific details known at this time, researchers did uncover that the bug is a use-after-free flaw, which is a memory corruption flaw that attempts to access a device’s memory after it has been freed. If this occurs, it can cause a variety of issues including program crashes, execution of malicious code, or even allowing an attacker to gain full remote access to the device.

The second of the two vulnerabilities (CVE-2019-13721) affects PDFium, a platform developed by Foxit and Google. PDFium provides developers with capabilities to leverage an open-source software library for viewing and searching for PDF documents. Like the first bug, this flaw is also a use-after-free vulnerability. However, there have been no reports of it being exploited by cybercriminals for malicious purposes yet.

Luckily, Google has quickly acknowledged the vulnerabilities and is rolling out a patch for these bugs over the coming days. Meanwhile, follow these security tips to help safeguard your data and devices:

  • Update, update, update. Be sure to install the latest Chrome browser update immediately to help mitigate any risk of falling victim to these exploits.
  • Turn on automatic updates. Practice good security hygiene by turning on automatic updates. Cybercriminals rely on unpatched software to exploit vulnerabilities, so ensure that your device software is updated as soon as patches are available.

And, as always, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

 

The post What You Need to Know About the Google Chrome Vulnerabilities appeared first on McAfee Blogs.

img_1581534021300415-300x225.jpg

A Cybersecurity Horror Story: October’s Creepiest Threats and How to Stay Secure

A Cybersecurity Horror Story: October’s Creepiest Threats and How to Stay Secure 6

Halloween time is among us and ghosts and goblins aren’t the only things lurking in the shadows. This past month has brought a variety of spooky cyberthreats that haunt our networks and devices. From malicious malware to restricting ransomware, October has had its fair share of cyber-scares. Let’s take a look at what ghoulish threats have been leading to some tricks (and no treats) around the cybersphere this month.

Ghostcat Malware

One ghost that recently caused some hocus pocus across the Web is Ghostcat-3PC. According to SC Magazine, the malware’s goal is to hijack users’ mobile browsing sessions.

The infection begins when a user visits a particular website and is served a malicious advertisement. Ghostcat fingerprints the browser to collect device information and determines if the ad is running on a genuine webpage. Ghostcat also checks if the ad is running on an online publishers’ page that has been specifically targeted by this campaign. If these conditions are met, then the malware serves a malicious URL linked to the ad.

From there, this URL delivers obfuscated JavaScript, which creates an obscure source or machine code. The attackers behind Ghostcat use this to trick the publishers’ ad blockers, preventing them from detecting malicious content. The code also checks for additional conditions necessary for the attack, like ensuring that the malware is being run on a mobile device and a mobile-specific browser, for example. If the malware concludes that the browsing environment fits the descriptions of their target, it will serve a fraudulent pop-up, leading the user to malicious content.

Bewitched WAV Files

Ghostcat isn’t the only way malware is being spread lately, as, according to ZDNet, attackers have manipulated WAV audio files to spread malware and cryptominers. By using a technique called stenography, malware authors can hide malicious code inside of a file that appears normal, which allows hackers to bypass security software and firewalls.

Previously, cybercriminals have used stenography revolving around image file formats like PNG or JPEG. However, these crooks have now upped the ante by using WAV audio files to hide different types of malware. Most recently, researchers found that this technique is used to hide DLLs, or dynamic link libraries that contain code and data that can be used by more than one program at the same time. If malware was already present on an infected host device, it would download and read the WAV file, extract the DLL, and install a cryptocurrency miner called XMRrig. Cryptocurrency miners compile all transactions into blocks to solve complicated mathematical problems and compete with other miners for bitcoins. To do this, miners need a ton of computer resources. As a result, miners tend to drain the victim’s device of its computer processor’s resources, creating a real cybersecurity headache.

MedusaLocker Ransomware

Finally, we have the mysterious MedusaLocker ransomware. According to BleepingComputer, this threat is slithering its way onto users’ devices, encrypting files until the victim purchases a decryptor.

