Category Archives: Consumer

Evaluating cyber risk during the holiday season

Fears of data loss, identity theft and fraud are leaving American consumers on edge this holiday season, and they’re prepared to hold their financial institution responsible for the damages. This is according to a new study released by Terbium Labs, which found that 68 percent of shoppers would hold their bank at least partly responsible for fraudulent activity, regardless of how the compromise occurred. The blame game Americans are on high alert heading into the … More

The post Evaluating cyber risk during the holiday season appeared first on Help Net Security.

It’s Beginning to Look a Lot Like Holiday Shopping: Secure Your Black Friday & Cyber Monday Purchases

As we gear up to feast with family and friends this Thanksgiving, we also get our wallets ready for Black Friday and Cyber Monday. Black Friday and Cyber Monday have practically become holidays themselves, as each year they immediately shift our attention from turkey and pumpkin pie to holiday shopping. Let’s take a look at these two holidays, and how their popularity can impact users’ online security.

The Origins of the Holiday Shopping Phenomenon

You might be surprised to find out that the term “Black Friday” was first associated with a financial crisis, not sales shopping. According to The Telegraph, the U.S. gold market crashed on Friday, September 24, 1869, leaving Wall Street bankrupt. It wasn’t until the 1950s that Black Friday was used in association with holiday shopping when large crowds of tourists and shoppers flocked to Philadelphia for a big football game. Because of all the chaos, traffic jams, and shoplifting opportunities that arose, police officers were unable to take the day off, coining it Black Friday. It wasn’t until over 50 years later that Cyber Monday came to fruition when Shop.org coined the term as a way for online retailers to participate in the Black Friday shopping frenzy.

Growth Over the Years

Since the origination of these two massive shopping holidays, both have seen incredible growth. Global interest in Black Friday has risen year-over-year, with 117% average growth across the last five years. According to Forbes, last year’s Black Friday brought in $6.2 billion in online sales alone, while Cyber Monday brought in a record $7.9 billion.

While foot traffic seemed to decrease at brick-and-mortar stores during Cyber Week 2018, more shoppers turned their attention to the internet to participate in holiday bargain hunting. Throughout this week, sales derived from desktop devices came in at 47%, while mobile purchases made up 45% of revenue and tablet purchases made up 8% of revenue.

So, what does this mean for Black Friday and Cyber Monday shopping this holiday season? Adobe Analytics projects that Thanksgiving and Black Friday will bring in $12.3 billion in online sales and Cyber Monday will bring in $9.48 billion. If one thing’s for sure, this year’s Black Friday and Cyber Monday sales are shaping up to be the biggest ones yet for shoppers looking to snag some seasonal bargains. However, the uptick in online shopping activity provides cybercriminals with the perfect opportunity to wreak havoc on users’ holiday fun.

Holiday Bargain or Shopping Scam?

Inherently, Black Friday and Cyber Monday are pretty similar, with the main difference being where users choose to shop. While Black Friday sees a mix of online and in-store shoppers, most consumers will participate in Cyber Monday sales from their mobile phones or desktops at work. Plus, with mobile Cyber Week sales increasing year over year, it’s clear that users are gravitating towards the convenience of shopping on the go. However, the increase in mobile online shopping also creates an opportunity for cybercriminals to exploit. The latest McAfee Mobile Threat Report revealed a huge increase in device backdoors, fake apps, and banking trojans. With more and more users turning to their smartphones this holiday shopping season, they are in turn potentially subject to a wide variety of mobile cyberattacks.

Another threat to users’ holiday shopping sprees? Rushed purchases. Thanks to a later Thanksgiving, Cyber Monday falls on December 2nd, leaving users with one less shopping week between Turkey Day and Christmas. Because of this time crunch, many users are feeling pressured to get their holiday shopping done in time and might forego some basic cybersecurity practices to speed up the online shopping process. This includes not checking online retailer authenticity, falling for fake Black Friday deals, and hastily giving up more personal information than necessary, all in the interest of jumping on a sale before it’s too late.

How to Stay Secure This Holiday Season

In the blur of the holiday shopping frenzy, how can you help protect your personal information online? Before whipping out your credit card this Black Friday and Cyber Monday, check out these cybersecurity tips to ensure your holiday shopping spree goes off without a hitch:

  • Look for the lock icon. Secure websites will start with “https,” not just “http.” Double-check that you see the padlock icon right next to the web address in your browser. If you don’t, it’s best to avoid making purchases on that website.
  • If you can help it, shop on your desktop. Although shopping on a smartphone allows you to make purchases on the go, this opens you up to threats like mobile malware and fake shopping apps. Additionally, URLs are often shortened on mobile devices, making it easier for scammers to trick you with clone websites.
  • Ask the critics. Cybercriminals will often create fake websites to try and exploit users looking to get in on the Black Friday and Cyber Monday action. If you’re unsure about a product or retailer, read lots of reviews from trusted websites to help see if it’s legitimate.
  • Be on the lookout for suspicious websites. Misspellings, grammatical errors, and poor website design are often a sign that it’s a rip off of a legitimate site. If the site looks a little rough around the edges, this is probably a sign that it was created by a cybercriminal.
  • Don’t be too optimistic. Beware of bogus Black Friday and Cyber Monday deals with fake “free” offers. If you spot an ad online that seems too good to be true, chances are it probably is.
  • Use a comprehensive security solution. Using a solution like McAfee LiveSafe can help your holiday shopping spree go smoothly by providing safe web browsing, virus protection, and more. Click here for 50% off so you can shop knowing your devices and data are secured.

Looking for more security tips and trends? Be sure to follow @McAfee Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post It’s Beginning to Look a Lot Like Holiday Shopping: Secure Your Black Friday & Cyber Monday Purchases appeared first on McAfee Blogs.

Trend Micro Discloses Insider Threat Impacting Some of its Consumer Customers

We recently became aware of a security incident that resulted in the unauthorized disclosure of some personal data of an isolated number of customers of our consumer product.  We immediately started investigating the situation and found that this was the result of a malicious insider threat. The suspect was a Trend Micro employee who improperly accessed the data with a clear criminal intent.  

We immediately began taking the actions necessary to ensure that no additional data could be improperly accessed, and have involved law enforcement.   

Our open investigation has confirmed that this was not an external hack, but rather the work of a malicious internal source that engaged in a premeditated infiltration scheme to bypass our sophisticated controls.    

That said, we hold ourselves to a higher level of accountability and sincerely apologize to all impacted customers for this situation. Based on the current status of our investigation, we believe that all of the consumers who were potentially affected have already received individual notices from Trend Micro, but we will continue to investigate and provide further notices in the event that any further affected customers are identified. 

WHAT HAPPENED 

In early August 2019, Trend Micro became aware that some of our consumer customers running our home security solution had been receiving scam calls by criminals impersonating Trend Micro support personnel.  The information that the criminals reportedly possessed in these scam calls led us to suspect a coordinated attack. 

Although we immediately launched a thorough investigation, it was not until the end of October 2019 that we were able to definitively conclude that it was an insider threat. A Trend Micro employee used fraudulent means to gain access to a customer support database that contained names, email addresses, Trend Micro support ticket numbers, and in some instances telephone numbers. There are no indications that any other information such as financial or credit payment information was involved, or that any data from our business or government customers was improperly accessed.   

Our investigation revealed that this employee sold the stolen information to a currently unknown third-party malicious actor. We took swift action to contain the situation, including immediately disabling the unauthorized account access and terminating the employee in question, and we are continuing to work with law enforcement on an ongoing investigation.  

TREND MICRO DOES NOT CALL CONSUMERS UNSOLICITED  

If you have purchased our consumer product, you should know that Trend Micro will never call you unexpectedly. If a support call is to be made, it will be scheduled in advance. If you receive an unexpected phone call claiming to be from Trend Micro, hang up and report the incident to Trend Micro support using our official contact details below. 

We encourage you to please contact us for further assistance if you need any help related to any technical issues that may have arisen from interaction with the scammers.  These technical assistance support services, as with all support services, are already covered by your active license subscription. 

ADDITIONAL IMPORTANT INFORMATION 

  • We would like to reassure our business and government customers that our investigations have shown no indication that the criminal has accessed any enterprise customer data. 
  • While every maliciously accessed data set is one too many, our investigation has shown that this security incident affects less than 1% of Trend Micro’s 12 million consumer customers. 
  • Our investigation further shows that the criminals were only targeting English-speaking customers, and we have only seen data accessed in predominantly English-speaking countries.  

FOR MORE INFORMATION 

Official contact information for Trend Micro technical support in your region can always be found at https://esupport.trendmicro.com. Please contact us if you have any questions or concerns. 

 

[Update November 6, 2019: The estimated number of consumer customers affected is 68,000.]

 

 

The post Trend Micro Discloses Insider Threat Impacting Some of its Consumer Customers appeared first on .

Home and Away, All Year Round: How Can I Keep My Kids Safe Online?

We’re well into another school year in the US and elsewhere. For many parents and their kids, this can be a stressful time — demanding new routines, more study and longer days. But how many of us think about the potential extra cyber risks to our family that might also emerge during this time? The truth is that your kids will spend more time on internet-connected devices outside of the home than inside it. Whether they’re at school, or connected to public Wi-Fi out-and-about, there could be digital danger lurking around every corner. So how do you make sure they’re not exposing themselves to inappropriate content or cybersecurity risks?

The good news is that there’s a lot you can do to keep your family safe online. Combine useful advice and awareness-raising tips with security and safe browsing tools and you stand a great chance of insulating your kids from the worst of the internet, without undermining the benefits of the digital world.

To coincide with the annual Cybersecurity Awareness Month (CSAM) initiative in the US, we’ve put together some best practices to steer you in the right direction. But first, a closer look at the problems.

What’s the problem?

Smartphone, tablets and lightweight laptops are great tools for education and play. In the US, around 45% of children aged 10-12 have a smartphone, according to Nielsen research from 2017. The percentage could be even higher today.

The same study found that the overriding reason for parents buying their kids mobile devices is so that they can get hold of them, and that their kids can respond more easily. This shows the understandable concerns parents have for their children’s welfare. Yet it’s also true that these same devices can open the door to a whole new set of risks that need to be managed.

For one thing, there are the data thieves. Cybercrime is far from being an adult-only affair. In fact, the personal identity data of minors is even more valuable than that of their parents, because fraudsters get a “blank slate” identity with which they can open multiple lines of credit before the authorities catch on. Child ID fraud hit over one million US victims in 2017, costing billions.

Then there’s the risk of your kids looking at and sharing inappropriate content, including pictures of each other. That’s on top of the potential threats facing kids at home, both from surfing the web locked away in their bedrooms, and physical threats to the smart home.

Here are a few scenarios to consider:

Smart homes under attack: This isn’t just about protecting your child’s digital life, but making sure hackers can’t undermine the physical safety of your home. Increasingly parents are installing connected devices in their houses, everything from smart doorbells to internet-connected baby monitors and CCTV. But what happens when hackers manage to hijack these devices? One terrified Houston couple found out last year after an attacker hacked their Nest camera and pretended to kidnap their son. Hackers could also use hacked devices to monitor the home with a view to robbing the property.

Accessing Wi-Fi on school campus: Don’t assume school Wi-Fi is secure. Hackers are past masters at guessing or cracking passwords to gain access to private networks. And campus Wi-Fi represents an attractive target, offering them an opportunity to target possibly hundreds of unwitting kids and staff. If traffic over these networks is unencrypted and unsecured, hackers could launch Man in the Middle (MITM) attacks to intercept your child’s data. That means access to their account passwords and sensitive personal/financial information.

Out and about on public Wi-Fi: The dangers of using public Wi-Fi are essentially the same as those highlighted above. But in this case, it could be far easier for a hacker to join a hotspot and then launch a MITM attack on your child. It could be in a coffee shop, a local park, or any other hang-out after or before school. Young people gravitate to these spots not only to socialize but because of the free connectivity. And hackers know this.

Viewing inappropriate content: Kids are curious and that’s a wonderful thing. But this can also lead them to places you’d rather they didn’t go. The internet is full of them: it offers adult content at the click of a button delivered instantly to your child’s mobile device or laptop, wherever they are. But apart from the fact that this content may be inappropriate for younger eyes, it can also be riddled with malware and other internet nasties.

Downloading dodgy apps and hidden malware: Aside from the risks of your child accidentally downloading malware from an adult website, malicious code could be hidden in legitimate-looking mobile apps or on P2P sites. Both are hugely popular with young people. Malware can even hide in Google Play store apps.

Clicking on phishing emails / social messages: Over 90% of cyber-threats detected by Trend Micro in the first half of 2019 arrived via email. Phishing messages are spoofed to appear as if sent by a legitimate organization. But clicking through can silently download ransomware, information stealing malware, or even banking trojans designed to steal your child’s financial details. They can also be sent via social media, WhatsApp and SMS, sometimes from legitimate contacts whose own accounts have been hijacked.

Falling for a sextortion scam: On one level, kids are pretty tech savvy. But in certain ways they can also be more credulous than their parents. Sextortion scams often trick the recipient into believing they’ve been filmed in a compromising position via their webcam. This kind of malicious span more than quadrupled from the second half of 2018 to the first half of 2019.

Oversharing on social media: Young people can also be less discerning about whom they “friend” and how much information they share on social media. This could have several unintended consequences; ranging from mild embarrassment, to cyber-bullying, identity fraud, and child stalking.

Sexting: Sharing sexually explicit photos has been normalized among many young people. But it could have serious psychological repercussions and even land your child in trouble with the authorities.

What do I do next?

The good news is that there are plenty of things concerned parents can do to minimize the risks outlined above. The most important thing is to be open and honest with your children: sit down and discuss your concerns, explain why certain behaviors are risky, and offer advice on how to stay safe online.

Most importantly, be sure they understand that everything you’re doing comes from a place of love and concern. With greater transparency and mutual respect, they’ll be less inclined to circumvent any parental controls you try to impose.

Here are a few tips:

  • Urge your kids to always think before clicking (and to avoid doing so on unsolicited messages/emails)
  • Make sure they have anti-malware from reputable vendor installed on all devices
  • Seek out security products that can check and update social media privacy settings
  • Advise your kids to always use official mobile app stores for downloads and discourage downloads from P2P sites
  • Set up parental controls to block inappropriate content and/or to regulate screen time and time on certain sites or apps
  • Urge your kids to think before sharing on social media and to know with whom they’re sharing
  • Share your concerns around sexting and its potential repercussions
  • Warn them of the dangers of public Wi-Fi and ensure they use VPN tools when connecting to public Wi-Fi or even the school campus Wi-Fi networks.

How can Trend Micro help?

Trend Micro has a range of products that can be leveraged to enable parental controls on multiple devices and provide protection from malware, Wi-Fi threats and password theft. Here are a few of them:

Trend Micro Home Network Security: Provides Parental Controls to limit or block access to specific websites and applications, and limit daily screen time on your kids’ devices. Also offers advanced, enterprise-grade protection against hackers trying to hijack your smart home gadgets.

Trend Micro Security: Provides Parental Controls as above, plus protection against web and email threats, including phishing emails and websites that steal personal data. Can also optimize your child’s privacy settings to minimize over-sharing on social media. One license can cover up to five Windows, Mac, iOS and Android devices.

Trend Micro Mobile Security: Blocks email and web threats, as well as malware hidden in mobile apps. Also features password manager and VPN (sell below). Works on Android and iOS.

Trend Micro Password Manager: Enables your kids to create unique, tough-to-hack passwords for all websites/apps and manage them in one secure location. Thus, even if they’re hacked on one site, the rest of their accounts are safe.

Trend Micro Wi-Fi Protection: Uses Virtual Private Network (VPN) technology with bank-grade data encryption to secure any Wi-Fi network, even public Wi-Fi hotspots. Available for PC, Mac, Android and iOS devices.

 

The post Home and Away, All Year Round: How Can I Keep My Kids Safe Online? appeared first on .

How Googling Our Favourite Celebrities Is A Risky Business

Did you know that searching for your favourite celebrities online may very well increase your chance of running into trouble?

For the thirteenth year running, McAfee has put together its Most Dangerous Celebrities List which includes the celebrities who generate the riskiest search results that could potentially expose their fans to malicious websites and viruses. And, as usual, Aussies feature!!

Who Are the Riskiest Aussie Celebrities?

After a tumultuous year in and out of love, Liam Hemsworth – Aussie actor and ex-husband of popstar Miley Cyrus – has taken out top honours as the most dangerous Australian born celebrity coming in at 19th place on the list. Rose Byrne, Cate Blanchett and Kylie Minogue also feature on the list coming in at 37th, 41st and 52nd place respectively.

Talk Show Hosts Top the List

While previous years have seen Reality TV stars, such as The Kardashians, top of the list, in 2019 – it’s all about talk show hosts. In fact, there are 4 talk show hosts in the top 10. John Oliver takes out 1st place, followed by James Corden in 4th place, Jimmy Kimmel in 6th place and Jimmy Fallon in 10thplace.

Whether it’s their karaoke singing or their viral views on politics, our fascination with charismatic talk show hosts is clearly very strong. McAfee’s research also shows that the names of these 4 hosts are strongly associated with the search term ‘torrent’. This indicates people may be trying to avoid paying expensive subscriptions to view these cult shows and are pursuing free yet riskier alternatives.

Singers Are Also Proving Risky!

English singer Dua Lipa came in at no 2 on the list, followed by Scottish singer/DJ Calvin Harris in 5th place and teen favourite Billie Eilish at no 7. Our quest for immediate or free content about our favourite singers could mean that we visit sites purposefully designed by cybercriminals to extract our personal information or even better, our credit card details!

And then there’s Game of Thrones

The world’s love affair with Game of Thrones saw Emilia Clarke take out the 9th spot in this year’s list of risky celebs to search for online. Clarke, who played Daenerys Targaryen in the HBO fantasy series, was joined by Hollywood royalty Morgan Freeman in the top 10 list.

Cybercriminals Capitalise on Our Love for Celebrities

Our love of ‘all things celebrity’ has clearly not escaped the attention of cybercriminals with many spending a lot of time

and energy creating malicious websites designed to trick consumers into visiting. Whether it’s the promise of a ‘sneak-peak’ of the latest Star Wars movie, or free access to full episodes of a favourite American talk show, consumers will often drop their guard in favour of speed or convenience and quickly enter their personal details to gain access to a site without thinking about the consequences.

How to Avoid Getting Stung!

The good news is that you don’t need to give up your obsession with your favourite celebrity to stay safe online. Instead, develop some patience and trust your gut. Here are my top tips to help you stay ahead of the cybercriminals:

  1. Be Careful What You Click

Only stream and download movies and TV shows from reliable sources. While it may feel boring, the safest thing to do is wait for the official release of a movie instead of visiting a 3rd party site that could contain malware.

  1. Avoid Using Illegal Streaming Sites – No Exceptions!

Many illegal streaming sites are riddled with malware or adware disguised as pirated videos. Do yourself a favour and stream the show from a reputable source.

  1. Use a Web Reputation Tool

A web reputation tool such as McAfee’s freely available WebAdvisor will alert users if they are about to visit a malicious website. Very handy!

  1. Consider Parental Control Software

Kids love celebrities too! Ensure you set limits on device usage with your kids and use parental control software to help minimise exposure to potentially malicious or inappropriate websites.

But if you aren’t convinced your kids are going to take your advice on board then why not invest in some comprehensive security software like McAfee’s Total Protection for the whole family? This Rolls Royce cybersecurity software will protect you (and your kids) against malware and phishing attacks. A complete no-brainer!!

Alex xx

 

The post How Googling Our Favourite Celebrities Is A Risky Business appeared first on McAfee Blogs.

Stay Smart Online Week 2019

Let’s Reverse the Threat of Identity Theft!!

Our online identities are critical. In fact, you could argue that they are our single most unique asset. Whether we are applying for a job, a mortgage or even starting a new relationship, keeping our online identity protected, secure and authentic is essential.

This week is Stay Smart Online Week in Australia – an initiative by the Australian Government to encourage us all to all take a moment and rethink our online safety practices. This year the theme is ‘Reverse the Threat’ which is all about encouraging Aussies to take proactive steps to control their online identity and stop the threat of cybercrime.

What Actually Is My Online Identity?

On a simple level, your online identity is the reputation you have generated for yourself online – both intentionally or unintentionally. So, an accumulation of the pics you have posted, the pages you have liked and the comments you have shared. Some will often refer to this as your personal brand. Proactively managing this is critical for employments prospects and possibly even potential relationship opportunities.

However, there is another layer to your online identity that affects more than just your job or potential career opportunities. And that’s the transactional component. Your online identity also encompasses all your online movements since the day you ‘joined’ the internet. So, every time you have registered for an online account; given your email address to gain access or log in; joined a social media platform; undertaken a web search; or made a transaction, you have contributed to your digital identity.

What Are Aussies Doing to Protect Their Online Identities?

New research from McAfee shows Aussies have quite a relaxed attitude to managing their online identities. In fact, a whopping two thirds (67%) of Aussies admit to being embarrassed by the content that appears on their social media profiles. And just to make the picture even more complicated, 34% of Aussies admit to never increasing the privacy on their accounts from the default privacy settings despite knowing how to.

Why Does My Online Identity Really Matter?

As well as the potential to hurt career or future relationship prospects, a relaxed attitude to managing our online identities could be leaving the door open for cybercriminals. If you are posting about recent purchases, your upcoming holidays and ‘checking-in’ at your current location then you are making it very easy for cybercriminals to put together a picture of you and possibly steal your identity. And having none or even default privacy settings in place effectively means you are handing this information to cybercrims on a platter!!

Is Identity Theft Really Big Problem?

As at the end of June, the Australian Competition and Consumer Commission claims that Aussies have lost at least $16 million so far this year through banking scams and identity theft. And many experts believe that this statistic could represent the ‘tip of the iceberg’ as it often takes victims some time to realise that their details are being used by someone else.

Whether it’s phishing scams; texts impersonating banks; fake online quizzes; phoney job ads, or information skimmed from social media, cybercriminals have become very savvy at developing novel ways of stealing online identities.

What Can You Do to ‘Reverse the Threat’ and Protect Your Online Identity?

With so much at stake, securing your online identity is more important than ever. Here are my top tips on what you can do to give yourself every chance of securing your digital credentials:

  1. Passwords, Passwords, Passwords

As the average consumer manages a whopping 11 online accounts – social media, shopping, banking, entertainment, the list goes on – updating our passwords is an important ‘cyber hygiene’ practice that is often neglected.

Creating long and unique passwords using a variety of upper and lowercase numbers, letters and symbols is an essential way of protecting yourself and your digital assets online. And if that all feels too complicated, why not consider a password management solution? Password managers help you create, manage and organise your passwords. Some security software solutions include a password manager such as McAfee Total Protection.

  1. Turn on Two-Factor Authentication Wherever Possible!

Enabling two-factor authentication for your accounts will add an extra layer of defence against cybercriminals. Two-factor authentication is simply a security process in which the user provides 2 different authentication factors to verify themselves before gaining access to an online account. As one of the verification methods is usually an extra password or one-off code delivered through a separate personal device like a smartphone, it makes it much harder for cybercriminals to gain access to a person’s device or online accounts.

  1. Lock Down Privacy and Security Settings

Leaving your social media profiles on ‘public’ setting means anyone who has access to the internet can view your posts and photos whether you want them to or not. While you should treat everything you post online as public, turning your profiles to private will give you more control over who can see your content and what people can tag you in.

  1. Use Public Wi-Fi With Caution

If you are serious about managing your online identity, then you need to use public Wi-Fi sparingly. Unsecured public Wi-Fi is a very risky business. Anything you share could easily find its way into the hands of cybercriminals. So, avoid sharing any sensitive or personal information while using public Wi-Fi. If you travel regularly or spend the bulk of your time on the road then consider investing in a VPN such as McAfee Safe Connect. A VPN (Virtual Private Network) encrypts your activity which means your login details and other sensitive information is protected. A great insurance policy!

Thinking it all sounds a little too hard? Don’t! Identity theft happens to Aussies every day with those affected experiencing real distress and financial damage. So, do your homework and take every step possible to protect yourself, for as Benjamin Franklin said: ‘An ounce of prevention is worth a pound of cure’.

Alex xx

The post Stay Smart Online Week 2019 appeared first on McAfee Blogs.

Aussies Fear Snakes, Spiders and Getting Hacked

Fears and phobias. We all have them. But what are your biggest ones? I absolutely detest snakes but spiders don’t worry me at all. Well, new research by McAfee shows that cybercriminals and the fear of being hacked are now the 5th greatest fear among Aussies.

With news of data breaches and hacking crusades filling our news feed on a regular basis, many of us are becoming more aware and concerned about the threats we face in our increasingly digital world. And McAfee’s latest confirms this with hackers making their way into Australia’s Top 10 Fears.

According to research conducted by McAfee, snakes are the top phobia for Aussies followed by spiders, heights and sharks. Cybercriminals and the fear of being hacked come in in 5th place beating the dentist, bees, ghosts, aeroplane travel and clowns!

Aussie Top 10 Fears and Phobias

  1. Snakes
  2. Spiders
  3. Heights
  4. Sharks
  5. Hackers/Cybercriminals
  6. The dentist
  7. Bees or wasps
  8. Ghosts
  9. Aeroplane travel
  10. Clowns

Why Do We Have Phobias?

Fears and phobias develop when we perceive that we are at risk of pain, or worse, still, death. And while almost a third of respondents nominated snakes as their number one fear, there is less than one-in-fifty thousand chance of being bitten badly enough by a snake to warrant going to hospital in Australia, according to research from the Internal Medicine Journal.

In contrast, McAfee’s analysis of more than 108 billion potential online threats between October and December 2018, identified 202 million of these threats as genuine risks. With a global population of 7.5 billion, that means there is approximately a one in 37 chance of being targeted by cybercrime. Now while this is not a life-threatening situation, these statistics show that chance of us being affected by an online threat is very real.

What Are Our Biggest Cyber Fears?

According to the research, 82% of Aussies believe that being hacked is a growing or high concern. And when you look at the sheer number of reported data breaches so far this year, these statistics make complete sense. Data breaches have affected Bunnings staff, Federal Parliament staff, Marriott guests, Victorian Government staff, QLD Fisheries members, Skoolbag app users and Big W customers plus many more.

Almost 1 in 5 (19%) of those interviewed said their top fear at work is doing something that will result in a data security breach, they will leak sensitive information or infect their corporate IT systems.

The fear that we are in the midst of a cyberwar is another big concern for many Aussies. Cyberwar can be explained as a computer or network-based conflict where parties try to disrupt or take ownership of the activities of other parties, often for strategic, military or cyberespionage purposes. 55% of Aussies believe that a cyberwar is happening right now but we just don’t know about it. And a fifth believe cyber warfare is the biggest threat to our nation.

What Can We Do to Address Our Fear of Being Hacked?

Being proactive about protecting your online life is the absolute best way of reducing the chances of being hacked or being affected by a data breach. Here are my top tips on what you can now to protect yourself:

  1. Be Savvy with Your Passwords

Using a password manager to create unique and complex passwords for each of your online accounts will definitely improve your online safety. If each on your online accounts has a unique password and you are involved in a breach, the hacker won’t be able to use the stolen password details to log into any of your other accounts.

  1. Stop AutoFill on Chrome

Storing your financial data within your browser and being able to populate online forms quickly within seconds makes the autofill function very attractive however it is risky. Autofill will automatically fill out all forms on a page regardless of whether you can see all the boxes. You may just think you are automatically entering your email address into an online form however a savvy hacker could easily design an online form with hidden boxes designed to capture your financial information. So remove all your financial information from Autofill. I know this means you will have to manually enter information each time you purchase but your personal data will be better protected.

  1. Think Before You Click

One of the easiest ways for a cybercriminal to compromise their victim is by using phishing emails to lure consumers into clicking links for products or services that could lead to malware, or a phoney website designed to steal personal information. If the deal seems too good to be true, or the email was not expected, always check directly with the source.

  1. Stay Protected While You Browse

It’s important to put the right security solutions in place in order to surf the web safely. Add an extra layer of security to your browser with McAfee WebAdvisor.

  1. Always Connect with Caution

I know public Wi-Fi might seem like a good idea, but if consumers are not careful, they could be unknowingly exposing personal information or credit card details to cybercriminals who are snooping on the network. If you are a regular Wi-Fi user, I recommend investing in a virtual private network or (VPN) such as McAfee’s Safe Connect which will ensure your connection is completely secure and that your data remains safe.

While it is tempting, putting our head in the sand and pretending hackers and cybercrime don’t exist puts ourselves and our families at even more risk! Facing our fears and making an action plan is the best way of reducing our worry and stress. So, please commit to being proactive about your family’s online security. