Category Archives: Consumer

5G Is Coming: Security Risks You Need to Know About

The future of connectivity is here ­– 5G. This new network is set to roll out across the nation this coming year and bring greater speed to our handheld devices, which means more data and lower latency. But perhaps one of the most anticipated and popular benefits is it will allow even more IoT devices to come online and encourage more connection between said devices. This would enable users to remotely connect to or monitor their IoT devices like kitchen or security gadgets. The promise of more connectivity, smoother IoT user experience, and even more devices online, means there are likely more opportunities and avenues for cyberattacks. 5G will no doubt shape the foreseeable future, let’s see how.

Today, interconnected devices operate on low-powered, low-data-rate networks, such as Cat-M and NB-IoT. With the introduction of 5G networks across the world, the capabilities of VR and AR, AI and ML, and automation and robotics will enhance immensely. Take self-driving cars, for example. These machines require close proximity to their computing to reduce the latency of decision making. The capabilities of 5G don’t end there either. From manufacturing, transportation and logistics, to public safety and the establishment of smart cities, industries are at the ready to take their business to the next level with 5G. With this newfound growing anticipation for the future of 5G, the question has to be asked, what are the security implications for smaller IoT devices?

From an innovation standpoint, 5G is a beacon of light, but from a cybersecurity standpoint, 5G is a “hotbed for a new era of intensified cyberwar.” Denial-of-service attacks, or DDoS, are particular causes of concern for cybersecurity researchers. Devices like refrigerators, thermometers, even light bulbs, will be able to come online because of 5G. Users will be able to remotely check on these appliances through a simple app, but these devices can also be usurped by malicious characters. This increased connectivity and power could see big name sites down for days, or even affect city utility capabilities. Government agencies and private entities are not immune either, but they do have plans in place in the event a DDoS attack occurs.

While consumers can only wait and see what happens with the rollout, industries across the board will want to harness the benefits of 5G. However, consumers and organizations alike need to be cautious in terms of how 5G could be used to help, or hinder, us in the future. Rest assured, even if malicious actors utilize this technology, McAfee’s security strategy will continue to keep pace with the ever-changing threat landscape.

Interested in learning more about IoT and mobile security trends and information? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post 5G Is Coming: Security Risks You Need to Know About appeared first on McAfee Blogs.

Are Smart TVs too smart for their own good?

Smart TVs give viewers instant access to streaming apps and provide a never-ending supply of binge-worthy shows and movies. But does this convenience come with a cost? Are internet-connected TVs as vulnerable to cybercrime as other smart devices?

In the latest episode of “Hackable?” our host Geoff Siskind plays a prank on our producer Pedro — in the name of education, of course. Pedro is a huge soccer fan, so Geoff drives by with two white-hat hackers to see if they can hack his smart TV during a big game. Can they take remote control in only a half an hour?   

Listen now to the award-winning podcast Hackable? on Apple Podcasts. You don’t want to miss this hilarious episode filled with pranks.   


The post Are Smart TVs too smart for their own good? appeared first on McAfee Blogs.

STOP. Read T&Cs. Then Sign Up on Social Media

Let’s start at the very beginning,

A very good place to start;

When you read, you begin with A-B-C,

When you sign up on SM you begin by

Reading T&Cs…”

The start of a new year usually has a buoyant and positive feel, like you have been offered a new opportunity to start things fresh, and make amends.

Experience has taught us that nothing comes for free; and that it’s always good to run a thorough background check on a new group you plan to join. This applies to social media platforms as well. When we sign up on a new social media platform, we are asked for our names, email and other personal information and then directed to the terms and conditions page which we must read and agree before we can proceed. Rarely do we read through all the terms to understand their implications; it’s mostly a cursory scan and tick to complete the signing up process as fast as possible, and voila, we are in!

However, much, much later, if we face issues like privacy breach or cyberbullying, we tend to complain that we didn’t know. But we did, it’s all spelt out in the T&Cs we had hastily agreed to.

Long ago, I had told you the story of a relative, whose son had forged his age to sign up on Facebook. When I questioned the mother, she said she wasn’t aware of the age clause. But again, it’s there, right at the start of the T&Cs!

Most social media platforms have updated their terms in recent times to bring in more openness in their advertising and third-party sharing policies. They have also clearly explained privacy and security terms for users. It’s now up to the users to read, understand and implement the terms to stay safe online and to help maintain digital world hygiene.

Let us explore the T&Cs of some popular social media sites and find out how many of the rules we allow our kids to follow or flout.

Facebook says- “You give us permission to use your name and profile picture and information about actions you have taken on Facebook next to or in connection with ads, offers, and other sponsored content that we display across our products, without any compensation to you.”

Layman’s terms- By agreeing to T&Cs,  you are automatically giving Facebook the right to the content you share in relation to ads etc. without receiving any compensation for it. For e.g., if I like a certain product, they will appear on my friends’ timeline with the message ‘Cybermum India likes it’.

Cybersafety tip: Check ad settings and maximize privacy levels.

Twitter says- “You are responsible for your use of the services and for any content you provide, including compliance with applicable laws, rules, and regulations. You should only provide content that you are comfortable sharing with others.

Layman’s terms- The user is the sole owner of content created by her or him and Twitter will take no responsibility for it.

Cybersafety tip: STOP.THINK.POST. Do not share content that may not be 100% correct or that may be intended to cause harm, hurt, or foment trouble.

Snapchat says- “Through these Terms and our Community Guidelines, we make clear that we don’t want the Services to be put to bad use. But because we don’t review all content, we cannot guarantee that content on the Services will always conform to our Terms or Guidelines.”

Layman’s terms – There may be cases of misuse of the platform by miscreants, cyberbullies and predators.

Cybersafety tip: Follow the community guidelines to know how you can let your child have a positive experience and not be accidentally exposed to inappropriate content. Ensure your teens understand they should share with you if they face disturbing behavior on the platform. It would be helpful if you activate parental controls and use term filters to block out unsavory content

Tik Tok says- “You may not access or use the Services if you are not over 13 or otherwise able to agree to these Terms.”

Layman’s terms- The minimum to sign up on the app is 13 years.

Cybersafety tip: Use this term to guide children on the right age to sign up on social media. Explain the reason behind this age criteria and allow them to sign up when they fulfil it.

Social media platforms are a great way to connect, learn and network as long as all users endeavor to keep it clean and positive. As parents, we need to arm our kids with the right skills and knowledge to help them tackle any issues that may crop up. The first step is to read and understand what the platform has to offer and its security and privacy options. This is something parents and teens can do together as it will be a useful lesson for a lifetime- both in the real and in the digital world.

And most important of all, don’t forget to secure all your devices with comprehensive security tools.
The quicker your family adopts digital safety practices, the safer they will be online!

The post STOP. Read T&Cs. Then Sign Up on Social Media appeared first on McAfee Blogs.

2019 is Here – Have You Made Any Digital Parenting Resolutions for The Year?

Hello parents! Welcome to 2019. I have a hunch you are feeling all charged up and ready to start the new year on a positive note. Are your resolutions for the year ready? Take a minute and check- have you included any digital parenting resolutions in your list? If yes, great! If no, worry not, McAfee Cybermum is here for you.

Parenting is not an easy job and the rapid progress of technology has added to it. In addition to teaching your kids values and life skills for the real world, you have to now do the same for the digital world too. At times, you don’t know whether you are doing too much or not enough; given the digital immigrants that we are- we have no resources to draw from. There is little time to step back and reflect over one’s own parenting style, leading to doubts and guilt. Wouldn’t it be lovely therefore if there was a ready reckoner on the subject?

Sharing my list of digital parenting resolutions with you. They are broadly aimed at helping us be more involved and evolved digital parents who are empowered to guide kids in the digital world. Feel free to add, delete or customize as per your family’s needs. Always keep in mind that each family is different, in terms of values and environment; and each child is different, in terms of ability and maturity.

Parents, presenting to you My Digital Parenting Resolution List for 2019:

  • Focus on digital media balance: There are several devices at home these days. The collective time spent working on a laptop, reading from an e-book and browsing social media on tabs or phones is considerable. To a young child, who can’t differentiate between work and pleasure, it may look like you can’t stay off digital devices the whole day and they may follow suit. You have to therefore fix your online schedule and practice digital balance.
  • Focus on having a positive digital media presence: What many parents fail to realize is that all social media users are media content creators and consumers. Each user is a newsmaker who can use digital media to create and share content, either negative or positive. As a consumer, a gullible user may accept the content as truth, without verifying. Fake news is rampant, and parents need to impress the need for fact-checking upon the kids.
  • Focus on values like empathy and mercy: The digital world brings the world to your homes and you connect with both strangers and acquaintances. There is therefore a greater need for kindness, tolerance and empathy. Posts may go viral and cause trouble or lead to cyberbullying. Children need to learn the importance of kindness and forgiveness to keep their digital world clean and happy. Parents can set an example by displaying these virtues in the real and the digital world.
  • Focus on self-control: One of the biggest issues nuclear families face today is that of work-life balance. Too many hours spent working, can lead to parents feeling guilty, who then try to compensate by gifting them expensive gifts. Set up a routine for games, chat and story time with kids to make up for long hours of absence.
  • Focus on being the perfect role model: As we know, children copy their parents. It’s like being a celebrity with the camera rolling 24/7. Modify your speech, actions, and digital actions so that children have the right guidance for their online behavior.
  • Focus on listening more: Parents generally tend to preach rather than listen. Plan to listen well in 2019. You will come to know a lot about your child’s life, aspirations and concerns if you do. The bonus is, they too will pay attention to you and your advice.
  • Focus on general health: You want your child to be healthy and active, right? The be the perfect role model, Exercise daily and play some games with your kids. Your kids too will then develop the same disciplined outlook towards health and sports. A healthy, active family usually prefer games to digital devices.
  • Focus on monitoring digital footprints and reputation: As your kids grow up, talk to them about the importance of exercising the right behavior online and the consequences of a poor digital reputation on academic and job prospects. Use examples from social media to differentiate between a desirable and an avoidable post or photo. Discuss what should be kept private and what can be shared.
  • Focus on cybersafety and privacy: With the rise in data breaches and ID theft via phishing attacks, it is imperative to discuss cyber safety regularly at home. Insist on the use of secured devices and scanning of every external device before use. Also, educate your children about malware and how apps, links and attachments are used to share them.
  • Focus on the monitoring and extent of parental supervision online: Though your children will have no problems with the installation of security tools like McAfee Total Protection, parental control is another matter altogether. Here, your diplomatic approach will stand in good stead. Share your concerns about strangers and cyber criminals and establish that you plan to monitor their online lives till they are mature enough to tackle issues themselves. Ensure that they understand you don’t mean to pry but protect

Start the year on a positive note. Take charge of your family’s digital life. Plan your parenting schedule, just like you plan your day. And yes, Happy New Year!!!

 

The post 2019 is Here – Have You Made Any Digital Parenting Resolutions for The Year? appeared first on McAfee Blogs.

Preventing Cryptojacking Malware with McAfee WebAdvisor’s New Cryptojacking Blocker

By now, you’ve probably heard of cryptocurrency, but you may not know exactly what it is. To put it simply, cryptocurrencies are virtual currencies that have actual monetary value in today’s world. They are limited entries of transactions into a single database, or public ledger, that can’t be changed without fulfilling certain conditions. These transactions are verified and added to the public ledger through cryptocurrency mining. Cryptocurrency miners try to make money by compiling these transactions into blocks and solving complicated mathematical problems to compete with other miners for the cryptocurrency. While this process of mining for cryptocurrencies can be lucrative, it requires large amounts of computing power.

Unfortunately, the need for massive amounts of hardware has provoked cybercriminals to participate in cryptojacking, a method of using malware to exploit victims’ computers to mine for cryptocurrencies. Cybercrooks spread cryptojacking malware through sketchy mobile apps, flawed software, and malware-infected ads. They can even cryptojack your device during a browsing session while you’re perusing a website that appears completely harmless. Once a user’s device becomes infected, the malware drains the device’s CPU, causing the user’s computer fan to be loud while the malware mines for cryptocurrencies in the background. Unfortunately, symptoms of cryptojacking are usually pretty subtle, with poor device performance being one of the few signs of its presence.

Thankfully, McAfee WebAdvisor is here to help. This security solution, which helps block users from malware and phishing attempts, now includes Cryptojacking Blocker. This enhancement is a Windows-based browser add-on available for Google Chrome that helps stop malicious websites from mining for cryptocurrency. So far, our direct and retail McAfee WebAdvisor customers have already started receiving the update that adds Cryptojacking Blocker to their product, and the customers who have WebAdvisor through other partners should begin to see this update roll out during Q1. The same thing goes for those who own McAfee LiveSafe and McAfee Total Protection. Additionally, we’re aiming to add support for Firefox in the coming months. And if you don’t already have WebAdvisor, you can download it for free on our website, with Cryptojacking Blocker included in your download.

In addition to using a security solution like McAfee WebAdvisor, here are some other general tips to help you stay safe online:

  • Create a strong, unique password. Although it may be easier to remember, reusing passwords across multiple accounts puts all of your data at risk even if just one of your accounts is breached. Choosing a complex password for each individual online account will act as a stronger first line of defense. You can also use a password manager so all of your credentials are consolidated into one place.
  • Be careful where you click. If you come across a website that seems sketchy or notice that the URL address looks odd, avoid interacting with the site entirely. Stick to browsing websites you know are reputable.
  • Update, update, update! Cybercriminals can take advantage of old software to spread cryptojacking malware. Keeping your software updated with the latest patches and security fixes can help you combat this threat.

And, as always, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post Preventing Cryptojacking Malware with McAfee WebAdvisor’s New Cryptojacking Blocker appeared first on McAfee Blogs.

Verizon Teams Up with McAfee to Secure Today’s Connected Home

Few fields and industries change as rapidly as those in the technology sector. This fast-moving, adaptable and growing sector creates new applications, new devices, and new efficiencies designed to make our everyday lives easier — sometimes in ways we’ve never imagined. But more devices and applications, from a security standpoint, means cybercriminals could have more opportunities to take advantage of flaws to conduct attacks. Additionally, the rapid growth in both software and hardware means today’s consumers are tasked with securing a plethora of personal devices.

This is not a sustainable path to a secure today’s technology landscape, one that’s continually growing and changing with each new addition. If we are going to continue to build a robust future, one including the rich potential inherent in Internet of Things (IoT) devices, we need a dynamic security solution that scales to meet the needs of modern-day society.

And that need is growing. According to a study from Market Research Future, the IoT market is set to potentially reach $124 billion in value by 2023 — only five years from now. Plus, Gartner predicts that there will be over 20 billion smart devices by 2020. That number is likely to grow, too.

That’s why we’ve worked with Verizon to launch Home Network Protection (HNP), a comprehensive security platform powered by McAfee Secure Home Platform, which has been designed to help safeguard consumers’ home networks. It does so through a robust, secure router designed to shield both traditional and newer IoT devices from malicious websites. It’s a proactive approach designed to keep consumer devices as safe as possible.

Customers using Fios by Verizon, a 100 percent fiber-optic network, and the Fios Quantum Gateway router can use HNP to secure their internet-connected devices, including smart cameras, baby monitors, television sets, and thermostats.

This is a massive milestone for consumer security in today’s digital age. Through a single provider, millions of consumers can access seamless protection from the latest threats — making modern conveniences easier to secure.

The post Verizon Teams Up with McAfee to Secure Today’s Connected Home appeared first on McAfee Blogs.

Cash Out with Our CES 2019 #RT2Win Sweepstakes!

We’ve officially touched down in Las Vegas for CES 2019!

If you aren’t familiar with CES, it is the global stage for innovators to showcase the next generation of consumer technologies. With the growing consumer technology landscape, we understand the importance of creating new solutions for those who want to live their connected lives with confidence. That’s why we’ve made some exciting new additions to our security lineup and employed multiple partnerships with other innovators like Google and Verizon to help protect users’ online safety. Check out all the details, here.

To celebrate the latest innovations, we’re giving two [2] lucky people the chance to win a $500 Amazon gift card. Not heading to CES this year? No problem! Simply retweet one of our official contest tweets with the required hashtags between January 8th – 11th for your chance to win. Follow the instructions below to enter, and good luck!

#RT2Win Sweepstakes Official Rules

  • To enter, follow @McAfee_Home on Twitter and find the #RT2Win sweepstakes tweet.
  • The sweepstakes tweet will be released on Tuesday, January 8, 2019 at 8:00 a.m. PT. This tweet will include the hashtags: #McAfeeAtCES, #RT2Win, AND #Sweepstakes.
  • Retweet the sweepstakes tweet released on the above date from your own handle. The #McAfeeAtCES, #RT2Win AND #Sweepstakes hashtags must be included to be entered.
  • Make sure you’re following @McAfee_Home on Twitter! You must follow for your entry to count.
  • Sweepstakes will end on Friday, January 11, 2019 at 11:59 p.m. PST. All entries must be made before that date and time.
  • Winners will be notified on Monday, January 14, 2019 via Twitter direct message.
  • Limit one entry per person.
1. How To Win

Retweet one of our contest tweets on @McAfee_Home that include “#McAfeeAtCES, #RT2Win, AND #Sweepstakes” for a chance to win a $500 Amazon gift card (for full prize details please see “Prizes” section below). Two [2] total winners will be selected and announced on January 14, 2019. Winners will be notified by direct message on Twitter. For full Sweepstakes details, please see the Terms and Conditions, below.

#RT2Win Sweepstakes Terms and Conditions

2. How to Enter: 

No purchase necessary. A purchase will not increase your chances of winning. McAfee CES 2019 #RT2Win Sweepstakes will be conducted from January 8, 2019 through January 11, 2019. All entries for each day of the McAfee CES 2019 #RT2Win Sweepstakes must be received during the time allotted for the McAfee CES 2019 #RT2Win Sweepstakes. Pacific Daylight Time shall control the McAfee CES 2019 #RT2Win Sweepstakes, duration is as follows:

  • Begins: Tuesday, January 8, 2019­­ at 8:00 a.m. PST
  • Ends: Friday, January 11, 2019 at 11:59 p.m. PST
  • Two [2] winners will be announced: Monday, January 14, 2019

For the McAfee CES 2019 #RT2Win Sweepstakes, participants must complete the following steps during the time allotted for the McAfee CES 2019 #RT2Win Sweepstakes:

  1. Follow @McAfee_Home on Twitter.
  2. Find the sweepstakes tweet of the day posted on @McAfee_Home which will include the hashtags: #McAfeeAtCES, #RT2Win and #Sweepstakes.
  3. Retweet the sweepstakes tweet of the day and make sure it includes the #McAfeeAtCES, #RT2Win, and hashtags.
  4. Note: Tweets that do not contain the #McAfeeAtCES, #RT2Win, and #Sweepstakes hashtags will not be considered for entry.
  5. Limit one entry per person.

Two [2] winners will be chosen for the McAfee CES 2019 #RT2Win Sweepstakes tweet from the viable pool of entries that retweeted and included #McAfeeAtCES, #RT2Win and #Sweepstakes. McAfee and the McAfee social team will choose winners from all the viable entries. The winners will be announced and privately messaged on Monday, January 14, 2019 on the @McAfee_Home Twitter handle. No other method of entry will be accepted besides Twitter. Only one entry per user is allowed, per Sweepstakes.   

3. Eligibility:

McAfee CES 2019 #RT2Win Sweepstakes is open to all legal residents of the 50 United States who are 18 years of age or older on the dates of the McAfee CES 2019 #RT2Win Sweepstakes begins and live in a jurisdiction where this prize and McAfee CES 2019 #RT2Win Sweepstakes not prohibited. Employees of Sponsor and its subsidiaries, affiliates, prize suppliers, and advertising and promotional agencies, their immediate families (spouses, parents, children, and siblings and their spouses), and individuals living in the same household as such employees are ineligible.

4. Winner Selection:

Winners will be selected at random from all eligible retweets received during the McAfee CES 2019 #RT2Win Sweepstakes drawing entry period. Sponsor will select the names of two [2] potential winners of the prizes in a random drawing from among all eligible submissions at the address listed below. The odds of winning depend on the number of eligible entries received. By participating, entrants agree to be bound by the Official McAfee CES 2019 #RT2Win Sweepstakes Rules and the decisions of the coordinators, which shall be final and binding in all respects.

5. Winner Notification: 

Each winner will be notified via direct message (“DM”) on Twitter.com by January 14, 2019. Prize winners may be required to sign an Affidavit of Eligibility and Liability/Publicity Release (where permitted by law) to be returned within ten (10) days of written notification, or prize may be forfeited, and an alternate winner selected. If a prize notification is returned as unclaimed or undeliverable to a potential winner, if potential winner cannot be reached within twenty four (24) hours from the first DM notification attempt, or if potential winner fails to return requisite document within the specified time period, or if a potential winner is not in compliance with these Official Rules, then such person shall be disqualified and, at Sponsor’s sole discretion, an alternate winner may be selected for the prize at issue based on the winner selection process described above.

6. Prizes: 

The prize for the McAfee CES 2019 #RT2Win Sweepstakes is a $500 Amazon gift card for each of the two [2] entrants/winners. Entrants agree that Sponsor has the sole right to determine the winners of the McAfee CES 2019 #RT2Win Sweepstakes and all matters or disputes arising from the McAfee CES 2019 #RT2Win Sweepstakes and that its determination is final and binding. There are no prize substitutions, transfers or cash equivalents permitted except at the sole discretion of Sponsor. Sponsor will not replace any lost or stolen prizes. Sponsor is not responsible for delays in prize delivery beyond its control. All other expenses and items not specifically mentioned in these Official Rules are not included and are the prize winners’ sole responsibility.

Limit one (1) prize per person/household. Prizes are non-transferable, and no cash equivalent or substitution of prize is offered. The McAfee CES 2019 #RT2Win Sweepstakes has no affiliation with Amazon.

7. General Conditions: 

Entrants agree that by entering they agree to be bound by these rules. All federal, state, and local taxes, fees, and surcharges on prize packages are the sole responsibility of the prizewinner. Sponsor is not responsible for incorrect or inaccurate entry information, whether caused by any of the equipment or programming associated with or utilized in the McAfee CES 2019 #RT2Win Sweepstakes, or by any technical or human error, which may occur in the processing of the McAfee CES 2019 #RT2Win Sweepstakes. entries. By entering, participants release and hold harmless Sponsor and its respective parents, subsidiaries, affiliates, directors, officers, employees, attorneys, agents, and representatives from any and all liability for any injuries, loss, claim, action, demand, or damage of any kind arising from or in connection with the McAfee CES 2019 #RT2Win Sweepstakes, any prize won, any misuse or malfunction of any prize awarded, participation in any McAfee CES 2019 #RT2Win Sweepstakes -related activity, or participation in the McAfee CES 2019 #RT2Win Sweepstakes. Except for applicable manufacturer’s standard warranties, the prizes are awarded “AS IS” and WITHOUT WARRANTY OF ANY KIND, express or implied (including any implied warranty of merchantability or fitness for a particular purpose).

8. Limitations of Liability; Releases:

By entering the Sweepstakes, you release Sponsor and all Released Parties from any liability whatsoever, and waive any and all causes of action, related to any claims, costs, injuries, losses, or damages of any kind arising out of or in connection with the Sweepstakes or delivery, misdelivery, acceptance, possession, use of or inability to use any prize (including claims, costs, injuries, losses and damages related to rights of publicity or privacy, defamation or portrayal in a false light, whether intentional or unintentional), whether under a theory of contract, tort (including negligence), warranty or other theory.

To the fullest extent permitted by applicable law, in no event will the sponsor or the released parties be liable for any special, indirect, incidental, or consequential damages, including loss of use, loss of profits or loss of data, whether in an action in contract, tort (including, negligence) or otherwise, arising out of or in any way connected to your participation in the sweepstakes or use or inability to use any equipment provided for use in the sweepstakes or any prize, even if a released party has been advised of the possibility of such damages.

  • To the fullest extent permitted by applicable law, in no event will the aggregate liability of the released parties (jointly) arising out of or relating to your participation in the sweepstakes or use of or inability to use any equipment provided for use in the sweepstakes or any prize exceed $10. The limitations set forth in this section will not exclude or limit liability for personal injury or property damage caused by products rented from the sponsor, or for the released parties’ gross negligence, intentional misconduct, or for fraud.
  • Use of Winner’s Name, Likeness, etc.: Except where prohibited by law, entry into the Sweepstakes constitutes permission to use your name, hometown, aural and visual likeness and prize information for advertising, marketing, and promotional purposes without further permission or compensation (including in a public-facing winner list).  As a condition of being awarded any prize, except where prohibited by law, winner may be required to execute a consent to the use of their name, hometown, aural and visual likeness and prize information for advertising, marketing, and promotional purposes without further permission or compensation. By entering this Sweepstakes, you consent to being contacted by Sponsor for any purpose in connection with this Sweepstakes.
9. Prize Forfeiture:

If winner cannot be notified, does not respond to notification, does not meet eligibility requirements, or otherwise does not comply with the prize McAfee CES 2019 #RT2Win Sweepstakes rules, then the winner will forfeit the prize and an alternate winner will be selected from remaining eligible entry forms for each McAfee CES 2019 #RT2Win Sweepstakes.

10. Dispute Resolution:

Entrants agree that Sponsor has the sole right to determine the winners of the McAfee CES 2019 #RT2Win Sweepstakes and all matters or disputes arising from the McAfee CES 2019 #RT2Win Sweepstakes and that its determination is final and binding. There are no prize substitutions, transfers or cash equivalents permitted except at the sole discretion of Sponsor.

11. Governing Law & Disputes:

Each entrant agrees that any disputes, claims, and causes of action arising out of or connected with this sweepstakes or any prize awarded will be resolved individually, without resort to any form of class action and these rules will be construed in accordance with the laws, jurisdiction, and venue of the State of New York, U.S.A.

12. Privacy Policy: 

Personal information obtained in connection with this prize McAfee CES 2019 #RT2Win Sweepstakes will be handled in accordance policy set forth at http://www.mcafee.com/us/about/privacy.html.

  1. Winner List; Rules Request: For a copy of the winner list, send a stamped, self-addressed, business-size envelope for arrival after January 8, 2019 before January 11, 2019 to the address listed below, Attn: #RT2Win at CES Sweepstakes.  To obtain a copy of these Official Rules, visit this link or send a stamped, self-addressed business-size envelope to the address listed in below, Attn: Sarah Grayson. VT residents may omit return postage.
  2. Intellectual Property Notice: McAfee and the McAfee logo are registered trademarks of McAfee, LLC. The Sweepstakes and all accompanying materials are copyright © 2019 by McAfee, LLC.  All rights reserved.
  3. Sponsor: McAfee, LLC, Corporate Headquarters 2821 Mission College Blvd. Santa Clara, CA 95054 USA
  4. Administrator: LEWIS Pulse, 111 Sutter St., Suiter 850, San Francisco, CA 94104

The post Cash Out with Our CES 2019 #RT2Win Sweepstakes! appeared first on McAfee Blogs.

Tech Support Scams: What are They and How do I Stay Safe?

If you read this blog regularly you’re no doubt aware that cyber-criminals are a determined bunch, with a large range of tools and tactics at their disposal to rob you of your identity and hard-earned cash. Tech support scams (TSS) are an increasingly popular way for them to do just this. In 2017, Microsoft Customer Support Services received 153,000 reports from customers around the world who encountered or fell victim to these scams, a 24 percent increase on the year previous. Many lost hundreds of dollars in the process.

Yet the real scale of the problem is likely to be many times bigger.

If you’re still unsure what tech support scams are, and how you can protect yourself, this handy guide will tell you everything you need to know.

What types of tech support scam are there?

Tech support scams target users of any devices, platforms and software and can involve a variety of tactics. Typically, they include both an online element and/or a phone call with the scammer, who pretends to be technical support worker for a reputable company like Microsoft or your ISP. They try to trick you into believing there’s something wrong with your computer so that you agree either to hand over money (and credit card details) to ‘fix’ it, and/or allow them remote access to your machine — which enables them to download covert info-stealing malware.

Here are the two main ways a TSS can begin:

  • Cold calling: You could get a call at any time from one of these fake ‘tech support’ workers. They may even hijack Caller ID to appear legitimate. They’ll try to bamboozle you with tech jargon and create a sense of urgency that your machine and the data on it is in danger if you don’t act immediately.
    They’ll usually persuade you to download a special tool so they can remotely access your PC. They’ll then pretend your machine is infected with malware and ask for payment to remove it, or to buy a meaningless maintenance, support, or security package. Ironically, by giving them access to your PC, you’ve provided an opportunity for the scammers to download real malware to steal more of your personal information.
  • Online issues: A scam could also start online, if you accidentally visit a malicious website. How might you do this? Potentially, by mistyping the address of your favorite site into the address bar, or by clicking on a scam link in an unsolicited email. You might even have been searching for some breaking news on a particular high-profile story, only to find a link high up on the search listings took you to a malicious website.
    After doing so you might suddenly be presented with pop-ups saying your computer is infected with malware or malfunctioning. Sometimes they put your browser onto full screen mode with alerts which can’t be removed, effectively locking your screen. The message they display is likely to have a ‘tech support’ phone number you’re urged to call to sort the non-existent problem out. That will put you through to those same scammers that cold call users in scenario 1.

The bottom line is that if you fall for one of these tactics, you may lose an initial sum of money by paying the scammer, but also be exposed to further fraud on that card in the future as they’ll have your details on file. You could also be at risk of identity theft if the bad guys have downloaded malware to steal more personal info from your machine, like banking log-ins, Social Security numbers and more.

Microsoft claimed last year that three million users are subject to these scams every month, and more than half (56%) are from the US. The FBI, meanwhile, estimated tech support fraud losses in 2017 amounted to $15 million, an 86 percent increase on the previous year.

How do I stay safe, or recover, from a scam?

Fortunately, there are several things you can do to prevent the scammers getting what they want, and even if you are caught out, some quick thinking can help to minimize the impact on your life and finances.

Staying safe:

  • If you receive an unsolicited phone call claiming to come from Apple, Microsoft, Verizon or similar, hang up, or get more details and call the company back directly. Don’t hand over any personal or financial information and don’t allow the caller to download anything to your computer.
  • Stay up-to-date with the latest browser and software/OS versions to minimize the chances the bad guys can take you to malicious sites or launch pop-ups on your machine.
  • Take extra care when typing website names into your address bar.
  • Be cautious online: don’t click on any links in unsolicited emails or on websites.
  • Only download software from legitimate vendor websites/app stores.
  • Invest in third-party security software from a reputable supplier like Trend Micro, to detect TSS malware.

If you’ve been scammed:

  • Immediately delete any remote-access software the scammer may have encouraged you to install.
  • Download and use software from a provider like Trend Micro to detect and remove any installed malware.
  • Once malware has been fully removed, change all your computer and online account passwords.
  • Call your bank/credit or debit card provider to cancel relevant cards and claim back any money already lost.
  • Continue to monitor bank and online account activity and take action if there’s anything suspicious.
  • Upgrade your software, OS and browser to the latest versions.
  • Beware of follow-on scams in the coming days, weeks, or months.
  • Report the scam to Microsoft, Apple or other relevant provider.

How can Trend Micro help?

For the online side of tech support scams, Trend Micro Security offers comprehensive multi-layered protection from the malicious sites, pop-ups, browser takeovers and malware associated with tech support scams. Here are just some of the techniques we use to keep you safe:

  • Web Reputation Service: Blocks access to any malicious URLs linked to scams.
  • Script Analyzer Lineup: Scans websites for any malicious code run on the web pages, to detect the presence of potential tech support threats.
  • Real-time Virus Scanner: Blocks any suspected malware downloads from support scam sites.
  • Static Intelligence Engine: Leverages machine learning to greatly enhance the detection of tech support scams.
  • Scanning/malware removal: Cleans-up any malware installed on infected machines if you have been caught out by a support scam.

Visit Trend Micro Security to find out more about how TMS protects you, or to buy the product.

The post Tech Support Scams: What are They and How do I Stay Safe? appeared first on .

How to Protect Three Common IoT Devices in 2019

It’s no secret – IoT devices are creeping into every facet of our daily lives. In fact, Gartner estimates there will be 20.4 Billion IoT devices by the year 2020. More devices mean greater connectivity and ease of use for their owners, but connectivity also means more opportunities for hacks. With CES 2019 kicking off this week, we turn our focus toward the year ahead, and take a look at some of the IoT devices that are particularly high-profile targets for cybercriminals: gaming systems, voice tech, routers, and smart cars.

Routers

Routers are very susceptible to attacks as they often come with factory-set passwords that many owners are unaware of or don’t know how to change, making these devices easy targets for hackers. That’s bad news, since a router is the central hub in a connected home. If a router is compromised and all of the devices share the same Wi-Fi network, then they could potentially all be exposed to an attack. How? When an IoT device talks to its connected router, the device could expose many of its internal mechanisms to the internet. If the device does not require re-authentication, hackers can easily scan for devices that have poorly implemented protocols. Then with that information, cybercriminals can exploit manufacturer missteps to execute their attacks. To help protect your router (and thus all your other devices), a best practice is to consider one with a layer of protection built-in, and be sure to use a long and complex password for your Wi-Fi network.

Gaming Systems

Over ten years ago, researchers found that many video gaming consoles were being distributed with major security issues involved with the Universal Plug and Play protocol (UPnP), a feature that allows IoT devices on a network to see each other and interact with one another. However, not much has been done to solve the problem. Through exploiting the UPnP weaknesses in gaming systems to reroute traffic over and over again, cybercriminals have been able to create “multi-purpose proxy botnets,” which they can use for a variety of purposes.  This is just the jumping-off point for malicious behavior by bad actors. With this sort of access into a gaming system, they can execute DDoS attacks, malware distribution, spamming, phishing, account takeovers, click fraud, and credit card theft. Our recent gaming survey found that 64% of respondents either have or know someone who has been directly affected by a cyberattack, which is an astonishing uptick in attacks on gamers. Considering this shift, follow our tips in the section above for routers and Wi-Fi, never use the same password twice, and be weary of what you click on.

Voice Tech

In 2018, 47.3 million adults had access to smart speakers or voice assistants, making them one of the most popular connected devices for the home. Voice-first devices can be vulnerable largely due to what we enable them to be connected with for convenience; delivery, shopping, and transportation services that leverage our credit cards. While it’s important to note that voice-first devices are most often compromised within the home by people who have regular access to your devices (such as kids) when voice recognition is not properly configured, any digital device can be vulnerable to outside attacks too if proper security is not set up. For example, these always-on, always-listening devices could be infiltrated by cybercriminals through a technique called “voice squatting.” By creating “malicious skills,” hackers have been able to trick voice assistants into continuing to listen after a user finishes speaking. In this scenario an unsuspecting person might think they’re connecting to their bank through their voice device, when unbeknownst to them, they’re giving away their personal information.  Because voice-controlled devices are frequently distributed without proper security protocol in place, they are the perfect vehicle in terms of executing a cyberattack on an unsuspecting consumer. To protect your voice assistants, make sure your Wi-Fi password is strong, and be on the lookout for suspicious activity on linked accounts.

While you can’t predict the future of IoT attacks, here are some additional tips and best practices on how to stay ahead of hackers trying to ruin your year:

  • Keep your security software up-to-date. Software and firmware patches are always being released by companies and are made to combat newly discovered vulnerabilities, so be sure to update every time you’re prompted to.
  • Pay attention to the news. With more and more information coming out around vulnerabilities and flaws, companies are more frequently sending out updates for smart cars and other IoT devices. While these should come to you automatically, be sure to pay attention to what is going on in the space of IoT security.
  • Change your device’s factory security settings. This is the single most important step to take to protect all devices. When it comes to products, many manufacturers aren’t thinking “security first.” A device may be vulnerable as soon as opening the box. By changing the factory settings you’re instantly upgrading your device’s security.
  • Use best practices for linked accounts.  For gaming systems and voice-first devices in particular, if you connect a service that leverages a credit card, protect that linked service account with strong passwords and two-factor authentication (2FA) where possible. In addition, pay attention to notification emails, especially those regarding new orders for goods or services. If you notice suspicious activity, act accordingly.
  • Setup a separate IoT network. Consider setting up a second network for your IoT devices that don’t share access to your other devices and data. Check your router manufacturer’s website to learn how. You might also consider adding in another network for guests and unsecured devices from others. Lastly, consider getting a router with built-in security features to make it easier to protect all the devices in your home from one place.
  • Use a firewall. A firewall is a tool that monitors traffic between an Internet connection and devices to detect unusual or suspicious behavior. Even if a device is infected, a firewall can keep a potential attacker from accessing all the other devices on the same network. When looking for a comprehensive security solution, see if a Firewall is included to ensure that your devices are protected.
  • Up your gaming security. Just announced at CES 2019, we’re bringing a sense of security to the virtual world of video games. Get in on the action with McAfee Gamer Security, Beta, it’s free!

Interested in learning more about IoT and mobile security trends and information? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post How to Protect Three Common IoT Devices in 2019 appeared first on McAfee Blogs.

Why it’s Time to Switch from Facebook Login to a Password Manager

Social media sites are increasingly the focus of our digital lives. Not only do we share, interact and post on platforms like Facebook —we also use these sites to quickly log into our favorite apps and websites. But what happens when these social media gatekeepers are hacked? Awhile back, Facebook suffered a major attack when hackers obtained the digital keys to access at least 30 million accounts (originally thought to be 50 million), exposing highly sensitive personal details.

The attack not only gave the bad guys access to the Facebook accounts but raised the prospect of them also being able to access any linked apps or websites. The message is clear: it may be time to store log-ins for these third-party accounts in a password manager, rather than a frequently targeted social media company.

What happened, exactly?

As a Facebook user, you’re probably well-aware of the ease-of-use benefit of logging-in to your third-party website and application accounts using your Facebook credentials. Known as Facebook Connect, this is what’s called a “Single Sign-On” feature: a fast, simple, and straightforward way to log in to your various accounts, so you don’t have to remember multiple different passwords for different sites and apps.

Convenient, eh? But here’s the problem. At the end of September (in 2018), Facebook discovered a major security issue: attackers managed to steal the crucial access tokens which act as “digital keys” to keep you logged into the site without having to re-enter your password each time you use Facebook. These keys also provide access to all those third-party applications and websites you log-in to via Facebook: everything from Airbnb and Amazon to Tinder and your favorite news apps. Since there’s a chance that the bad guys were also able to illegally access these, they may have been able to gather more of your sensitive info across these accounts to commit identity theft—and thereby gain access to your credit cards as well.

How did the hackers grab these all-important access tokens? By exploiting several bugs in Facebook’s “View As” and video posting features. (View As is a feature that allows users to see what their own profile looks like to someone else). They ultimately stole access tokens for 30 million  users; accessed just name and contact details for 15 million; virtually all profile info including name, contact details, username, gender, language, relationship status, religion, etc. for 14 million; and no info at all for 1 million.

Facebook has been quick to point out that there are currently no signs the attackers did access any of third-party apps using Facebook SSO. However, that may change. It also doesn’t alter the fact that a similar incident like this, or worse, could happen in the future. Social media and web providers like Facebook are a major target for attackers, while human error will inevitably lead to some security mistakes in the future. A bug in Google’s code recently exposed the data of 500,000 users of its Google+ social platform, which has prompted their decision to shut down the consumer side of the site within the next 10 months (as of October 2018).

How can I stay safe?

Post-hack

Facebook has fixed the bugs in question and reset the access tokens of those affected by this breach, which should help to stop future attacks. However, if your account was illegally accessed in the attack, there are a few steps you should take:

  • Visit this link to get a yes or no answer on whether you were affected.
  • Be on the lookout for scams: Fraudsters may call, email or send you messages using the info they’ve obtained from the breach.
  • Beware of phishing emails: scammers might try to capitalize on the notoriety of the incident to get you to part with sensitive info, by sending emails pretending to come from Facebook. Here’s how to confirm if they’re real or not.
  • You may need to call your bank: if you were in the second group of 14m users, the hackers may have enough personal info on you to answer security questions to access your accounts. Consider adding further layers of security.

Take preventative steps

After the above, consider the following options to keep all your accounts secure going forward:

  • Disable Facebook SSO. Go toyour Facebook settings and remove all apps under Active Apps and Websites. Then under Apps, Websites and Games go to Preferences and click on Edit then Turn Off.
  • Switch on two-factor authentication: this will add an extra layer of security to your Facebook log-in. Visit Facebook’s Settings> Security and login> Setting up extra security> Use two-factor authentication.
  • Consider Facebook’s app password generator: If you wish to maintain app and website connections, this function lets you generate unique passwords for your linked apps and websites, instead of using the Facebook SSO password. However, these passwords can’t be stored in a password manager, and if you log out of the app, you’ll have to generate a fresh password.
  • Better yet, invest in a password manager to securely generate and store strong and unique passwords for each of your Facebook linked apps and websites.

Will it affect my use of Facebook?

If you disable Facebook SSO there may be some loss of sharing functionality. For example, you might find that you can’t post/share articles from within news apps direct to Facebook, and instead have to cut and paste the link manually. It will depend, however, on the apps you’re using. At the end of the day, you need to decide what’s more important to you: tighter integration between apps/websites and Facebook, or keeping your passwords in a separate, secure place away from the social media company.

How can Trend Micro help?

Trend Micro Password Manager can help you to protect the privacy and security of your app and website account passwords across PCs and Macs, and Android and iOS mobile devices. Use it as a highly user-friendly but more-secure alternative to Facebook SSO. Trend Micro Password Manager

  • Generates highly secure, unique, and tough-to-hack passwords for each of your online accounts.
  • Securely stores and replays these credentials for log-ins, so you don’t have to remember them.
  • Offers an easy way to change passwords, if any do end up being leaked or stolen.
  • Makes it quick and easy to manage your passwords from any location, on any device and browser.
  • Works across both apps and websites, with particular benefit for apps you use in conjunction with Facebook on your mobile devices.

For more information, or to purchase the product, go to our Trend Micro Password Manager website. Note that Trend Micro Password Manager is automatically installed with Trend Micro Maximum Security.

The post Why it’s Time to Switch from Facebook Login to a Password Manager appeared first on .

How to Get Technology Working for You This Christmas

Harnessing the power of the internet and technology this Christmas may just be what you need to get over this extraordinarily stressful period. While many of you maybe all sorted for the big day, there are still many of us who aren’t.

Many of us are still attending daily Christmas gatherings, still working, still trying to entertain kids, shop & most importantly, work out what we are going to serve to 25 people on Christmas day!!

So, let me share with you my top tips on how we can all use the wonders of the internet and technology to get through:

  1. E-Cards

If you haven’t done these yet – and let’s be honest very few do now – then scrap this idea immediately. But if your guilt just can’t be silenced then check out ecards. I personally love Smilebox but Lifewire has put together a list of the top ecard sites. But remember, always use a reputable site so your recipients as more likely to open them. Cybercrims have been known to send unsuspecting recipients ecards with the aim of trying to extract their personal information.

  1. Online Gift Shopping

Getting to the bottom of the Christmas gift list takes time. So, if you still have presents to buy then avoid the crowds and get online. There are still plenty of retailers who are guaranteeing delivery before Christmas. So, make yourself a cup of tea and set the timer for an hour. You’ll be surprised how much you can get done when you have a deadline! Finder.com has put together a list of the top 50 Australian shopping sites – check it out! I do have to disclose I have a soft spot for Peter’s of Kensington, Country Road and Myer online. Great service and speedy delivery!

But please remember to observe safe online shopping habits. Only buy from trusted retailers, look for a padlock at the start of a web address to ensure transactions are encrypted, avoid offers that are ‘too good to be true’ and don’t ever use public Wi-Fi to do your shopping.

  1. Get Some Extra Help Online

If you haven’t yet used Airtasker to help you work through your to-do list, then you need to start ASAP. Airtasker brings jobs and helpers together in an easy to use app. If your house needs a clean or the garden needs a makeover before the relatives arrive, then log on and create a job and wait for Airtaskers to bid on it. So easy!

  1. Create an Online To-Do List

There’s nothing like a bit of planning to reduce pressure. Why not create a to-do list in Google Docs or an Excel spreadsheet to identify which family member is responsible for what on the big day? Alternatively, you could create your to-do list in an app like Todoist and then send each person’s task directly to their inbox? Very organised indeed!

So, let’s all take a deep breath. Christmas 2018 is going to be fantastic. Let’s get technology working for us so we can get through our to-do lists and be super parents – even though we all know they just don’t exist!

Merry Christmas

Alex xx

The post How to Get Technology Working for You This Christmas appeared first on McAfee Blogs.

Keep Your Online Transactions Secure with Trend Micro Security’s Pay Guard Browser

Nowadays, online transactions are often under threat from malware and browser injections that would steal your identity data or your money as you log in to your favorite banking, financial, or commercial accounts. Trend Micro’s new Pay Guard Browser, available with all three 2019 PC editions of Trend Micro Security, is specifically designed to secure and keep your data private by automatically providing a “hardened browser” for all your online transactions.

Pay Guard works by eliminating any vulnerabilities or third-party extensions in your default PC browser—whether Chrome, Firefox, or Internet Explorer. It then applies Trend Micro’s famous Trend Micro Toolbar to maximize your protection from cybercriminals who want to steal your credentials. Users can then also deploy Trend Micro Password Manager in Pay Guard Browser to further ensure that you only use strong, encrypted passwords when conducting transactions in your online accounts.

Trend Micro Security’s Pay Guard Browser is easy-to-use, fast and secure—so you never have to worry about threats when banking or shopping online. For more information or to download and buy Trend Micro Security, go to the Trend Micro Security Products Overview page.

For those of you who’d like to use Trend Micro Password Manager with Pay Guard, note that Password Manager is automatically installed with Trend Micro Maximum Security. Others can go to the Password Manager Software page for more information, or to download a Trial or buy the program.

Watch our YouTube video How to Use Trend Micro Pay Guard for instructions on how to use it with Trend Micro Security’s Toolbar and Password Manager.

The post Keep Your Online Transactions Secure with Trend Micro Security’s Pay Guard Browser appeared first on .

What CES Can Show Us About Evolving Consumer Security Needs: A Timeline

Appropriately dubbed the ‘Global Stage for Innovation,’ it’s no wonder CES showcases the most cutting-edge consumer technologies coming out in the year ahead. No topic is off the table; Attendees will learn more about connected homes, smart cities and self-driving cars, try out shiny new digital health wearables, headsets, and other connected tech, explore AI-driven technologies, and so much more.

Although events like CES showcase breakthrough technologies, interestingly, they also highlight how rapidly new technology is replaced with the next new thing. The rate at which we are treading on new ground is shifting exponentially, and what we see at CES this January might be obsolete in just a few years.

This rapidly changing technological landscape poses a significant predicament to consumers, a ‘digital dilemma’ if you will: as new technologies accelerate and IoT devices that house them progress, new challenges arise with them. This is particularly the case when it comes to security and privacy. And, just as security and products change and adapt, so do our needs and wants as consumers. Those of a teen differ from those of a parent, from those of a baby boomer, and so on. Let’s see how those needs change over time.

A Digital Life Timeline

2015: The Teen Technologist

Born in the late ‘90s, this teen is an everyday gamer, who loves to play games online with friends. They also love their smartphone, mostly for the access to social media. A teen wouldn’t necessarily be concerned with security, so having a comprehensive system built in is crucial.

2021: The Young Professional

Entering the workforce for the first time, the young professional is finally able to buy the gadgets that were once luxuries. They might have two phones; one for work and a personal device. Additionally, they are bringing more connected devices into their home, so the need for a secure home network has become obvious. They are also always on the go and having to connect to public Wi-Fi, so a Virtual Private Network (VPN) should be considered.

2032: The Concerned Parent

Fast forward almost ten years, the young professional has become a worrying parent. Their kids are spending too much time on screens. Having a way to monitor what they are doing on the internet and limit their time online is crucial, and an application that could  provide parental controls would be welcomed. Also, as they bring larger, more connected devices into the home, like smart refrigerators and thermostats, they are excited about a platform that will bake in security through a home network.

2038: The Brand Loyalists

The concerned parent has found devices they like and those they do not like. But more importantly, they have found brands they love, and they may continue to purchase from to bring the latest technology into their family’s lives. A comprehensive security system that covers all types of devices is exactly what they would need to keep a layer of protection

2045: The Unacquainted User

At this point in a digital journey, our user has stopped keeping up with trends because things have changed so much. Almost to the point where they are unwilling to learn new tech, or are untrusting of it all together. But the need to maintain their security and privacy is still top of mind –especially as cybercriminals often prey on this demographic due to being an easy target. A person like this might worry about ransomware, viruses, and identity theft along with protecting their home network.

As you can see, a person’s security and safety needs, desires, and even their devices evolve depending on the moment in which they are within their life. With so much in flux, the last thing anyone wants to think about is security – but with constantly changing technology at an all-time high, it’s safe to bet that threats will evolve to keep pace, and so should the ways in which we protect devices. For these reasons, it’s important to leverage a security partner that will keep this in mind, and will grow with not only our evolving needs, but evolving technology, too.

To learn more about consumer security and our approach to it, be sure to follow us at @McAfee and @McAfee_Home.

The post What CES Can Show Us About Evolving Consumer Security Needs: A Timeline appeared first on McAfee Blogs.

Ghosts of Botnets Past, Present, and Future

‘Twas the morning of October 21st, and all through the house many IoT devices were stirring, including a connected mouse. Of course, this wasn’t the night before Christmas, but rather the morning of Dyn — the 2016 DDoS attack on the service provider that took the entire East Coast offline for a few hours. The root of the attack: botnets, AKA unsecured IoT devices that were enslaved by Mirai malware. And though this attack made history back in 2016, botnet attacks and the manipulation of vulnerable IoT devices have shown no signs of slowing since. To explore how these attacks have evolved over time, let’s examine the past, present, and future of botnets.

The Past

Any internet-connected device could potentially become a botnet. A botnet is an aggregation of connected devices, which could include computers, mobile devices, IoT devices, and more that have been infected and thereby under the control of one malware variant. The owners of these devices are typically unaware their technology has been infected and thereby under the control of the malware author.

This infection and enslavement process came to a powerful fruition on that fateful October morning, as thousands of devices were manipulated by Mirai malware and transformed into botnets for cybercriminals’ malicious scheme. Cybercriminals used this botnet army to construct one of the largest DDoS attacks in recent history on DNS provider Dyn, which temporarily knocked major sites such as Twitter, Github, and Etsy offline.

The Present

Now, the Dyn attack is arguably one of the most infamous in all of security history. But that doesn’t mean the attacks stop there. Fast forward to 2018, and botnets are still just as prominent, if not more. Earlier in the year, we saw Satori emerge, which even borrowed code from Mirai, as well as Hide N Seek (HNS), which has managed to build itself up to 24,000 bots since January 10th.

What’s more — DDoS attacks, which are largely driven by botnets, have also showed no signs of slowing this year. Just take the recent WordPress attack for example, which actually involved an army of over 20,000 botnets attacking sites across the web.

The Future

Botnets don’t just have a past and present — they likely have a future as well. That’s because cybercriminals favor the potency of this ‘infect and enslave’ tactic, so much so that they’re trying to spread it far and wide. Turns out, according to one report, you can even rent an IoT botnet, as one Dark Web advertisement displayed a 50,000-device botnet for rent for a two-week duration to conduct one-hour attacks a rate of $3000 – $4000.

The good news is — the cybersecurity industry is preparing for the future of botnet attacks as well. In fact, we’ve engineered technology designed to fight back against the nature of insecure IoT devices — such as our Secure Home Platform solution.

However, a lot of the botnet attacks can be stopped by users themselves if they implement strong security practices from start. This means changing the default passwords on any new IoT device you get, keeping any and all software up-to-date, always using a firewall to detect unusual behavior, and implementing comprehensive security software to ensure that all your computers and devices have protection.

If users everywhere implement the right processes and products from the start, botnet attacks may eventually become a thing of the past, and won’t ever be part of the present again.

To learn more about IoT device security and our approach to it, be sure to follow us at @McAfee and @McAfee_Home.

The post Ghosts of Botnets Past, Present, and Future appeared first on McAfee Blogs.

The Year That Was – Cybersecurity Takeaways From 2018

So, what was 2018 like for you? Just another year, a whirlwind of happiness and heartbreaks, or a momentous one that will stay in your memory forever? In the cyberworld, a lot has happened this year. There were data breaches and bitcoin mining; social media platform hacks and spread of fake news; mass campaigns online and bank/ATM hacks. An eventful year, wouldn’t you say?

As governments around the world are exploring tightening their cyber security laws, security vendors are working on creating better and stronger tools to keep us safe online. Let’s take a quick look at the major security breaches that occurred over the year. In hindsight, we can understand better where we are failing and what steps we, the consumers, can take to protect our data and identity.

There have been such rampant phishing and data mining attacks, that even those who do not keep up with technology have now started feeling the heat of it. For example, when a large bank’s server was attacked, or the SIM card swipe fraud was uncovered, there was chaos everywhere.

Time to recapitulate the attacks that matter most to us, the consumers:

  1. Bank and ATM system hacks
  2. Phishing attacks: via email and social media platforms
  3. DDoS botnet attack: These attacks were mainly targeted at gaming sites and government websites, severely slowing down operation
  4. Hacking of customer bases: We have noted several significant data breaches over the year and it has become a major concern for the govt, industries and security firms.
  5. IoT attacks: Smart devices are the latest tech additions to our homes but when these are compromised, it may lead to the compromise of all connected devices. Users should adopt care while downloading apps because malicious apps can be used to corrupt, or control connected devices at home
  6. Public Wi-Fi: Using public Wi-Fi to transmit sensitive information or for carrying out financial transactions, expose users to hacking and data theft
  7. Hacking of social media platforms: As most of us are now signed on to some or the other popular social media platforms, we need to be extra careful about our data privacy and how much information we are sharing online.

As India remains vulnerable for Web Application Attacks, we need to gear up and maximize our security in the virtual space. Not only do we need to follow traditional security measures but also need to address new sources of threat like ATM hacks, Crypto mining and control of home IoT devices by cyber criminals. Awareness is key for an aware user to know about new threats and ways to combat them.

Sharing some safety tips to see you securely through the next year:

  • Monitor Digital Assistants – Prevent your digital assistants from becoming attack portals for cyber criminals. Limit the extent of control they have over other devices, if you can. Ensure your home router default password is changed and you update your software regularly, to patch any security vulnerabilities
  • Password is the key – The safety of your online accounts depends a lot on strong and unique passwords, that are a mix of upper case, lower case, symbols and are at least 12 characters long. Better still, opt for a well-known password manager.
  • Be Mindful – Always research and review apps before downloading. The same goes for new websites, or e-payment gateways. Further, download mobile apps only from genuine stores, like Google Play and Apple’s App Store, for they continually check and take down suspicious apps
  • Secure all your devices – Use a comprehensive security tool to scan content before downloading and send suspicious messages into the spam folder
  • Stay Informed – Stay on top of the latest in cybersecurity by following my blog and @McAfee_Home on Twitter. Don’t forget to listen to our podcast Hackable?

 

Ciao folks! See you in 2019.

Source Credits:

https://securingtomorrow.mcafee.com/consumer/mobile-and-iot-security/zombie-iot-botnets/

 

The post The Year That Was – Cybersecurity Takeaways From 2018 appeared first on McAfee Blogs.

How To Help Your Teen Organise a Party Online Without It Becoming a Public Spectacle

Teen Parties and Instagram. If your teen is keen to have a party, I can guarantee you that they will not be handing out paper invitations on the playground! It’s all done online now my friends and that means – it can get very messy.

When my kids were in Primary School, I would make party invitations on Smilebox. It was so easy to personalise your invitation – you could, (and still can) add pics and even videos. And then best of all, you can print them out, or email them directly to your guests. Perfect!!

But, unfortunately, my teen boys won’t have a bar of Smilebox. Parties are now organised on Instagram which is definitely not as clean cut as Smilebox.

How Parties are Organised on Instagram

For those of you who aren’t familiar with the process of party organising on Instagram, let me share with you the process. But first, please sit down, it may make your hair stand on end.

  1. Create a private Instagram account that is specifically for the party eg Alex’s 21st Birthday Party. Include a small blurb about the party and encourage interested people to apply – I’m not joking!
  2. Tell a few key friends about the event and have them share the account in their Instagram story. This is to attract like-minded people who might be suitable for the party.
  3. People who are interested in attending the party then request to follow the account. The person holding the party then decides whether they would like the potential guest to attend. They check them out online and see if they are the ‘right fit’. If the potential guest’s request to follow is accepted, this means that they have an invite to the party.

Now, you can just imagine how this could play out. The fact the party account’s existence is shared by nominated friends means a teen’s entire school year and social circle quickly finds out about the party. And teens want to be included – we’ve all been there – so, of course many apply to attend the party. But unfortunately, numbers are limited so they are excluded but in the public arena that is Instagram.

I totally appreciate that you can’t have unlimited numbers to social gatherings, but life in the pre-social media era made this far easier to deal with. You may have known, for example, that your math class buddy, Rebecca, was having a party and that you weren’t invited. But you didn’t have to humiliate yourself by applying, being rejected and then having to view the fabulous images of the night, usually taken by a glossy professional photographer.

Is There Another Way?

No 4 son recently turned 15 and was super keen for a party. He and I were both determined to avoid this cruel approach to party organising. While he couldn’t have unlimited numbers and couldn’t invite everyone, our aim was to keep it as low key as possible while trying to avoid hurting kids’ feelings.

So, we went old-school! He invited guests directly. He did use Instagram but each guest received a private message. He did consider doing a group message on Instagram however there was a risk that the guests could add someone into the conversation and share the party details publicly.

And I’m pleased to report that the party went off without a hitch! I think my 2 eldest sons who were the ‘Security Team’ were a tad disappointment that there were no issues. I was very relieved!

Empathy Is Essential

As a mother of four sons, I am very aware of the importance of robust mental health. The digital world in which are kids are growing up adds a huge layer of complexity and additional pressures to daily life that didn’t exist when we were young. No longer can issues be left at school or on the bus, social media means you have no escape. And it is this constant pressure that is widely documented to be contributing to an increase in anxiety and depression amongst our teens.

It’s no secret that humans are at their most vulnerable during their teenage years. So, I strongly encourage parents of teens to help their offspring rethink their approach to organising social gatherings. Ask them to take a minute to think about how it would feel to be excluded from a party, particularly after having to gather the courage to apply to attend. I know it would have an impact on my self-worth and I’m in my 40’s!! Encourage them to find an alternative way of organising their event.

Digital Parenting Can Be a Tough Gig

Parenting ‘digital natives’ is tough. Our generation of kids have technology running through their veins while we are doing our best to stay up to date. If your teens dismisses your suggestions about party organising and keep assuring you that they have it ‘all under control’, take a deep breath. Respect for others, empathy and kindness is what you are trying to instill – and these concepts have been around for thousands of years!! So, stay strong!!

Till next time,

Alex xx

 

The post How To Help Your Teen Organise a Party Online Without It Becoming a Public Spectacle appeared first on McAfee Blogs.

12 Days of Hack-mas

2018 was a wild ride when it came to cybersecurity. While some hackers worked to source financial data, others garnered personal information to personalize cyberattacks. Some worked to get us to download malware in order to help them mine cryptocurrency or harness our devices to join their botnets. The ways in which they exact their attacks are becoming more sophisticated and harder to detect. 2019 shows no sign of slowing down when it comes to the sophistication and multitude of cyberattacks targeted toward consumers.

Between the apps and websites we use every day, in addition to the numerous connected devices we continue to add our homes, there are a more ways than ever in which our cybersecurity can be compromised. Let’s take a look at 12 common, connected devices that are vulnerable to attacks –most of which our friends at the “Hackable?” podcast have demonstrated– and what we can do to protect what matters. This way, as we move into the new year, security is top of mind.

Connected Baby Monitors

When you have a child, security and safety fuels the majority of your thoughts. That’s why it’s terrifying to think that a baby monitor, meant to give you peace of mind, could get hacked. Our own “Hackable?” team illustrated exactly how easy it is. They performed a “man-in-the-middle” attack to intercept data from an IoT baby monitor. But the team didn’t stop there; next they overloaded the device with commands and completely crashed the system without warning a parent, potentially putting a baby in danger. If you’re a parent looking to bring baby tech into your home, always be on the lookout for updates, avoid knockoffs or brands you’re not familiar with, and change your passwords regularly.

Smart TVs

With a click of a button or by the sound of our voice, our favorite shows will play, pause, rewind ten seconds, and more – all thanks to smart TVs and streaming devices. But is there a sinister side? Turns out, there is. Some smart TVs can be controlled by cybercriminals by exploiting easy-to-find security flaws. By infecting a computer or mobile device with malware, a cybercriminal could gain control of your smart TV if your devices are using the same Wi-Fi. To prevent an attack, consider purchasing devices from mainstream brands that keep security in mind, and update associated software and apps regularly.

Home Wi-Fi Routers

Wi-Fi is the lifeblood of the 21st century; it’s become a necessity rather than a luxury. But your router is also a cybercriminal’s window into your home. Especially if you have numerous IoT devices hooked up to the same Wi-Fi, a hacker that successfully cracks into your network can get ahold of passwords and personal information, all of which can be used to gain access to your accounts, and launch spear phishing attacks against you to steal your identity or worse. Cybercriminals do this by exploiting weaknesses in your home network. To stay secure, consider a comprehensive security solution like McAfee® Secure Home Platform.

Health Devices and Apps

Digital health is set to dominate the consumer market in the next few years. Ranging from apps to hardware, the ways in which our health is being digitized varies, and so do the types of attacks that can be orchestrated. For example, on physical devices like pacemakers, malware can be implanted directly on to the device, enabling a hacker to control it remotely and inflict real harm to patients. When it comes to apps like pedometers, a hacker could source information like your physical location or regular routines.  Each of these far from benign scenarios highlight the importance of cybersecurity as the health market becomes increasingly reliant on technology and connectivity.

Smart Speakers

It seems like everyone nowadays has at least one smart speaker in their home. However, these speakers are always listening in, and if hacked, could be exploited by cybercriminals through spear phishing attacks. This can be done by spoofing actual websites which trick users into thinking that they are receiving a message from an official source. But once the user clicks on the email, they’ve just given a cybercriminal access to their home network, and by extension, all devices connected to that network too, smart speakers and all. To stay secure, start with protection on your router that extends to your network, change default passwords, and check for built-in security features.

Voice Assistants

Like smart speakers, voice assistants are always listening and, if hacked, could gain a wealth of information about you. But voice assistants are also often used as a central command hub, connecting other devices to them (including other smart speakers, smart lights or smart locks). Some people opt to connect accounts like food delivery, driver services, and shopping lists that use credit cards. If hacked, someone could gain access to your financial information or even access to your home. To keep cybercriminals out, consider a comprehensive security system, know which apps you can trust, and always keep your software up to date.

Connected Cars

Today, cars are essentially computers on wheels. Between backup cameras, video screens, GPS systems, and Wi-Fi networks, they have more electronics stacked in them than ever. The technology makes the experience smoother, but if it has a digital heartbeat, it’s hackable. In fact, an attacker can take control of your car a couple of ways; either by physically implanting a tiny device that grants access to your car through a phone, or by leveraging a black box tool and  your car’s diagnostic port completely remotely. Hacks can range anywhere from cranking the radio up to cutting the transmission or disabling the breaks. To stay secure, limit connectivity between your mobile devices and a car when possible, as phones are exposed to risks every day, and any time you connect it to your car, you put it at risk, too.

Smart Thermostats

A smart thermostat can regulate your home’s temperature and save you money by learning your preferences. But what if your friendly temperature regulator turned against you? If you don’t change your default, factory-set password and login information, a hacker could take control of your device and make it join a botnet

Connected Doorbells

When we think high-tech, the first thing that comes to mind is most likely not a doorbell. But connected doorbells are becoming more popular, especially as IoT devices are more widely adopted in our homes. So how can these devices be hacked, exactly? By sending an official-looking email that requests that a device owner download the doorbell’s app, the user unwittingly gave full access to the unwelcome guest. From there, the hackers could access call logs, the number of devices available, and even video files from past calls. Take heed from this hack; when setting up a new device, watch out for phishing emails and always make sure that an app is legitimate before you download it.

Smart Pet Cameras

We all love our furry friends and when we have to leave them behind as we head out the door. And it’s comforting to know that we can keep an eye on them, even give them the occasional treat through pet cameras. But this pet-nology can be hacked into by cybercriminals to see what’s get an inside look at your home, as proven by the “Hackable?” crew. Through a device’s app, a white-hat hacker was able to access the product’s database and was able to download photos and videos of other device owners. Talk about creepy. To keep prying eyes out of your private photos, get a comprehensive security solution for your home network and devices, avoid checking on your pet from unsecured Wi-Fi, and do your research on smart products you purchase for your pets.

Cell Phones

Mobile phones are one of the most vulnerable devices simply because they go everywhere you go. They essentially operate as a personal remote control to your digital life. In any given day, we access financial accounts, confirm doctor’s appointments and communicate with family and friends. That’s why is shocking to know how surprisingly easy it is for cybercriminals to access the treasure trove of personal data on your cell phone. Phones can be compromised a variety of ways; but here are a few: accessing your personal information by way of public Wi-Fi (say, while you’re at an airport), implanting a bug, leveraging a flaw in the operating system, or by infecting your device with malware by way of a bad link while surfing the web or browsing email.  Luckily, you can help secure your device by using comprehensive security such as McAfee Total Protection, or by leveraging a VPN (virtual private network) if you find yourself needing to use public Wi-Fi.

Virtual Reality Headsets

Once something out of a science fiction, virtual reality (VR) is now a high-tech reality for many. Surprisingly, despite being built on state of the art technology, VR is quite hackable. As an example, though common and easy-to-execute tactics like phishing to prompt someone to download malware, white-hat hackers were able to infect a linked computer and execute a command and control interface that manipulated the VR experience and disorientated the user. While this attack isn’t common yet, it could certainly start to gain traction as more VR headsets make their way into homes. To stay secure, be picky and only download software from reputable sources.

This is only the tip of the iceberg when it comes to hackable, everyday items. And while there’s absolutely no doubt that IoT devices certainly make life easier, what it all comes down to is control versus convenience. As we look toward 2019, we should ask ourselves, “what do we value more?”

Stay up-to-date on the latest trends by subscribing to our podcast, “Hackable?” and follow us on Twitter or Facebook.

The post 12 Days of Hack-mas appeared first on McAfee Blogs.

Cyberbullying’s Impact on Both Society and Security

In my last piece, I broke down the who, what, and how of cyberbullying, as most people are unaware of how the problem actually takes a variety of forms. With multiple types of cyberbullies and methods for digital bullying impacting kids today, the phenomenon’s effect on society is nothing short of powerful. In fact, according to statistics reported by ABC News, nearly 30 percent of students are either bullies or victims of bullying. The problem affects many and has many ramifications, both on society and the way we approach security. Let’s take a look.

Side Effects of Cyberbullying

The victims of cyberbullying will likely never view the internet the same way again, as their digital identities could be potentially damaged by aggressive online attacks. If subject to cyberbullying, it’s likely a victim’s online identity will reshape entirely.

But beyond that, the most blatant and concerning effect of cyberbullying is how it can impact the victim’s mental health. Faced with a constant barrage of insults and harassment, the victims of cyberbullying often grapple with negative thoughts, insecurity, and even depression after their attacks occur. In fact, according to Penn State, 30% of individuals who were cyberbullied turned toward self-harming behaviors and began having suicidal thoughts.

The digital impact not only extends to the mental sphere, but to the physical one too. Beyond changing someone’s digital identity and mental health state, cyberbullying can also cause kids to change schools and families to relocate. 

Securing Both the Digital and the Physical

With cyberbullying’s impact extending so far past the digital plane, that means it also changes the way we approach securing innocent internet users everywhere from cyberbullying. But with cyberbullying giving old schoolyard bullies a new playing field, we’re all now faced with the conundrum – how do you prevent both the digital and physical ramifications of the issue?

Now, it can be challenging to prevent cyberbullying from having mental and physical effects on victims. For parents whose kids have been subject to cyberbullying, there are quite a few hotlines and online resources available. Additionally, my previous blog outlined a few talking points parents can cover off in order to weave cybersecurity into their family’s dialogue.

As for the digital, there are a handful of tools consumers can equip themselves with set up preventative measures and secure their family’s devices from malicious online activity. Family safety solutions like McAfee Safe Family can help parents set rules and time limits for apps and websites, as well as see what their kids are doing online. There are also tools like McAfee WebAdvisor, which can help prevent kids from entering any sites where malicious characters or content live.

For parents, educators, or even law enforcement, it can be a struggle to comprehend the issues that stem from cyberbullying, let alone have effective means to deal with it. Accurate prevention is possible, but there doesn’t seem to be enough tools, methods, or measures to get there yet.

Therefore, we must all step up and look into the right research and technology required to stop cyberbullying. Only then will both the digital and physical worlds be free of the effects of these nasty online bullies.

To learn more about family safety and our approach to it, be sure to follow us at @McAfee and @McAfee_Home.

The post Cyberbullying’s Impact on Both Society and Security appeared first on McAfee Blogs.

Avoid Falling Prey to Online Shopping Bait This Festive Season

For a moment, I thought this crazy friend of mine had finally lost it. She was staring at her laptop screen, multiple sites open, checking out various apparels at once and muttering under her breath.

Is there a problem?” I hesitantly asked.

I have to attend this destination wedding and they have theme parties, and I don’t have anything to wear in the required colours!” she wailed.

Ah well! Hence the shopping websites.” I realized.

Well, two heads are better than one, they say, and together we made all the purchases in record time. Needless to say, I insisted she used a secure device, limited her searches to trusted websites (using McAfee WebAdvisor), read the reviews and used prepaid credit cards. Cyber safety first and always.

But the ordeal was far from over. “You are Godsent! Now help me search for gifts!

While most of the world celebrates the year-end period as the Festive Season, we in India have a bigger reason to shop- It’s the Shaadi (marriage) season as well! It’s that time of the year when everyone seems to be getting married- resulting in endless parties, snarling traffic, overcrowded shops and packed salons. With most women juggling home and professions, fitting in shopping becomes a tough task. Online shopping is therefore the perfect solution for time-challenged urbanites.

And you can hardly blame them. As they sip their chai after a stressful day, they can simultaneously choose and place their orders and it’s done! No wonder the e-commerce market in India is expected to reach US$ 64 billion by 2020, as per a report by India Brand Equity Foundation!

Unfortunately, when it comes to online shopping, consumers are more concerned about finding a bargain deal and making the most of ‘Flash’ sales than their online security. They risk the dangers of hacking, being scammed and having their personal details and banking credentials stolen in their haste to make a good buy.

The Survey

Recently, McAfee conducted a survey, Holiday Stresses, which revealed the risky habits of online shoppers. The survey found that though consumers are aware of potential risks of online shopping, they still preferred it to the traditional system. It is interesting to note that 77 percent of respondents say that shopping during festive season induces increased financial stress!

The Online Shopping Trap

So, what kind of risks are consumers taking to get the best deals or while shopping in a hurry online?

  • 30% said that they would share their home address
  • 45% would share their phone numbers
  • 19% would risk sharing their bank details
  • 68% are willing to use a website they are unfamiliar with

 The Positives

But all is not lost. Indian shoppers are evolving to adopt safer online buying habits. Wow!

  • Nearly 74% say they would research an unfamiliar site and establish its authenticity before making purchases
  • 55% said they will not make a purchase over an unsecure Wi-Fi connection
  • 55% check their bank statements more often during the holiday festive season
  • 59% consumers would report receiving a phishing email

McAfee shares easy tips to help you stay safe while shopping online:

  • Always connect to public Wi-Fi with caution. Public Wi-Fi might seem like a good idea, but if consumers are not careful, they could be unknowingly be exposing personal information or credit card details to cybercriminals who are snooping on the network. If you have to conduct transactions on a public Wi-Fi connection use a virtual private network (VPN) to help keep your connection secure.
  • Think before you click. One of the easiest ways for a cybercriminal to compromise their victim is by using phishing emails to lure consumers into clicking links for products or services that could lead to malware, or a phony website designed to steal personal information. If the deal seems too good to be true, or the email was not expected it’s always best to check directly with the source.
  • Browse with security protection. Use comprehensive security protection, like McAfee Total Protection, which can help keep devices protected against malware, phishing attacks, and other threats. It includes McAfee WebAdvisor which can help identify malicious websites.

Let not financial or data losses mar the joys of the festive season for you and your loved ones. Take charge of your digital lives. Just like you secure your house, car and other belongings, similarly, secure your devices and use trusted websites for shopping.

Have a great time folks!

 

The post Avoid Falling Prey to Online Shopping Bait This Festive Season appeared first on McAfee Blogs.

Stay Secure and Your Wallet Full with Our Holiday Shopping #RT2Win Sweepstakes!

Black Friday and Cyber Monday mark the unofficial kickoff to the holiday shopping season. In anticipation of the busiest time of year for e-commerce, this year we conducted the Stressed Holiday Online Shopping survey to understand how financial pressure can impact buyer behavior when it comes to online purchasing and cybersecurity.

The economic burden of the holidays is something consumers know all too well. From gifts for the family to parties with friends, it’s no wonder that 79 percent of survey respondents said that holiday shopping puts financial stress on them. And the stress of stretching that budget lead 53 percent of respondents to say they can to be careless when online shopping. Further, more than half of consumers (56 percent) said that they would use a website they were unfamiliar with if it meant they would save money.

But just in time for holiday shopping season, we’re here to help take the financial burden off your shoulders with our Holiday Shopping RT2Win Sweepstakes! Two [2] lucky winners of the sweepstakes drawing will receive a $500 Amazon gift card. The best part? Entering is a breeze! Follow the instructions below to enter and good luck!

#RT2Win Sweepstakes Official Rules

  • To enter, follow @McAfee_Home on Twitter and find the #RT2Win sweepstakes tweet.
  • The sweepstakes tweet will be released on Monday, November 26, 2018, 2018 at 12:00pm PT. This tweet will include the hashtags: #ProtectWhatMatters, #RT2Win AND #Sweepstakes.
  • Retweet the sweepstakes tweet released on the above date, from your own handle. The #ProtectWhatMatters, #RT2Win AND #Sweepstakes hashtags must be included to be entered.
  • Make sure you’re following @McAfee_Home on Twitter! You must follow for your entry to count.
  • Sweepstakes will end on Sunday, December 9, 2018 at 11:59pm PT. All entries must be made before that date and time.
  • Winners will be notified on Tuesday, December 11, 2018 via Twitter direct message.
  • Limit one entry per person.
1. How to Win:

Retweet one of our contest tweets on @McAfee_Home that include “#ProtectWhatMatters, #RT2Win, AND #Sweepstakes” for a chance to win a $500 Amazon gift card (for full prize details please see “Prizes” section below). Two [2] total winners will be selected and announced on December 10, 2018. Winners will be notified by direct message on Twitter. For full Sweepstakes details, please see the Terms and Conditions, below.

#RT2Win Sweepstakes Terms and Conditions

2. How to Enter: 

No purchase necessary. A purchase will not increase your chances of winning. McAfee Holiday Shopping #RT2Win Sweepstakes will be conducted from November 26, 2018 through December 9, 2018. All entries for each day of the McAfee Holiday Shopping #RT2Win Sweepstakes must be received during the time allotted for the McAfee Holiday Shopping #RT2Win Sweepstakes. Pacific Daylight Time shall control the McAfee Holiday Shopping #RT2Win Sweepstakes, duration is as follows:

  • Begins: Monday, November 26, 2018­­ at 12:00pm PST
  • Ends: Sunday, December 9, 2018 at 11:59pm PST
  • Two [2] winners will be announced: Tuesday, December 11, 2018

For the McAfee Holiday Shopping #RT2Win Sweepstakes, participants must complete the following steps during the time allotted for the McAfee Holiday Shopping #RT2Win Sweepstakes:

  1. Follow @McAfee_Home on Twitter.
  2. Find the sweepstakes tweet of the day posted on @McAfee_Home which will include the hashtags: #ProtectWhatMatters, #RT2Win and #Sweepstakes.
  3. Retweet the sweepstakes tweet of the day and make sure it includes the #ProtectWhatMatters, #RT2Win, and hashtags.
  4. Note: Tweets that do not contain the #ProtectWhatMatters, #RT2Win, and #Sweepstakes hashtags will not be considered for entry.
  5. Limit one entry per person.

Two [2] winners will be chosen for the McAfee Holiday Shopping #RT2Win Sweepstakes tweet from the viable pool of entries that retweeted and included #ProtectWhatMatters, #RT2Win and #Sweepstakes. McAfee and the McAfee social team will choose winners from all the viable entries. The winners will be announced and privately messaged on Tuesday, December 11, 2018 on the @McAfee_Home Twitter handle. No other method of entry will be accepted besides Twitter. Only one entry per user is allowed, per Sweepstakes.   

3. Eligibility: 

McAfee Holiday Shopping #RT2Win Sweepstakes is open to all legal residents of the 50 United States who are 18 years of age or older on the dates of the McAfee Holiday Shopping #RT2Win Sweepstakes begins and live in a jurisdiction where this prize and McAfee Holiday Shopping #RT2Win Sweepstakes not prohibited. Employees of Sponsor and its subsidiaries, affiliates, prize suppliers, and advertising and promotional agencies, their immediate families (spouses, parents, children, and siblings and their spouses), and individuals living in the same household as such employees are ineligible. 

4. Winner Selection:

Winners will be selected at random from all eligible retweets received during the McAfee Holiday Shopping #RT2Win Sweepstakes drawing entry period. Sponsor will select the names of two [2] potential winners of the prizes in a random drawing from among all eligible submissions at the address listed below. The odds of winning depend on the number of eligible entries received. By participating, entrants agree to be bound by the Official McAfee Holiday Shopping #RT2Win Sweepstakes Rules and the decisions of the coordinators, which shall be final and binding in all respects.

5. Winner Notification:  

Each winner will be notified via direct message (“DM”) on Twitter.com by December 11, 2018. Prize winners may be required to sign an Affidavit of Eligibility and Liability/Publicity Release (where permitted by law) to be returned within ten (10) days of written notification, or prize may be forfeited, and an alternate winner selected. If a prize notification is returned as unclaimed or undeliverable to a potential winner, if potential winner cannot be reached within twenty-four (24) hours from the first DM notification attempt, or if potential winner fails to return requisite document within the specified time period, or if a potential winner is not in compliance with these Official Rules, then such person shall be disqualified and, at Sponsor’s sole discretion, an alternate winner may be selected for the prize at issue based on the winner selection process described above.

6. Prizes: 

The prize for the McAfee Holiday Shopping #RT2Win Sweepstakes is a $500 Amazon gift card for each of the two [2] entrants/winners. Entrants agree that Sponsor has the sole right to determine the winners of the McAfee Holiday Shopping #RT2Win Sweepstakes and all matters or disputes arising from the McAfee Holiday Shopping #RT2Win Sweepstakes and that its determination is final and binding. There are no prize substitutions, transfers or cash equivalents permitted except at the sole discretion of Sponsor. Sponsor will not replace any lost or stolen prizes. Sponsor is not responsible for delays in prize delivery beyond its control. All other expenses and items not specifically mentioned in these Official Rules are not included and are the prize winners’ sole responsibility.

Limit one (1) prize per person/household. Prizes are non-transferable, and no cash equivalent or substitution of prize is offered. The McAfee Holiday Shopping #RT2Win Sweepstakes has no affiliation with Amazon.

7. General Conditions: 

Entrants agree that by entering they agree to be bound by these rules. All federal, state, and local taxes, fees, and surcharges on prize packages are the sole responsibility of the prizewinner. Sponsor is not responsible for incorrect or inaccurate entry information, whether caused by any of the equipment or programming associated with or utilized in the McAfee Holiday Shopping #RT2Win Sweepstakes, or by any technical or human error, which may occur in the processing of the McAfee Holiday Shopping #RT2Win Sweepstakes. entries. By entering, participants release and hold harmless Sponsor and its respective parents, subsidiaries, affiliates, directors, officers, employees, attorneys, agents, and representatives from any and all liability for any injuries, loss, claim, action, demand, or damage of any kind arising from or in connection with the McAfee Holiday Shopping #RT2Win Sweepstakes, any prize won, any misuse or malfunction of any prize awarded, participation in any McAfee Holiday Shopping #RT2Win Sweepstakes-related activity, or participation in the McAfee Holiday Shopping #RT2Win Sweepstakes. Except for applicable manufacturer’s standard warranties, the prizes are awarded “AS IS” and WITHOUT WARRANTY OF ANY KIND, express or implied (including any implied warranty of merchantability or fitness for a particular purpose).

8. Limitations of Liability; Releases:

By entering the Sweepstakes, you release Sponsor and all Released Parties from any liability whatsoever, and waive any and all causes of action, related to any claims, costs, injuries, losses, or damages of any kind arising out of or in connection with the Sweepstakes or delivery, misdelivery, acceptance, possession, use of or inability to use any prize (including claims, costs, injuries, losses and damages related to rights of publicity or privacy, defamation or portrayal in a false light, whether intentional or unintentional), whether under a theory of contract, tort (including negligence), warranty or other theory.

To the fullest extent permitted by applicable law, in no event will the sponsor or the released parties be liable for any special, indirect, incidental, or consequential damages, including loss of use, loss of profits or loss of data, whether in an action in contract, tort (including, negligence) or otherwise, arising out of or in any way connected to your participation in the sweepstakes or use or inability to use any equipment provided for use in the sweepstakes or any prize, even if a released party has been advised of the possibility of such damages.

  • To the fullest extent permitted by applicable law, in no event will the aggregate liability of the released parties (jointly) arising out of or relating to your participation in the sweepstakes or use of or inability to use any equipment provided for use in the sweepstakes or any prize exceed $10. The limitations set forth in this section will not exclude or limit liability for personal injury or property damage caused by products rented from the sponsor, or for the released parties’ gross negligence, intentional misconduct, or for fraud.
  • Use of Winner’s Name, Likeness, etc.: Except where prohibited by law, entry into the Sweepstakes constitutes permission to use your name, hometown, aural and visual likeness and prize information for advertising, marketing, and promotional purposes without further permission or compensation (including in a public-facing winner list).  As a condition of being awarded any prize, except where prohibited by law, winner may be required to execute a consent to the use of their name, hometown, aural and visual likeness and prize information for advertising, marketing, and promotional purposes without further permission or compensation. By entering this Sweepstakes, you consent to being contacted by Sponsor for any purpose in connection with this Sweepstakes.
9. Prize Forfeiture:

If winner cannot be notified, does not respond to notification, does not meet eligibility requirements, or otherwise does not comply with the prize McAfee Holiday Shopping #RT2Win Sweepstakes rules, then the winner will forfeit the prize and an alternate winner will be selected from remaining eligible entry forms for each McAfee Holiday Shopping #RT2Win Sweepstakes.

10. Dispute Resolution:

Entrants agree that Sponsor has the sole right to determine the winners of the McAfee Holiday Shopping #RT2Win Sweepstakes and all matters or disputes arising from the McAfee Holiday Shopping #RT2Win Sweepstakes and that its determination is final and binding. There are no prize substitutions, transfers or cash equivalents permitted except at the sole discretion of Sponsor.

11. Governing Law & Disputes:

Each entrant agrees that any disputes, claims, and causes of action arising out of or connected with these sweepstakes or any prize awarded will be resolved individually, without resort to any form of class action and these rules will be construed in accordance with the laws, jurisdiction, and venue of the State of New York, U.S.A.

12. Privacy Policy: 

Personal information obtained in connection with this prize McAfee Holiday Shopping #RT2Win Sweepstakes will be handled in accordance policy set forth at http://www.mcafee.com/us/about/privacy.html.

  1. Winner List; Rules Request: For a copy of the winner list, send a stamped, self-addressed, business-size envelope for arrival after November 26, 2018 before December 9, 2018, to the address listed below, Attn: #RT2Win at CES Sweepstakes.  To obtain a copy of these Official Rules, visit this link or send a stamped, self-addressed business-size envelope to the address listed in below, Attn: Sarah Grayson. VT residents may omit return postage.
  2. Intellectual Property Notice: McAfee and the McAfee logo are registered trademarks of McAfee, LLC. The Sweepstakes and all accompanying materials are copyright © 2018 by McAfee, LLC.  All rights reserved.
  3. Sponsor: McAfee, LLC, Corporate Headquarters 2821 Mission College Blvd. Santa Clara, CA 95054 USA
  4. Administrator: LEWIS Pulse, 111 Sutter St., Suite 850, San Francisco, CA 94104

The post Stay Secure and Your Wallet Full with Our Holiday Shopping #RT2Win Sweepstakes! appeared first on McAfee Blogs.

The Who, What, and How of Cyberbullying

The internet has allowed society to stay connected in more ways than ever before. We can speak to strangers across the globe, connect with loved ones in an instant, and share our lives publicly. As much as the internet has connected us in positive, eye-opening ways, its interactive nature has also created a new problem for active users everywhere – cyberbullying. Though the problem is becoming all too common, many out there don’t fully understand the ins and outs of cyberbullying. Let’s take a deep dive into the phenomenon.

What is Cyberbullying

Just like it sounds, cyberbullying is when bullies take their insults and ill will to the internet. According to StopBullying.gov, “Cyberbullying is bullying that takes place over digital devices like cell phones, computers, and tablets. Cyberbullying can occur through SMS, Text, and apps, or online in social media, forums, or gaming where people can view, participate in, or share content. Cyberbullying includes sending, posting, or sharing negative, harmful, false, or mean content about someone else.” The key objective of cyberbullying is to embarrass the subject of the attack, though sometimes the bully can view the act as justified revenge or simply non-intentional.

Types of Cyberbullies

Evolved from the classic schoolyard bullies of old, these cyberbullies can actually take a variety of forms depending on their attack vector and intent. In fact, there are said to be four types of cyberbullies: the Vengeful Angel, the Power Hungry Cyberbully, Revenge of the Nerds/Inadvertent Cyberbully, and Mean Girls. The Vengeful Angel bullies in order to protect the weak/other victims, and often take the action to protect a loved or friend. The Power Hungry archetype, however, is just a nasty, unkind person who wants to display dominance and control over others. Then there’s the Inadvertent Cyberbully, who are usually the ones getting bullied online or in real life and are typically trying to enact some form of justice or revenge anonymously from the web. Mean Girls are the opposite – and take their online actions in order to impress a group of friends or gain social status.

Cyberbullying Methods

Not only is there a variety in the kind of bullies across the web, but also a plethora of types of cyberbullying techniques these meanies use to bother their victims. First and foremost, there’s Harassment, which involves repeated, offensive messages sent to a victim by a bully on some type of online medium. These messages can be rude, personal, and even threatening, with one recent example emerging between two wives of professional hockey players. Similar to harassment is Flaming – an online fight conducted via emails, social media messages, chat rooms, you name it.

Then there are very targeted attacks, named Exclusion and Outing. With Exclusion, cyberbullies select one individual to single out. Exclusion is a popular method, with examples popping up everywhere, from high students in Iowa to well-known celebrities. With Outing, these harassers share private information, photos, and videos of a single person to humiliate them online. There’s also the anonymous angle, AKA Masquerading, where a cyberbully creates a fake online identity to belittle, harass, and degrade their victim – which a nurse in New Zealand was a victim of for a whopping 5 years.

Next Steps for Both Parents and Kids

Typically, cyberbullying is a common occurrence amongst teens who are navigating the trials and tribulations of middle school and high school. But that doesn’t mean its exclusive to teens, and that doesn’t mean there aren’t steps parents and kids alike can do to stop cyberbullying in its tracks.

If you’re the subject of cyberbullying, the first thing you need to do is block the bully. Then, make sure you collect evidence – take screenshots, print the proof, do whatever you can do have material to back up your claim. It depends on the type of cyberbullying at work, but you can also use the internet to your advantage and look up relevant resources/hotlines/support to aid with your issue.

If you’re a parent, the most important thing is communication. Make yourself available as a resource and remind your kids that they can tell you anything that’s happening in their online world. Beyond that, continuously weave cybersecurity into your family discussions. Remind kids of the simple steps they can take to be safe online, and make sure they know when to flag a cyberbully or online scheme.

There are also technical avenues you can take to protect your kid online. Look into solutions that will help you monitor your family’s online interactions, such as McAfee Safe Family. This solution, for instance, can help you set rules and time limits for apps and websites and see what your kids are up to at a glance. Of course, these solutions are not the be-all and end-all for stopping cyberbullying, but they can help.

Now, there’s still a lot more research that has to be done to fully understand the cyberbullying problem society is faced with. So as this problem continues to evolve, so must the research, solutions, and regulations that will be created to combat the issue. With the right proactive action, people everywhere can stand up to cyberbullies.

To learn more about family safety and our approach to it, be sure to follow us at @McAfee and @McAfee_Home.

The post The Who, What, and How of Cyberbullying appeared first on McAfee Blogs.

Holiday Stress Can Make You More Careless Online

Holiday stress. Every year, come November, my resting heart rate starts to rise: the festive season is approaching. Not only is there so much to do but there’s so much to spend money on. There are presents to purchase, feasts to prepare and party outfits to buy. Throw in a holiday to fill the long Summer break, and both the credit cards and my stress levels are starting to rapidly increase!

Holiday Financial Stress Results in Poor Decision Making Online

But did you know that this stress can affect our online safety? Research conducted by McAfee shows that almost 80% of us believe the holiday period causes financial stress. And nearly half of us (46%) believe the stress of the holiday season can cause us to behave carelessly online.  Risky behaviours can put our online safety at risk. For instance, using public Wi-Fi to snag a last-minute purchase. Or buying something from an unfamiliar website because it’s cheaper.

Aussie Shoppers Love an Online Bargain 

In 2017, Aussies spent a record $21.3 million online – a whopping 19% increase over 2016. McAfee’s research shows that Aussie consumers love securing a bargain online – who doesn’t!! But many will seek out a great deal even if it means potentially jeopardising their online safety. The research shows that 64% of consumers are willing to use an unfamiliar website if it means they can save money on their purchase. Even more concerning, a third of Aussies admitted to clicking links in suspicious emails for better deals!! Yikes!!

The Thing Is, Cyber Criminals Love Your Holiday Shopping Too

Cyber criminals work very hard to take advantage of us during the busy Holiday season. They come up with all sorts of ingenious ways to target time-poor and budget-conscious consumers online. They know very well that many of us will cut corners with our online security. Particularly if we think we can save money on presents, outfits or even a holiday.

And they scheme accordingly: charity phishing emails, fake online stores, bogus delivery emails, e-voucher scams and more. Cyber criminals have tried and tested strategies to either steal our personal information or our identity.

How You Can Stay Safe While Shopping Online This Holiday Season

So, don’t feel like you need to battle the crowds at Westfield this festive season. You can still shop online safely if you follow a few simple steps:

  1. Connect with Caution

Public Wi-Fi is just so convenient, but it is a risky business. Users could unknowingly share their personal information with cyber criminals who are snooping on the network. So, if you absolutely have to use public Wi-Fi for a great online shopping deal, always use a Virtual Private Network (VPN) such as McAfee Safe Connect which creates a bank-grade encrypted connection.

  1. Think Before You Click

One of the easiest ways for a cyber criminal to target victims is using phishing emails to trick consumers into sharing their personal information. Phishing emails could be disguised as holiday savings or even a shopping notification. Instead of clicking on a link in an email, always check directly with the source to verify an offer or shipment.

  1. Always Shop with Security Protection

Shopping online without security protection is like driving without a seat belt – dangerous! Comprehensive antivirus software like McAfee Total Protection will help shield your devices against malware, phishing attacks and other threats. It also provides a firewall, an anti-spam function, parental controls and a password management tool. A complete no-brainer!

But this year, I’m going to commit to lowering my stress. That way I can really enjoy my time with my family and friends. To get ahead of the game I plan to:

  • Start my online shopping earlier so I don’t ‘cut corners’ with my online safety,
  • Create a realistic budget, and
  • Start filling my freezer with some holiday food – now

And most importantly, get that resting heart rate under control!!

Happy Holidays Everyone!

Alex xx

The post Holiday Stress Can Make You More Careless Online appeared first on McAfee Blogs.

Be the Child On Children’s Day – Try Out Role Reversal To Build Better Bonds With Your Kids

November 14th is a day children in India keenly look forward to. Schools and neighbourhoods gear up to make the day a memorable one for the children; TV channels run continuous children’s special serials and movies and there is no pressure at home to study.

At the Facebook Safety Summit panel discussion, where I recently participated, a lady from the audience expressed her inability to understand her teen. They seemed to be living in different dimensions! I suggested she work with him to help her become tech-savvy.

One Teacher’s Day program that was a great hit in my school was when teachers pretended to be a students and presented a farce. The children just loved it! Why can’t we do this at home sometimes?

There will always be situations when children would need to be reminded of their boundaries and you need to put on your parent-mantle and say, “Because I said so!” Parents need to be both firm and loving. But what if you are in uncharted territories like the digital world? Where your knowledge of the latest social media developments is limited compared to that of your children? How can you establish yourself as an authority your children will respect, obey and turn to for guidance if you are not a digital literate? Who will you turn to for cyber surfing tips?

Your children.

Yes, you heard that right. Turn the table around and be the student for a change. Let your kids teach you about the digital world. You can encourage them by asking about security, privacy, cyberbullying, fake news, risky games and other topics that concern you. Check out how they download apps. Be prepared for some amazing conversations and insights into their digital hygiene awareness. You will know whether they are mature enough to handle tricky situations. If you buy a new device, consult them on securing it and activating 2-factor authentication.

Benefits of digital role reversals

  1. Set an example: Children learn a lot by observing their parents. So, if you don’t hesitate to ask them when in doubt, they wouldn’t either. Also, if parents practice digital balance, kids will usually follow suit.
  2. Promote mutual understanding, trust and respect: Commend your kids when they share valuable tips. Your words would act like an instant confidence booster and make them feel all grown-up and responsible.
  3. Extend real life education to cover the digital one: You can establish this during your conversations about how you think real world lifeskill lessons apply to the virtual space. Talk about peer pressure, good manners, diplomacy, etiquette, etc. to drive home the point.
  4. Better understanding of child’s digital world: Think about all that you can learn! You have first-hand knowledge of the apps they use and can later Google them to learn more about associated risks, if any. You get an idea about what’s trending, the new online threats and also what interests your kids and how they spend time online.
  5. Opportunity to test their cyber security awareness: Dig deep to get to know how kids secure their accounts and the content they create. Also, have a detailed chat about the merits of using licensed security tools vis-à-vis a free basic one. This lesson will last them a lifetime and ensure their online safety so spend time on this on a regular basis.

This Children’s Day, try out a bit of role reversal and pick up tips on being a savvy digital citizen from your kids. Not only will they feel proud of helping you become a smart device user, you also get to understand how they view digital media, online friendship, cyber safety and data privacy. With one stroke, you will both empower your kids and also strengthen your bonds with them. You are without doubt, your children’s best teacher and well-wisher. So, with their interest in heart, be the kid sometime.

Happy Children’s Day to all your precious angels.

The post Be the Child On Children’s Day – Try Out Role Reversal To Build Better Bonds With Your Kids appeared first on McAfee Blogs.

Shop till You’re Hacked? 3 Tips to Stay Secure this Holiday Season

With just days until Black Friday, the unofficial kick off to the holiday shopping season is quickly approaching. In anticipation of the busiest time of year for e-commerce, this year we conducted a survey, Stressed Holiday Online Shopping, to understand how financial pressure can impact buyer behavior when it comes to online purchasing and cybersecurity. Let’s take a look at what we can learn from our key findings we garnered from surveying 2,472 adults in the U.S. between the ages of 18 and 55, dive into how the results can help consumers avoid the common pitfalls of holiday shopping and cybersecurity, and learn how they can protect both their devices and digital lives this season.

Deals, deals, deals! When it comes to online shopping, consumers care about saving money

The economic burden of the holidays is something consumers know all too well. With an onslaught of holidays and parties in which gifts are expected for family, friends, or co-workers, it’s no wonder that 79 percent of survey respondents said that holiday shopping puts financial stress on them and/or their families. No doubt, from stretching a budget and bargain shopping to attempting to purchase several perfect gifts when sales are fleeting, browsing and purchasing for the holidays can feel overwhelming, which may be why 53 percent of respondents shared that stress can lead them to be careless when online shopping.

More than half of consumers (56 percent) said that they would use a website they were unfamiliar with if it meant they would save money, while 51 percent shared they would purchase an item from an untrusted online retailer to get a good deal. Thirty-one percent would click on a link in an email to get a bargain, regardless of whether they were familiar with the sender.

This season, many will make online purchases, many will use their phones to do so, and even more will unknowingly put themselves at risk when it comes to cybersecurity

When a good deal pops up, it’s hard to pass up – whether you’re in a tricky financial situation or not. This especially rings true when it comes to mobile purchases. The convenience of our phones – which are always with us – lends itself to taking advantage of deals and flash sales that pop up to make impulsive purchases. This always-on access also paves the way for the path to purchase to be much faster and to occur more often.

Perhaps the accessibility that mobile provides is why this holiday season, e-commerce industry experts are predicting that for the first time ever, more online purchases will be made with mobile phones than any other device. That’s right; rather than reach for a laptop or tablet or call out to our virtual assistants, 68 percent of e-commerce visits will be made from our smartphones that are always by our side – whether we’re in a secure setting or not. In fact, 22 percent of McAfee survey respondents shared that they would make online purchases over public or unsecured Wi-Fi, which could potentially expose their private information and payment details.

Our survey also found that while only 6 percent of respondents would be willing to risk having their bank account details fall into the wrong hands for a good deal, 39 percent would risk sharing their email address, 25 percent would wager their phone number, and 16 percent would provide their home address. The problem with this mentality is that through common attacks like phishing, it takes only a bit of information to lead a hacker to gain more of your personal information under the right circumstances. These results illustrate that when it comes to shopping online –regardless of device type– consumers are in it for the holiday deals while unknowingly ignoring their cybersecurity in the process.

Consumers use a variety of ways to discern whether a site or content is unsafe, but rarely report phishing

Fortunately, most people aren’t completely throwing caution to the wind in terms of cybersecurity. Our survey found that consumers use a variety of tricks to scrutinize a website or email in order to interpret safety and danger signals. Half of the respondents check the website design to make sure it looks professional, and 49 percent check for spelling and grammar.

However, 14 percent shared they had no idea how to verify a website and wouldn’t know where to start. Similarly, many people are unfamiliar with how to discern a fake mobile app from an official one. Which is troubling, since last year it was reported that one in 25 Black Friday apps were fake, with at least 15 malicious Black Friday apps for each of the top five U.S. e-commerce brands.

Tips to Stay Safe While Online Shopping This Year

Between the impact of stress on online behavior and constantly evolving cyberthreats, it’s clear that there is a need for re-education on how to stay safe online, especially as cybercriminals are becoming smarter and more relentless. This holiday season, before you whip out those credit cards and mobile devices, consider these tips:

  • Always connect with caution. Public Wi-Fi might seem like a good idea, but if you are not careful, you could be unknowingly be exposing personal information or credit card details to cybercriminals who are snooping on the network. If you have to conduct transactions on a public Wi-Fi connection use a virtual private network (VPN) such as McAfee® SafeConnect to help keep your connection secure.
  • Think before you click. One of the easiest ways for a cybercriminal to compromise your system is by using phishing emails to lure consumers into clicking links for products or services that could lead to malware, or a phony website designed to steal personal information. If the deal seems too good to be true, or the email was not expected it’s always best to check directly with the source.
  • Browse with security protection. Use comprehensive security protection, like McAfee Total Protection, which can help keep devices protected against malware, phishing attacks, and other threats. It includes McAfee WebAdvisor which can help identify malicious websites.

Starving for more stats? Check out last year’s survey on hackable holiday gifts. Stay on top of the latest consumer and mobile security threats by following @McAfee_Home on Twitter, and ‘Like’ us on Facebook.

The post Shop till You’re Hacked? 3 Tips to Stay Secure this Holiday Season appeared first on McAfee Blogs.

A New Security Age Needs a New Approach to Security

Security evolves to meet the needs of the age. Keys, for example, were created to secure homes and possessions. Encryption, the elements of which stretch back for thousands of years, filled the need to secure messages over a long distance. Security – as both a concept and an industry — is relatively simple to understand but can be difficult to execute, and execute well. It seems, especially these days, that there’s no end to the stream of devices in need of securing — from traditional exposure points like computers and websites to newly internet-connected devices like refrigerators. But with these new devices comes new challenges – and new security strategy must emerge as a result.

At first, consumers protected their devices with passwords, which continue to be used to this day. Then, as the internet built out, early cybercriminals realized they could send messages to computers that would collect passwords, giving them access to a personal computer. This, of course, is a virus, also known as malware and we collectively responded to it with antivirus programs.

But two new developments in technology have upended the equation. First, the miniaturization of processors, which has led to a massive boom in computing devices. Second, the rapid adoption of wireless technology, which has created a nearly always-on environment with almost various paths to connect to the internet. The combination of these two developments has given us the Internet of Things (IoT).

Now, we’re always surrounded by digital devices — a trend that’s likely to continue given the accumulation of technology over time, and with these devices we leave a trail of data everywhere we go. To secure this personal data, security has to evolve. To us at McAfee, these needs can be broken out into four key concepts for consumers:

• Identity
• Privacy
• Data
• Anonymity

To secure these four facets, we recognize the need for advanced security that doesn’t get in the way of our use of technology. As a leader in the security industry, we’re working with partners and consumers to create a seamless security experience that enables users today to fearlessly embrace new technological developments and connect with confidence. Such an experience, however, requires a new approach, one designed to protect today’s IoT environments and keep its users safe and secure without impeding on functionality. At McAfee, we’re working hard to provide you with a superior, easy-to-use platform that seamlessly protects you and your family’s data and devices.

When it comes to protecting your devices, and your privacy, in this day and age, it pays to stay one step ahead. To learn more about consumer security and our approach to it, be sure to follow us at @McAfee and @McAfee_Home.

The post A New Security Age Needs a New Approach to Security appeared first on McAfee Blogs.

Hackable?, the Original Podcast from McAfee, is Back for Season Three

Here at McAfee, everything we do is driven by our desire to make the digital world more secure. The proliferation of internet-connected technology has made cybercrime the greatest challenge of the digital age.

But we can’t fight it alone.

That’s why as Chief Consumer Security Evangelist, one of my biggest concerns is raising cybersecurity awareness. The more we can educate and collaborate, the better we can fight cybercrime together.

That’s why I’m so excited to announce that our award-winning podcast “Hackable?” has returned for its third season. I’m proud that its resonated and been downloaded millions of times by loyal listeners.

For two seasons, host Geoff Siskind and cybersecurity expert Bruce Snell have used rich storytelling and expert advice to captivate audiences while raising cybersecurity awareness. Each episode, Geoff invites a white-hat hacker to try and crack a device he is using. These hacks are inspired by TV shows and movies, and in the second season, he put his own passwords and credit cards on the line and was even trapped in an internet-connected car wash.

In the third season, Geoff is going to strap on a hacked virtual reality headset, risk his laptop’s security, investigate if drones are vulnerable and much more.

Thankfully, Bruce is there to provide tips and help make sure that none of this happens to any of the show’s listeners.

After all, internet-connected devices are great. They offer entertainment, utility, and convenience. “Hackable?” isn’t about scaring you from using smart technologies, but about raising awareness so that you can understand where they are susceptible to a cyberattack. Often, a few simple steps are all it takes to protect you, your home, your loved ones, and your personal data.

New episodes of Hackable? will launch every two weeks. Listen on Apple Podcasts, Spotify, Castbox, Stitcher, Google Podcasts, and Radio Public. Don’t forget to rate, review, and subscribe! Check out the podcast site for bonus content, illustrations, and a behind-the-scenes look at each episode.

And, of course, stay on top of the latest consumer and mobile security threats by following me and @McAfee_Home on Twitter, and ‘Like’ us on Facebook.

The post Hackable?, the Original Podcast from McAfee, is Back for Season Three appeared first on McAfee Blogs.

Beware: Zombie IoT Botnets

The ghosts and ghouls of October have come and gone, but the dangers lurking behind virtual walls have hardly disappeared. The threat of zombie bots is real, and it exists 365 days out of the year. Zombie bots, or devices that are taken over by hackers to disseminate different types of malware, viruses, or spam to other Internet-connected gadgets, are no longer limited to just home computers. As executed in the Mirai botnet attack, they’ve expanded into the world of IoT connected devices, too.

Adding to their complexity, zombie bots are not just limited to one feature or attack; they can be morphed into whatever their ‘master’ wants them to be. From logging keystrokes or searching through files to updating malware and downloading more malware onto an infected device, zombie botnets are ever-evolving.

To a hacker, zombie bots are more effective and infinitely stronger when they band together.  And so one by one, cybercriminals work to spread their malware of choice to devices to form an army of zombie bots, also known as a botnet. Massive botnets are used in distributed denial of service (DDoS) attacks, which are among the most intimidating types of attacks of which zombie botnet armies are capable. DDoS attacks are growing in number and severity; one report found that they’ve increased by 29% since Q2 2017, with the average attack size having increased by 543% to 26.37 Gbps.

The increase in DDoS attacks is attributed to large scale botnets comprised of insecure IoT devices. The adoption of IoT devices shows no signs of slowing down either. Today, there are currently 23.14 billion IoT devices worldwide. That number is predicted to grow exponentially just in the next 7 years to approximately 75.44 billion by 2025.

New variations of the Mirai and Gafgyt botnets exploit vulnerabilities found in IoT devices, including the security flaw that led to the massive Equifax breach of 2017. Just this past month, a botnet by the name of Chalubo was discovered by security researchers. By targeting poorly-secured IoT devices and servers, the Chalubo botnet compromises users’ devices for the purpose of executing a DDoS attack. Researchers also found that this botnet had copied a few code snippets from Mirai, demonstrating that cybercriminals have realized how effective this type of attack is.

So, why the rise in DDoS and other IoT botnet attacks? IoT devices like security cameras, smart lights, DVRs, and routers are particularly easy to remotely access because they often come with factory-set admin password setups, and many of us never change them to something more secure.  Our collective accumulation of connected devices shows no sign of slowing down, and without proper security in place, they are vulnerable to attacks. And what’s particularly troubling is that more often than not, zombie botnet armies operate in the shadows, unbeknownst to their owners.

Put simply, with more IoT devices in use, the risk of botnets increases, as does the need for awareness around this very real and potentially debilitating cyberthreat. While cybercriminals continue to try and leverage our own devices against us, the best way to protect your devices is through education and security best practices:

  • Keep your security software up-to-date. Whether it’s anti-virus, anti-spyware, or overall security, always keep your security solutions up-to-date. Software and firmware patches are ever-evolving and are made to combat newly discovered vulnerabilities, so be sure to update every time you’re prompted to.
  • Change your device’s factory security settings. When it comes to products, many manufacturers don’t think “security first.” That’s to say, your device can be vulnerable as soon as you open the box. By changing the factory settings you’re instantly upping your device’s security.
  • Proceed with caution when opening emails with file attachments or hyperlinks. One of the most common ways your device can become infected is by clicking on a bad link or attachment, through phishing or click fraud attempts. As a preventative safety measure, avoid engaging with suspicious messages altogether. You can often tell if the email is a hacking attempt if there is awkward language, improper spelling, or other signs. It’s a good idea to send spam directly to the trash.
  • Setup a separate IoT network. Consider setting up a second network for your IoT devices that doesn’t share access to your other devices and data. Check your router manufacturer’s website to learn how. Or, consider getting a router with built-in security features, making it easier to protect all the devices in your home from one access point.
  • Use a firewall. A firewall is a tool that monitors traffic between an Internet connection and devices to detect unusual or suspicious behavior. Even if a device is infected, a firewall can keep a potential attacker from accessing all the other devices on the same network. When looking for comprehensive security solution, to see if a Firewall is included to ensure that your devices are protected.

Interested in learning more about IoT and mobile security trends and information? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post Beware: Zombie IoT Botnets appeared first on McAfee Blogs.

Light a Lamp This Diwali To Dispel the Darkness of Digital Literacy

One of my favourite Indian festivals is Diwali and I have a sneaky feeling I may have mentioned this a few times earlier too. There is so much of positivity attached to this festival- say the word Diwali, or Deepawali, and smiles will light up the faces of people, just like diyas light up houses and courtyards. The excitement the term Diwali will conjure up will be as crackling as the ‘green’ firecrackers kids have already kept ready to burst after the evening prayers.

“So how does Diwali remind you of Digital Literacy?” asked my son, as he peered over my shoulders and looked into my laptop.

“Everything reminds me of digital literacy, but Diwali more so because just like we light lamps of joy to dispel the darkness of evil and sorrow, similarly we can light lamps of knowledge or ‘gyana’ to dispel the darkness of ignorance or ‘agyana’.

Parents often ask me how to start a talk on digital habits with children, how to help them turn out to be good digital citizens and so on. Actually, it’s pretty easy to start a talk and if you are worried that you are not tech-savvy enough to teach your child about digital habits, do not worry. All you need to do is continue teaching the values you teach in real life. They apply to the online world too!

Take for example, language and manners. Think back on the ways you taught your child to greet others, talk civilly and keep their cool when the situation becomes aggressive. Now add the following to your lesson – ‘when online, remember the other person can’t see you so, will not be able to decipher your body language. Hence, it’s become even more important to take care of what you say online’.

You can also teach your kids to stand up against bullies and never bully others. How? Try the age-old dictum, “treat others as you want them to treat you.” Encourage them to share their problems with you and guide them on how to tackle bullies. If you find they are participating in cyberbullying, sit them down and talk to them, just like you would if they behaved badly offline. Find out the cause of their unpleasant behavior and help them resolve issues, if any.

A very important thing to teach kids, and adults alike, is to protect their devices. Use the lock-and-key concept to explain the need for securing devices and accounts with strong passwords and 2-Factor-Authentication. You may even get your child to help them secure their devices with branded security tools. This will definitely make your child feel important, and most importantly, responsible. A responsible child uses digital tools wisely.

Stretch your reach and help your friends and relatives learn how to use parental control tools to protect and monitor their young one’s online activities. If you check your security icon on the computer or laptop, you will be able to access parental controls and learn, through some easy-to-do steps, how to set it up.

Another way to make this Diwali count is to increase the scope of joy that you usually share – bring someone you know into the digital safety circuit. Gift them online security software and shield them from online threats.

Do share your family bonding pics during Diwali—tell us how you made Diwali in your family more meaningful this year.

Happy Diwali folks!

 

 

The post Light a Lamp This Diwali To Dispel the Darkness of Digital Literacy appeared first on McAfee Blogs.

The Connection Between IoT and Consumers’ Physical Health

When we think about how technology impacts our daily lives, we don’t really notice it unless it’s a big-picture concept. In fact, there are many areas where technology plays an outsized impact on our lives — and we hardly notice it at all. Traffic lights can be controlled remotely, thermostats can automatically warm or chill your home based on what season it is. The truth is, these small individual facets add up to a larger whole: the Internet of Things or IoT. IoT applications are endless, but can sometimes be insecure. Imagine if that were the case when it comes to the IoT devices designed to aid with our personal health.

IoT and our physical health are more related than many of us think, and their connection has led to revolutionary, preventative health care. Smartwatches monitor our overall health and fitness level thanks to miniaturized gyroscopes and heart rate monitors. This information can and has been used to warn people of impending heart attacks — giving them enough time to contact emergency services for help. Implants, such as pacemakers, can monitor a patient from afar, giving doctors a detailed analysis of their condition. These devices have advanced modern-day health care for the better, but their design can occasionally contain vulnerabilities that may expose users to a cyberattack.First, let’s consider the smartwatch. It’s a convenient tool that aids us in monitoring our daily well-being. But the data it collects could be compromised through a variety of attacks. For example, Fitbit suffered a minor breach in 2016, resulting in cybercriminals trying to scam the company’s refund system. In another example, Strava, a social network for athletes, saw its users suffer a spate of thefts — a potential consequence of sharing GPS coordinates from their IoT device.

Alternatively, flaws found in implants, such as pacemakers, cochlear and others can be leveraged by cybercriminals to conduct attacks that impact our physical well-being. That’s because many implants today can be remotely manipulated, potentially giving cybercriminals the tools they need to cause a patient physical harm. For example, a recent study from academic researchers at the Catholic University of Leuven found neurostimulators, brain implants designed to help monitor and personalize treatments for people living with Parkinson’s disease, are vulnerable to remote attack. If an attack were successful, a cybercriminal could prevent a patient from speaking or moving.

Remember, these IoT implants still do a lot more good than harm, as they give medical professionals unparalleled insights into a patient’s overall condition and health. They could also help design better treatments in the future. However, in order to be able to reap their benefits in a safe way, users just need to make sure they take proactive security steps before implementing them.

Before introducing an IoT device for health care into your life, make sure you take the time to do your research. Look up the device in question and its manufacturer to see if the device had any prior breaches, and the manufacturer’s actions or responses to that. Speak with your doctor about the security standards around the IoT implant, as well. Ask if its security has been tested, how it’s been tested and how an implant can be updated to patch any security-related issues. After all, technology is becoming a more significant part of our lives — we owe it to ourselves to secure it so we can enjoy the benefits it brings to the table.

To learn more about securing your IoT devices from cyberattacks, be sure to follow us at @McAfee and @McAfee_Home.

The post The Connection Between IoT and Consumers’ Physical Health appeared first on McAfee Blogs.

Together is Power: Why McAfee Partnered With British Telecom Group

Cybersecurity threats are growing in both number and strength day by day, making it almost impossible for any one person or organization to maintain a secure environment. This threat is potent, often indiscriminate, and puts both organizations and consumers at risk. Protection, therefore, requires an equally powerful and robust response.

But building a strong response to modern cybersecurity threats requires a concerted and distributed effort. That’s why we’ve partnered with British Telecom Group (BT), one of the largest telecommunications companies in the United Kingdom, to provide a comprehensive security solution that helps BT Broadband customers protect themselves against viruses with McAfee as the underlying cybersecurity technology.

The shift to the focus on security was due in part to a recent survey BT conducted to customers, asking about their digital landscape and what concerns they have over the future. A significant portion of those who participated in the survey (60 percent) said they see the value in cybersecurity protection and would recommend the service.

That’s reassuring for us at McAfee to hear, but it underlines the point that folks around the world are waking up to the need to join forces, orchestrate, and fight against cyberattacks. This need for additional protection also provides businesses with the opportunity to differentiate themselves as adding a security benefit to their offerings also enhances consumer appeal and trust.

BT, in particular, will give its subscribers a complete Security solution which includes McAfee protection called BT Virus Protect, which supports up to 15 devices including computers and Android phones and tablets. The BT Security offering also  automatically keeps kids safe with built-in parental controls. This package incorporates network and device security, call blocking, cloud backup and McAfee Password Manager – TrueKey. It’s a holistic solution for, as BT puts it, a simple reason.

“Keeping our customers safe online is a key priority for BT. That’s why we provide the most comprehensive free online security tools of any major UK broadband provider,” Andrew Kirkpatrick General Manager of Digital Products and Security for BT Consumer said. “To help us achieve this, we have a long-standing partnership with McAfee to provide their award-winning anti-virus to our customers.”

Every time we join forces against cybercriminals, we create the right conditions for a more secure digital world. That’s because a collective response to cyberthreats is better than going alone. Because together is power.

The post Together is Power: Why McAfee Partnered With British Telecom Group appeared first on McAfee Blogs.

Stay Smart Online Week 2018

Time for a Cyber Safety Check-Up?

Aussies love the internet. And the statistics just confirm it. In 2018, 88% of us describe ourselves as active internet users. And our social media usage is up there with some of the most prolific users worldwide with 60% of us active users on Facebook and 50% of us logging in at least once a day.

So, an annual reminder to take stock of our digital lives is a very good idea! Stay Smart Online Week is an initiative from the Australian Government designed to ensure we are all up to date with the latest cyber safety know-how. Kicking off from the 8th of October, I believe this annual event is the ideal opportunity for a yearly cyber safety check up.

We Are Choosing to Ignore the Risks

Research conducted by McAfee shows that many of us are very aware of the risks associated with our online behaviour but simply choose to ignore them. For example, 30% of Aussie parents are continuing to regularly post pics of their kids online despite 50% of us being concerned by the associated risks including paedophilia, stalking and cyberbullying. Is it the lure of likes, the surge of dopamine or just the face we are all time poor that affects our rational brain?

Keeping It Simple

I know many of us feel a little overwhelmed at the thought of staying on top of our online safety. We don’t know where to start, have very little time and, quite frankly, we’d rather be doing something else! But not taking your online safety seriously is a little like leaving like leaving your house unlocked. It puts your privacy and even your financial safety at risk.

But the good news is there are a host of simple, quick, steps you can take to ensure you are doing all you can to protect yourself online. So, make yourself a cuppa and let’s get to work. Here are 3 three things you can start to put in place today to secure yourself and your devices.

1. Protect ALL Your Devices

I bet if you added up the internet connected devices in your household, you’d be staggered at the figure. My latest count was over 30! And the figure is only going to increase. Research shows that by 2025 there will be approximately 75 billion connected devices worldwide from wearables and pacemakers to thermometers and smart plugs.

These devices will absolutely make our lives easier, but the reality is that many internet-connected devices (IoT) lack built in security features making them vulnerable to hacking and malware. In 2018 alone, McAfee uncovered numerous major security flaws in virtual assistants and smart plugs.

Here’s what you need to do:

  • Install comprehensive security software on your laptops, tablets and smartphones. McAfee’s Total Protection software will ensure you and your devices are protected against viruses, malware spyware and ransomware.
  • Secure your Internet Connected Devices. While there is no security software for Internet Connected (IoT) devices, you can still minimise the risks by changing the default password on your devices straight after purchasing and ensure you keep the device’s software up to date. And spend some time researching your purchases before committing. Focus on devices that have been on the market for a while, have a name brand, or have a lot of online reviews. Chances are that the device’s security standards will be higher, due to being vetted by the masses.

2. Think Before You Click

Our love of ‘all things celebrity’ has not escaped the attention of online scammers. In fact, these scammers spend a lot of time creating celebrity based professional looking websites that promise celebrity news stories or movie downloads. Unfortunately, the promised content requires a malicious link to be clicked that usually contains spyware or malicious software. These sites may also require users to set up an account. Unsuspecting visitors will then provide their email addresses and passwords to the site not realising that their details have been compromised.

New McAfee research reveals that Aussie model, MTV VJ and Orange is the New Black actress, Ruby Rose is the most dangerous celebrity to search for online. Using terms such as ‘free torrent’, ‘sex tape’ and ‘free pics’, McAfee was able to determine the riskiest celebrities to search for across the globe, as consumers often drop their guard in the name of convenience and speed to access content from their favorite celebs.

Here’s what you need to do:

  • Be careful what you click. Users looking for a sneak-peek of Ruby Rose starring in Batwoman should be cautious and only download directly from a reliable source. The safest thing to do is to wait for the official release instead of visiting a third-party website that could contain malware.
  • Apply system and application updates as soon as they are available. Very often the operating system and application updates include security fixes. Applying updates is an important step to help ensure devices stay protected.
  • Use parental control software. Kids are fans of celebrities too, so ensure that limits are set on the child’s device and use software that can help minimise exposure to potentially malicious or inappropriate websites.

3. Protect Your Personal Information Online

Most consumers would think twice when asked for their credit card information or address online but don’t take the same precautions when posting photos of themselves and their children online.

Recent McAfee research shows that despite 50 percent of parents being concerned by the risks such as pedophilia, stalking and cyberbullying when posting photos of their children online, 30 percent post a picture of their child online once a week, and 40 percent post photos of their child in school uniform on a regular basis.

Here’s what you need to do:

  • Set Ground Rules with Friends and Family. Be clear with friends and family about your expectations when they post images of your kids. If you are uncomfortable with anything they post, you are well within your rights to ask them to remove it.
  • Don’t Forget About Your Child’s Digital Reputation. Everything that is posted about someone forms part of their digital reputation. Always consider whether what you are considering posting could negatively impact this. And encourage your teens to regularly check the posts and images they are tagged in online too.
  • Ask for Consent But Be Prepared for Your Child to Say NO. Asking for an older child’s consent before you post pics is essential but be prepared for them to say NO! Remember, a good relationship is built on trust and respect!

So, go forth and continue to enjoy everything the internet has to offer BUT please take some time this Stay Smart Online Week to check in and see whether you may need to ‘tweak’ any of your online behaviours. And while you are at it – don’t forget about the kids. Why not put it on the agenda to discuss around the dinner table this week? Some of the most important conversations you will ever have with your kids will be around the dinner table!

Take Care

Alex xx

 

The post Stay Smart Online Week 2018 appeared first on McAfee Blogs.

How to Protect Your Connected Devices from Common Cyberattacks

When it comes to internet security, we all suffer from a condition known as optimism bias. It’s the simple idea that we, individually, won’t be affected negatively by an externality compared to others. The same mental distortion happens in the digital world. We read a lot about cybercrime and assume the consequences of those attacks won’t reach or affect us. The problem is, that’s optimism bias at work — and it is what fuels a cybercriminal’s success.

No one expects to lose control over their digital lives, but it does happen, and it can happen to you. And securing your information after a cyberattack is becoming less tenable. In fact, the total number of malware samples has grown almost 34%, more than 774 million, over the past four quarters according to the latest McAfee Labs Threats Report, hitting all-time highs in the second quarter of 2018. Fortunately, there are proactive steps you can take to secure yourself from the most active cyberattack methods.

Phishing Attacks

Cybercriminals use phishing attacks try to and trick you into clicking on a malicious link or download a malicious file. And they have pretty good odds of succeeding if they’re persistent. That’s because phishing attacks try to come across as trustworthy, appearing from a source a victim knows or trusts, like authoritative organization. It’s a common and powerful technique.

A few simple steps can protect you. Examine an email’s sending address if you suspect anything. If you don’t know the sender, or the email’s content doesn’t seem familiar, remain wary and avoid interacting with the message. If you’re unsure, simply reach out to the apparent sender through a different channel, like a phone call or a different email account, that you found through your own research.

Unpatched Software

Unpatched, un-updated, and old software is one the most exploited attack avenues by far. That’s because new software vulnerabilities or bugs are found all of the time, and cybercriminals can use them to compromise a device. The longer software goes without an update, the long cybercriminals have to find these vulnerabilities and exploit them.

The best way to stay a step ahead of active cybercriminals is to update your device’s software as often as possible. Updates often contain security patches blocking newly discovered attack avenues. Getting into a good update habit, too, is becoming increasingly critical as more and more devices connect to the internet. Speaking of which…

The Internet of Things

The Internet of Things, or IoT, is officially here — and we’re not just talking about internet-connected refrigerators or television sets. IoT devices encompass toys and cars to watches and even clothing. All this available computing means cybercriminals have more opportunities than ever before to find and exploit vulnerabilities in everyday objects.

But, again, there are reliable, proactive defenses. First, make sure that, if your smart device or service requires an account, you use a complex and unique password. This means using numbers, symbols and upper and lower case letters. A password manager can help you create strong and unique passwords. Second, typically, if there’s software, there’s an update. Make sure you’re aware of any and all updates to your IoT devices and apply them as soon as you can. If you have an IoT device where updating is difficult, such as a thermostat, you’ll need a more holistic approach. Look for security services, like McAfee Secure Home Platform, designed for a home connected through a protected router that’s enhanced with advanced security analytics.

Finally, and this is a good rule in general, use a comprehensive security solution to protect your technology landscape. It’s a lot bigger than you think and growing every day with each new user account, IoT device or computer you use.

To learn more about securing your personal devices from cyberattacks, be sure to follow us at @McAfee and @McAfee_Home.

The post How to Protect Your Connected Devices from Common Cyberattacks appeared first on McAfee Blogs.

Ileana D’Cruz Tops ‘McAfee Most Sensational Celebrity’ List for 2018

We Indians love our movies and actors and voraciously consume all Page 3 gossip tidbits on them. Our love affair with the celluloid world knows no boundaries – we love our old movies and new; masala movies and art movies. When we hang out, movies will find their way into our discussions. When we organize cultural events, we resort to the latest Bollywood flicks for dance ideas and our fashion is also heavily influenced by our screen idols. Of course, we also search for artists and musicians, Olympics and Asiad winners, writers and poets. But the screen gods and goddesses dominate all searches.

Cyber criminals are well aware of this trait and make full use of it to send across malware or to launch phishing attacks. An innocent search for celeb news could land a user in the murky world of viruses, hacking and scam. In the interest of cyber security, McAfee researches famous individuals globally to reveal which celebrities generate the riskiest search results that could potentially expose their fans to malicious websites. The aim is to stress on the dangers of clicking on suspicious links when searching for celebrity-focused content.

The McAfee survey reveals that the svelte actor, Ileana D’Cruz, as the Most Sensational Celebrity in India, in 2018!

For those new to the survey, the term ‘sensational’ indicates the level of risks linked to online searches involving their names. Which basically means that if you were looking up more details on Ileana D’Cruz and keyed in ‘Ileana + movies’, there is a chance of the search showing unsafe pages and links. The prudent thing to do, is to be aware of what you are clicking on, and use tools like a website reputation checker and a comprehensive security solution.

Let’s end the suspense, readers. You already know Ileana D’Cruz tops the list. Surprisingly, both the 2016 and 2017 toppers, Sonakshi Sinha and comedian Kapil Sharma, failed to make it to the Top 10 this year. Another significant finding is that female actors reign supreme, taking the top three ranks, in contrast to last year, when male actors dominated the top three spots.

Announcing the Top 10 Sensational Celebs from the 2018 McAfee Study:

Now that we are aware and informed, it’s time to learn a few tricks to safeguard our online searches.

Quick Tips on How to Search Safely –

  • Be careful what you click. Users looking for latest movies of Ileana D’Cruz should be cautious and only download directly from a reliable source. Do not give in to temptation and click on links or websites that promise ‘free’ downloads of movies/songs/posters etc. It is better to wait for the official release instead.
  • Turn Auto Updates on for your security solutions and OS: Prevention is way better than cure – your OS and security solution providers keep sending updates to plug vulnerabilities and enhance security. Do not fail to apply these updates, for they are needed to protect your device.
  • Browse with security protection: I have already referred to this above when explaining how cyber criminals capitalize on searches for celebs online. Avoid their trap- use McAfee Total Protection which will offer comprehensive protection against malware, phishing attacks, and other threats. It includes McAfee WebAdvisor which can help protect against going to malicious websites.
  • Use parental control software. Kids are fans of celebrities too, so ensure that limits are set on the child’s device and use software that can help minimize exposure to potentially malicious or inappropriate websites.

 

The post Ileana D’Cruz Tops ‘McAfee Most Sensational Celebrity’ List for 2018 appeared first on McAfee Blogs.

#CyberAware: Will You Help Make the Internet a Safe Place for Families?

National Cyber Security Awareness MonthDon’t we all kinda secretly hope, even pretend, that our biggest fears are in the process of remedying themselves? Like believing that the police will know to stay close should we wander into a sketchy part of town. Or that our doors and windows will promptly self-lock should we forget to do so. Such a world would be ideal — and oh, so, peaceful — but it just isn’t reality. When it comes to making sure our families are safe we’ve got to be the ones to be aware, responsible, and take the needed action.

Our Shared Responsibility

This holds true in making the internet a safe place. As much as we’d like to pretend there’s a protective barrier between us and the bad guys online, there’s no single government entity that is solely responsible for securing the internet. Every individual must play his or her role in protecting their portion of cyberspace, including the devices and networks they use. And, that’s what October — National Cyber Security Awareness Month (NCSAM) — is all about.

At McAfee, we focus on these matters every day but this month especially, we are linking arms will safety organizations, bloggers, businesses, and YOU — parents, consumers, educators, and digital citizens — to zero in on ways we can all do our part to make the internet safe and secure for everyone. (Hey, sometimes the home team needs a huddle, right!?)

8 specific things you can do!

National Cyber Security Awareness Month

  1. Become a NCSAM Champion. The National Cyber Security Alliance (NCSAM) is encouraging everyone — individuals, schools, businesses, government organizations, universities — to sign up, take action, and make a difference in online safety and security. It’s free and simple to register. Once you sign up you will get an email with a toolbox packed with fun, shareable memes to post for #CyberAware October.
  2. Tap your social powers. Throughout October, share, share, share great content you discover. Use the hashtag #CyberAware, so the safety conversation reaches and inspires more people. Also, join the Twitter chat using the hashtag #ChatSTC each Thursday in October at 3 p.m., ET/Noon, PT. Learn, connect with other parents and safety pros, and chime in.National Cyber Security Awareness Month
  3. Hold a family tech talk. Be even more intentional this month. Learn and discuss suggestions from STOP. THINK. CONNECT.™ on how each family member can protect their devices and information.
  4. Print it and post it: Print out a STOP. THINK. CONNECT.™ tip sheet and display it in areas where family members spend time online.
  5. Understand and execute the basics. Information is awesome. But how much of that information do we truly put into action? Take 10 minutes to read 10 Tips to Stay Safe Online and another 10 minutes to make sure you take the time to install a firewall, strengthen your passwords, and make sure your home network as secure as it can be.National Cyber Security Awareness Month
  6. If you care — share! Send an email to friends and family informing them that October is National Cybersecurity Awareness Month and encourage them to visit staysafeonline.org for tips and resources.
  7. Turn on multi-factor authentication. Protect your financial, email and social media accounts with two-step authentication for passwords.
  8. Update, update, update! This overlooked but powerful way to shore up your devices is crucial. Update your software and turn on automatic updates to protect your home network and personal devices.

Isn’t it awesome to think that you aren’t alone in striving to keep your family’s digital life — and future — safe? A lot of people are working together during National Cyber Security Awareness Month to educate and be more proactive in blocking criminals online. Working together, no doubt, we’ll get there quicker and be able to create and enjoy a safer internet.

 

 

Toni Birdsong is a Family Safety Evangelist to McAfee. You can find her onTwitter @McAfee_Family. (Disclosures)

The post #CyberAware: Will You Help Make the Internet a Safe Place for Families? appeared first on McAfee Blogs.

Understanding Your Kid’s Smart Gadgets

When people think about IoT devices, many often think of those that fill their homes. Smart lights, ovens, TVs, etc. But there’s a whole other type of IoT devices that are inside the home that parents may not be as cognizant of – children’s toys. In 2018, smartwatches, smart teddy bears, and more are all in kids’ hands. And though parents are happy to purchase the next hot item for their children, they sometimes aren’t fully aware of how these devices can impact their child’s personal security. IoT has expanded to children, but it’s parents that need to understand how these toys affect their family, and what they can do to keep their children protected from an IoT-based cyberthreat.

Now, add IoT into the mix. The reason people are commonly adopting IoT devices is for one reason – convenience. And that’s the same reason these devices have gotten into children’s hands as well. They’re convenient, engaging, easy-to-use toys, some of which are even used to help educate kids.

But this adoption has changed children’s online security. Now, instead of just limiting their device usage and screen time, parents have to start thinking about the types of threats that can emerge from their child’s interaction with IoT devices. For example, smartwatches have been used to track and record kids’ physical location. And children’s data is often recorded with these devices, which means their data could be potentially leveraged for malicious reasons if a cybercriminal breaches the organization behind a specific connected product or app. The FBI has even previously cautioned that these smart toys can be compromised by hackers.

Keeping connected kids safe  

Fortunately, there are many things parents can do to keep their connected kids safe. First off, do the homework. Before buying any connected toy or device for a kid, parents should look up the manufacturer first and see if they have security top of mind. If the device has had any issues with security in the past, it’s best to avoid purchasing it. Additionally, always read the fine print. Terms and conditions should outline how and when a company accesses a kid’s data. When buying a connected device or signing them up for an online service/app, always read the terms and conditions carefully in order to remain fully aware of the extent and impact of a kid’s online presence and use of connected devices.

Mind you, these IoT toys must connect to a home Wi-Fi network in order to run. If they’re vulnerable, they could expose a family’s home network as a result. Since it can be challenging to lock down all the IoT devices in a home, utilize a solution like McAfee Secure Home Platform to provide protection at the router-level. Also, parents can keep an eye on their kid’s online interactions by leveraging a parental control solution like McAfee Safe Family. They can know what their kids are up to, guard them from harm, and limit their screen time by setting rules and time limits for apps and websites.

To learn more about IoT devices and how your children use them, be sure to follow us at @McAfee and @McAfee_Home.

The post Understanding Your Kid’s Smart Gadgets appeared first on McAfee Blogs.

The Rise and Rise of the Cyber Economy – PandaLabs Q1 2017 Report

q1 headline image - blog

Developments in Cyber-crime, Cyberwarfare and AI mark the first quarter of 2017, as indicated by PandaLabs Q1 Report. The Report by Panda Security’s malware resource facility identifies prominent tactics, attack methods and shifts in the industry.

The Cyber-crime industry continues to grow on the back of profitable attacks. The development of Ransomware-as-a-Service (RaaS) and organisations like Vdos, an organisation specialising in DDos attacks, indicate the professionalism of the cyber-crime industry. In Q1 we continue to see new and adapted attack methods such as RDPatcher, malware detected by PandaLabs in its attempt to access the victim’s endpoint and prepare it for rental on the Dark Web.

Politically motivated cyber-attacks

Fueling the continued development of the cyber-crime industry are politically motivated cyber-attacks. In recent months, Cyberwarfare has become a popular tactic in enforcing political agendas. In Q4 of 2016, we saw some of the first high profile instances of cyberwarfare, with accusations of Russia’s interference in the 2016 US elections. The gravity the development is clear as countries like Germany have now begun to develop cyber-command centres to monitor online activity – this quarter France and the Netherlands reconsidered electronic voting procedures to avoid situations like the 2016 US elections.

Targeted IoT device attacks

Targeted attacks on IoT devices continue to threaten our safety in line with the ever-increasing number of IoT devices. In February, at the European Broadcasting Union Media Cyber Security Seminar, security consultant Rafael Scheel demonstrated more ways these devices can breach unsecured networks by creating an exploit that would allow an attacker to take control of a Smart TV using only a DDT signal.

A perfect device for eavesdropping

Recent developments in Robotics and AI have led to that belief that the fourth industrial revolution is not far off. Robotics and AI technology could do more than just take over jobs – introducing virtual assistants like Google Home and Amazon Echo, can become a dangerous in road for hackers. Introduced in February 2017, Google Home can tune into your home IoT devices while waiting to be called on – making it the perfect device for eavesdropping. Police recently requested access to an Amazon Echo device as it may have held evidence that could be useful to their case.

Over the course of 2016 Ransomware attacks earned criminals billions of Rand. Fueled by its profitability, Ransomware attacks continue to increase, with new variants created daily. In Q1 PandaLabs discovered Ransomware variant WYSEWYE -that allows the attacker to select and take control of specific folders on the victim’s endpoint, ultimately demanding a ransom to give back control to the victim.

See the full report by PandaLabs here.

The post The Rise and Rise of the Cyber Economy – PandaLabs Q1 2017 Report appeared first on CyberSafety.co.za.

A User-Friendly Interface for Cyber-criminals

IMG-MC-wysiwye

Installing malware through Remote Desktop Protocol is a popular attack method used by many cyber-criminals. over the past few months Panda Security’s research facility PandaLabs, has analysed several attacks of this nature.

Once credentials are obtained through brute a force attack on the RDP, the cyber-criminals gain access to the company. Attackers simply execute the corresponding malware automatically to start the encryption.

wysiwye-530x483Recently however, PandaLabs has noticed more personalised attacks. Analysing this intrusion we see that the ransomware comes with its own interface, through which its can be configured according to the attackers preferences. Starting with details such as which email address will appear in the ransom note. This customised attack makes it possible to hand-pick the devices the hackers would like to action on.

Advanced attacks we continue to see in this environment require businesses to employ a corporate network security strategy. Preventing zero-day attacks from entering your network is essential, along with efforts to neutralise and block attacks.

Data collected from Panda clients in Europe indicated that Panda Adaptive Defense 360 (AD360) was able to detect and block this particular attack. Timely investment in prevention, detection and response technology, such as AD360 guarantees better protections against new age threats.

The post A User-Friendly Interface for Cyber-criminals appeared first on CyberSafety.co.za.

Panda Security Rated Top in Antivirus Test

IMG AVComp 03-17 - Blog

A recent study conducted by AV Comparatives recognised Panda Security for having obtained the highest possible score by detecting 100% of the malware samples tested.
 

AV Comparatives most rigorous test ranks Panda Security number one for malware detection

 

The analysis took into account the same infection vectors that a user might experience on an ordinary day. The fundamental objective of AV Comparatives’ Real-World Test is to determine if the security solutions are able to protect the system as it is exposed to an array of malware samples. Panda Security’s Free Antivirus proved it was able to detect 100% of malware to which it had been exposed.

“We are proud of the excellent results we received in the AV-Comparatives Real-World Test – these results validate our efforts to offer our users the best protection against all types of threats under real conditions. Panda Security is fully committed to the constant improvement of our solutions in order to provide maximum security levels with minimum performance impact.” say Jeremy Matthews, Regional Manager Panda Security Africa.
 
Infographic AVComp
 
These results speak to the success of the set of technologies leveraged by Panda Security to develop a solution that is ideal for all types of users – private or public, large or small. Panda Security’s solution comes in response to the rapid evolution of malware in recent years. In this regard, it offers the most effective response to threats such as ransomware, and proves to be the best ally in the prevention, protection and response to the latest attacks.

The post Panda Security Rated Top in Antivirus Test appeared first on CyberSafety.co.za.

Cybercrime Surges in Q3

young man with glasses sitting in front of his computer, programming. the code he is working on (CSS) can be seen through the screen.

PandaLabs Q3 Report indicates that incidences of cybercrime continue to increase, with 18 million new malware samples captured this quarter – more than 200,000 samples daily.

The Quarter at a Glance

Cybercrime continues to grow at an exponential rate, fuelled by the opportunity for large financial rewards.

Hackers have taken to developing new variants of successful Ransomware such as Locky, and the development of a model known as Ransomware-as-a-Service (RaaS), whereby developers create Ransomware for distributors, these distributors then target and infect victims – allowing both parties to achieve greater profits.

Another key development was the occurrence of DDoS attacks. Most natably that of Cyber Security journalist Brian Krebs. Krebs exposure of vDoS lead to the arrest of its key members and subsequently made Krebs’ site the target of a massive DDoS attack that saw Google step in to restore the site. As one of the largest attack of its kind, hackers leveraged IoT devices to send 620GB of data per second – at its peak – to the site.
graphs_cabecera-mediacenter
This quarter cyber-attacks targeted multiple gaming sites, gaining access to millions of users’ personal information. These attacks were largely launched using botnets composed of smartphones, and effected users of Overwatch, World of Warcraft and Diablo 3. Further attacks saw more than 3.5 million users exposed when Dota 2 and mobile game Clash of the Kings were targeted. These highlight just a few incidences in the Gaming world in the last 3 months.

The Banking sector remained a target for hackers as attacks on ATM’s, POS terminals and Bitcoin wallets continue to become more frequent and more advanced.

A Taiwanese ATM attack this quarter indicated just how advanced cybercriminals have become when they were able to hack the banks internal network and withdraw over R28 million without even touching the ATM itself.

Another big victim was Yahoo – one of the biggest attacks of its kind revealed this quarter indicated that 500 million user accounts had been comprised in a 2014 attack.

Finally, Q3 saw the largest Bitcoin robbery to date, when R 84 billion worth of Bitcoin was stolen by hackers.

View the full PandaLabs Q3 Report for more detail on specific attacks and find out how you can protect yourself and your business from the advanc

The post Cybercrime Surges in Q3 appeared first on CyberSafety.co.za.

Evolution of Locky – A Cat & Mouse Game

1

In the on-going game of cat and mouse between cyber attackers and defensive internet security providers, the appearance of a new tactic from the Locky family of Ransomware comes as no surprise.

As we discussed in February this year, Locky targets victims through seemingly legitimate email attachments. Once the victim clicks on the attachment the malicious macro begins encrypting the users’ files.

Given the nature of this environment, security experts are constantly working on ways to stop Locky, coming up with solutions that will render it ineffective.

Distribution of the latest attack

In the latest development, cyber attackers have come up with new tactics to bypass security. The malware is still distributed via email attachments, but no longer uses a Trojan. These emails have varying names and subject lines to attract the victims’ attention and usually contain Zip files.

locky-2
The Malware skips the downloader Trojan and gets the Locky variant in DLL format, and is then executed using Windows rundll32.exe. By using a script file as well as a DLL, instead of a Trojan and .exe, Locky is not immediately detected and blocked, and the Ransomware can begin its course.

To further ensure its success cyber attackers have given Locky an added fall-back mechanism, this means that the malware will still be able to complete its actions even in cases where it can’t reach command and control servers. The weak point in this is that the encryption key is the same for every computer.

These attacks appear to present in weekly waves and have already targeted victims in North and South America, and Europe, as well as attacks in Africa and Asia.

3

In order to protect yourself, security experts suggest setting up filters for script files that arrive via email, as well as ensuring your antivirus is up to date. Advanced solutions such as Panda’s Adaptive Defence allow for active classification of every running application by leveraging Endpoint Detection & Response (EDR) technologies. This means that you have a greater chance of defending your network against today’s advanced threats.

The post Evolution of Locky – A Cat & Mouse Game appeared first on CyberSafety.co.za.