This strain will perform various startup routines to prep the victim’s device for encryption. Additionally, it will ensure that Windows networking is running and mapped network drives (shortcuts to a shared folder on a remote computer or server) are accessible. Then, it will shut down security programs, clear data duplicates so they can’t be used to restore files, remove backups made with Windows backup, and disable the Windows automatic startup repair.

For each folder that contains an encrypted file, MedusaLocker creates a ransom note with two email addresses to contact for payment. However, it is currently unknown how much the attackers are demanding for the victim to have their files released or if they actually provide a decryptor once they receive a payment.

With all of these threats attempting to haunt networks and devices, what can users do to help themselves have a safe and secure spooky season? Follow these tips to keep cybersecurity tricks at bay:

  • Watch what you click. Avoid clicking on unknown links or suspicious pop-ups, especially those coming from someone you don’t know.
  • Be selective about which sites you visit. Only use well-known and trusted sites. One way to determine if a site is potentially malicious is by checking its URL. If the URL address contains multiple grammar or spelling errors and suspicious characters, avoid interacting with the site.
  • If your computer slows down, be cautious. One way you can identify a cryptojacking attack – poor performance. If your device is slow or acting strange, start investigating and see if your device may be infected with malware.
  • Surf the web safely. You can use a tool like McAfee WebAdvisor, which will flag any sites that may be malicious without your knowing.
  • Use a comprehensive security solution. To secure your device and help keep your system running smoothly and safely, use a program like McAfee Total Protection.

And, of course, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post A Cybersecurity Horror Story: October’s Creepiest Threats and How to Stay Secure appeared first on McAfee Blogs.

gus-ruballo-NcjUp9rJjYg-unsplash-S-300x200.jpg

Aussies Fear Snakes, Spiders and Getting Hacked

Aussies Fear Snakes, Spiders and Getting Hacked 7

Fears and phobias. We all have them. But what are your biggest ones? I absolutely detest snakes but spiders don’t worry me at all. Well, new research by McAfee shows that cybercriminals and the fear of being hacked are now the 5th greatest fear among Aussies.

With news of data breaches and hacking crusades filling our news feed on a regular basis, many of us are becoming more aware and concerned about the threats we face in our increasingly digital world. And McAfee’s latest confirms this with hackers making their way into Australia’s Top 10 Fears.

According to research conducted by McAfee, snakes are the top phobia for Aussies followed by spiders, heights and sharks. Cybercriminals and the fear of being hacked come in in 5th place beating the dentist, bees, ghosts, aeroplane travel and clowns!

Aussie Top 10 Fears and Phobias

  1. Snakes
  2. SpidersAussies Fear Snakes, Spiders and Getting Hacked 8
  3. Heights
  4. Sharks
  5. Hackers/Cybercriminals
  6. The dentist
  7. Bees or wasps
  8. Ghosts
  9. Aeroplane travel
  10. Clowns

Why Do We Have Phobias?

Fears and phobias develop when we perceive that we are at risk of pain, or worse, still, death. And while almost a third of respondents nominated snakes as their number one fear, there is less than one-in-fifty thousand chance of being bitten badly enough by a snake to warrant going to hospital in Australia, according to research from the Internal Medicine Journal.

In contrast, McAfee’s analysis of more than 108 billion potential online threats between October and December 2018, identified 202 million of these threats as genuine risks. With a global population of 7.5 billion, that means there is approximately a one in 37 chance of being targeted by cybercrime. Now while this is not a life-threatening situation, these statistics show that chance of us being affected by an online threat is very real.

What Are Our Biggest Cyber Fears?

According to the research, 82% of Aussies believe that being hacked is a growing or high concern. And when you look at the sheer number of reported data breaches so far this year, these statistics make complete sense. Data breaches have affected Bunnings staff, Federal Parliament staff, Marriott guests, Victorian Government staff, QLD Fisheries members, Skoolbag app users and Big W customers plus many more.

Almost 1 in 5 (19%) of those interviewed said their top fear at work is doing something that will result in a data security breach, they will leak sensitive information or infect their corporate IT systems.

The fear that we are in the midst of a cyberwar is another big concern for many Aussies. Cyberwar can be explained as a computer or network-based conflict where parties try to disrupt or take ownership of the activities of other parties, often for strategic, military or cyberespionage purposes. 55% of Aussies believe that a cyberwar is happening right now but we just don’t know about it. And a fifth believe cyber warfare is the biggest threat to our nation.

What Can We Do to Address Our Fear of Being Hacked?

Being proactive about protecting your online life is the absolute best way of reducing the chances of being hacked or being affected by a data breach. Here are my top tips on what you can now to protect yourself:

  1. Be Savvy with Your Passwords

Using a password manager to create unique and complex passwords for each of your online accounts will definitely improve your online safety. If each on your online accounts has a unique password and you are involved in a breach, the hacker won’t be able to use the stolen password details to log into any of your other accounts.

  1. Stop AutoFill on Chrome

Storing your financial data within your browser and being able to populate online forms quickly within seconds makes the autofill function very attractive however it is risky. Autofill will automatically fill out all forms on a page regardless of whether you can see all the boxes. You may just think you are automatically entering your email address into an online form however a savvy hacker could easily design an online form with hidden boxes designed to capture your financial information. So remove all your financial information from Autofill. I know this means you will have to manually enter information each time you purchase but your personal data will be better protected.

  1. Think Before You Click

One of the easiest ways for a cybercriminal to compromise their victim is by using phishing emails to lure consumers into clicking links for products or services that could lead to malware, or a phoney website designed to steal personal information. If the deal seems too good to be true, or the email was not expected, always check directly with the source.

  1. Stay Protected While You Browse

It’s important to put the right security solutions in place in order to surf the web safely. Add an extra layer of security to your browser with McAfee WebAdvisor.

  1. Always Connect with Caution

I know public Wi-Fi might seem like a good idea, but if consumers are not careful, they could be unknowingly exposing personal information or credit card details to cybercriminals who are snooping on the network. If you are a regular Wi-Fi user, I recommend investing in a virtual private network or (VPN) such as McAfee’s Safe Connect which will ensure your connection is completely secure and that your data remains safe.

While it is tempting, putting our head in the sand and pretending hackers and cybercrime don’t exist puts ourselves and our families at even more risk! Facing our fears and making an action plan is the best way of reducing our worry and stress. So, please commit to being proactive about your family’s online security. Draw up a list of what you can do today to protect your tribe. And if you want to receive regular updates about additional ways you can keep your family safe online, check out my blog.

‘till next time.

Alex x

 

 

 

The post Aussies Fear Snakes, Spiders and Getting Hacked appeared first on McAfee Blogs.

shutterstock_1499788634-300x200.jpg

5 Digitally-Rich Terms to Define, Discuss with Your Kids

online privacy

5 Digitally-Rich Terms to Define, Discuss with Your Kids 9Over the years, I’ve been the star of a number of sub-stellar parenting moments. More than once, I found myself reprimanding my kids for doing things that kids do — things I never stopped to teach them otherwise.

Like the time I reprimanded my son for not thanking his friend’s mother properly before we left a birthday party. He was seven when his etiquette deficit disorder surfaced. Or the time I had a meltdown because my daughter cut her hair off. She was five when she brazenly declared her scorn for the ponytail.

The problem: I assumed they knew.

Isn’t the same true when it comes to our children’s understanding of the online world? We can be quick to correct our kids when they fail to exercise the best judgment or handle a situation the way we think they should online.

But often what’s needed first is a parental pause to ask ourselves: Am I assuming they know? Have I taken the time to define and discuss the issue?

With that in mind, here are five digitally-rich terms dominating the online conversation. If possible, find a few pockets of time this week and start from the beginning — define the words, then discuss them with your kids. You may be surprised where the conversation goes.

5 digital terms that matter

Internet Privacy

Internet privacy is the personal privacy that every person is entitled to when they display, store, or provide information regarding themselves on the internet. 

Highlight: We see and use this word often but do our kids know what it means? Your personal information has value, like money. Guard it. Lock it down. Also, respect the privacy of others. Be mindful about accidentally giving away a friend’s information, sharing photos without permission, or sharing secrets. Remember: Nothing shared online (even in a direct message or private text) is private—nothing. Smart people get hacked every day.
Ask: Did you know that when you go online, websites and apps track your activity to glean personal information? What are some ways you can control that? Do you know why people want your data?
Act: Use privacy settings on all apps, turn off cookies in search engines, review privacy policies of apps, and create bullet-proof passwords.

Digital Wellbeing

Digital wellbeing (also called digital wellness) is an ongoing awareness of how social media and technology impacts our emotional and physical health.

Highlight: Every choice we make online can affect our wellbeing or alter our sense of security and peace. Focusing on wellbeing includes taking preventative measures, making choices, and choosing behaviors that build help us build a healthy relationship with technology. Improving one’s digital wellbeing is an on-going process.
Ask: What do you like to do online that makes you feel good about yourself? What kinds of interactions make you feel anxious, excluded, or sad? How much time online do you think is healthy?5 Digitally-Rich Terms to Define, Discuss with Your Kids 10
Act:
Digital wellness begins at home. To help kids “curb the urge” to post so frequently, give them a “quality over quantity” challenge. Establish tech curfews and balance screen time to green time. Choose apps and products that include wellbeing features in their design. Consider security software that blocks inappropriate apps, filters disturbing content, and curbs screen time.

Media Literacy

Media literacy is the ability to access, analyze, evaluate, and create media in a variety of forms. It’s the ability to think critically about the messages you encounter.

Highlight: Technology has redefined media. Today, anyone can be a content creator and publisher online, which makes it difficult to discern the credibility of the information we encounter. The goal of media literacy curriculum in education is to equip kids to become critical thinkers, effective communicators, and responsible digital citizens.
Ask: Who created this content? Is it balanced or one-sided? What is the author’s motive behind it? Should I share this?  How might someone else see this differently?
Act: Use online resources such as Cyberwise to explore concepts such as clickbait, bias, psychographics, cyberethics, stereotypes, fake news, critical thinking/viewing, and digital citizenship. Also, download Google’s new Be Internet Awesome media literacy curriculum.

Empathy

Empathy is stepping into the shoes of another person to better understand and feel what they are going through.

5 Digitally-Rich Terms to Define, Discuss with Your Kids 11

Highlight: Empathy is a powerful skill in the online world. Empathy helps dissolve stereotypes, perceptions, and prejudices. According to Dr. Michelle Borba, empathetic children practice these nine habits that run contrary to today’s “selfie syndrome” culture. Empathy-building habits include moral courage, kindness, and emotional literacy. Without empathy, people can be “mean behind the screen” online. But remember: There is also a lot of people practicing empathy online who are genuine “helpers.” Be a helper.
Ask: How can you tell when someone “gets you” or understands what you are going through? How do they express that? Is it hard for you to stop and try to relate to what someone else is feeling or see a situation through their eyes? What thoughts or emotions get in your way?
Act:  Practice focusing outward when you are online. Is there anyone who seems lonely, excluded, or in distress? Offer a kind word, an encouragement, and ask questions to learn more about them. (Note: Empathy is an emotion/skill kids learn over time with practice and parental modeling).

Cyberbullying

Cyberbullying is the use of technology to harass, threaten, embarrass, shame, or target another person online.

Highlight: Not all kids understand the scope of cyberbullying, which can include spreading rumors, sending inappropriate photos, gossiping, subtweeting, and excessive messaging. Kids often mistake cyberbullying for digital drama and overlook abusive behavior. While kids are usually referenced in cyberbullying, the increase in adults involved in online shaming, unfortunately, is quickly changing that ratio.
Ask: Do you think words online can hurt someone in a way, more than words said face-to-face? Why? Have you ever experienced cyberbullying? Would you tell a parent or teacher about it? Why or why not?
Act: Be aware of changes in your child’s behavior and pay attention to his or her online communities. Encourage kids to report bullying (aimed at them or someone else). Talk about what it means to be an Upstander when bullied. If the situation is unresolvable and escalates to threats of violence, report it immediately to law enforcement.

We hope these five concepts spark some lively discussions around your dinner table this week. Depending on the age of your child, you can scale the conversation to fit. And don’t be scared off by eye rolls or sighs, parents. Press into the hard conversations and be consistent. Your voice matters in their noisy, digital world.

The post 5 Digitally-Rich Terms to Define, Discuss with Your Kids appeared first on McAfee Blogs.

See-family-photo-album-1-300x300.jpg

3 Things You [Probably] Do Online Every Day that Jeopardize Your Family’s Privacy

3 Things You [Probably] Do Online Every Day that Jeopardize Your Family’s Privacy 12

3 Things You [Probably] Do Online Every Day that Jeopardize Your Family’s Privacy 13Even though most of us are aware of the potential risks, we continue to journal and archive our daily lives online publically. It’s as if we just can’t help it. Our kids are just so darn cute, right? And, everyone else is doing it, so why not join the fun?

One example of this has become the digital tradition of parents sharing first-day back-to-school photos. The photos feature fresh-faced, excited kids holding signs to commemorate the big day. The signs often include the child’s name, age, grade, and school. Some back-to-school photos go as far as to include the child’s best friend’s name, favorite TV show, favorite food, their height, weight, and what they want to be when they grow up.

Are these kinds of photos adorable and share-worthy? Absolutely. Could they also be putting your child’s safety and your family’s privacy at risk? Absolutely.

1. Posting identifying family photos

Think about it. If you are a hacker combing social profiles to steal personal information, all those extra details hidden in photos can be quite helpful. For instance, a seemingly harmless back-to-school photo can expose a home address or a street sign in the background. Cyber thieves can zoom in on a photo to see the name on a pet collar, which could be a password clue, or grab details from a piece of mail or a post-it on the refrigerator to add to your identity theft file. On the safety side, a school uniform, team jersey, or backpack emblem could give away a child’s daily location to a predator.

Family Safety Tips
  • Share selectively. Facebook has a private sharing option that allows you to share a photo with specific friends. Instagram has a similar feature.
  • Private groups. Start a private Family & Friends Facebook group, phone text, or start a family chat on an app like GroupMe. This way, grandma and Aunt June feel included in important events, and your family’s personal life remains intact.
  • Photo albums. Go old school. Print and store photos in a family photo album at home away from the public spotlight.
  • Scrutinize your content. Think before you post. Ask yourself if the likes and comments are worth the privacy risk. Pay attention to what’s in the foreground or background of a photo.
  • Use children’s initials. Instead of using your child’s name online, use his or her initials or even a digital nickname when posting. Ask family members to do the same.

2. Using trendy apps, quizzes & challengesfamily privacy

It doesn’t take much to grab our attention or our data these days. A survey recently conducted by the Center for Data Innovation found that 58 percent of Americans are “willing to share their most sensitive personal data” (including medical and location data) in return for using apps and services.

If you love those trendy face-morphing apps, quizzes that reveal what celebrity you look like, and taking part in online challenges, you are likely part of the above statistic. As we learned just recently, people who downloaded the popular FaceApp to age their faces didn’t realize the privacy implications. Online quizzes and challenges (often circulated on Facebook) can open you up to similar risk.

Family Safety Tips

  • Slow down. Read an app’s privacy policy and terms. How will your content or data be used? Is this momentary fun worth exchanging my data?
  • Max privacy settings. If you download an app, adjust your device settings to control app permissions immediately.
  • Delete unused apps. An app you downloaded five years ago and forgot about can still be collecting data from your phone. Clean up and delete apps routinely.
  • Protect your devices. Apps, quizzes, and challenges online can be channels for malicious malware. Take the extra step to ensure your devices are protected.

3. Unintentionally posting personal details

Is it wrong to want an interesting Facebook or Instagram profile? Not at all. But be mindful you are painting a picture with each detail you share. For instance: It’s easy to show off your new dog Fergie and add your email address and phone number to your social profile so friends can easily stay in touch. It’s natural to feel pride in your hometown of Muskogee, to celebrate Katie Beth‘s scholarship and Justin‘s home run. It’s natural to want to post your 23rd anniversary to your beloved Michael (who everyone calls Mickey Dee) on December 15. It’s also common to post about a family reunion with the maternal side of your family, the VanDerhoots.

family privacyWhile it may be common to share this kind of information, it’s still unwise since this one paragraph just gave a hacker 10+ personal details to use in figuring out your passwords.

Family Safety Tips

  • Use, refresh strong passwords. Change your passwords often and be sure to use a robust and unique password or passphrase (i.e., grannymakesmoonshine or glutenfreeformeplease) and make sure you vary passwords between different logins. Use two-factor authentication whenever possible.
  • Become more mysterious. Make your social accounts private, use selective sharing options, and keep your profile information as minimal as possible.
  • Reduce your friend lists. Do you know the people who can daily view your information? To boost your security, consider curating your friend lists every few months.
  • Fib on security questions. Ethical hacker Stephanie Carruthers advises people who want extra protection online to lie on security questions. So, when asked for your mother’s maiden name, your birthplace, or your childhood friend, answer with Nutella, Disneyland, or Dora the Explorer.

We’ve all unwittingly uploaded content, used apps, or clicked buttons that may have compromised our privacy. That’s okay, don’t beat yourself up. Just take a few hours and clean up, lockdown, and streamline your social content. With new knowledge comes new power to close the security gaps and create new digital habits.

The post 3 Things You [Probably] Do Online Every Day that Jeopardize Your Family’s Privacy appeared first on McAfee Blogs.

McAfee_consumer_1male2female_tablet_laptop_coffeeshop_72dpi-300x180.jpg

Lights, Camera, Cybersecurity: What You Need to Know About the MoviePass Breach

Lights, Camera, Cybersecurity: What You Need to Know About the MoviePass Breach 14

If you’re a frequent moviegoer, there’s a chance you may have used or are still using movie ticket subscription service and mobile app MoviePass. The service is designed to let film fanatics attend a variety of movies for a convenient price, however, it has now made data convenient for cybercriminals to potentially get ahold of. According to TechCrunch, the exposed database contained 161 million records, with many of those records including sensitive user information.

So, what exactly do these records include? The exposed user data includes 58,000 personal credit cards and customer card numbers, which are similar to normal debit cards. They are issued by Mastercard and store a cash balance that users can use to pay so they can watch a catalog of movies. In addition to the MoviePass customer cards and financial information numbers, other exposed data includes billing addresses, names, and email addresses. TechCrunch reported that a combination of this data could very well be enough information to make fraudulent purchases.

The database also contained what researchers presumed to be hundreds of incorrectly typed passwords with user email addresses. With this data, TechCrunch attempted to log into the database using a fake email and password combination. Not only did they immediately gain access to the MoviePass account, but they found that the fake login credentials were then added to the database.

Lights, Camera, Cybersecurity: What You Need to Know About the MoviePass Breach 15

Since then, TechCrunch reached out to MoviePass and the company has since taken the database offline. However, with this personal and financial information publicly accessible for quite some time, users must do everything in their power to safeguard their data. Here are some tips to help keep your sensitive information secure:

  • Review your accounts. Be sure to look over your credit card and banking statements and report any suspicious activity as soon as possible.
  • Place a fraud alert. If you suspect that your data might have been compromised, place a fraud alert on your credit. This not only ensures that any new or recent requests undergo scrutiny, but also allows you to have extra copies of your credit report so you can check for suspicious activity.
  • Consider using identity theft protection. A solution like McAfee Identify Theft Protection will help you to monitor your accounts and alert you of any suspicious activity.

And, as always, stay on top of the latest consumer and mobile security threats by following me and @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Lights, Camera, Cybersecurity: What You Need to Know About the MoviePass Breach appeared first on McAfee Blogs.

Vox Messenger Logo - 512x512

End-2-End Encrypted. Secure. Ad-Free.
Lightweight and Faster than the Competition.

Vox Messenger is an ad-free, secure and end-2-end encrypted alternative to other popular chat messenger apps.

Available for Free. Whitelabel Corporate Edition Available on Request.

Vox Messenger {Secure} - Communicate safely with our private and secure messaging app | Product Hunt Embed

All Rights Reserved - © Copyright 2020 - Vox Messenger (a Division of Kryotech Ltd.)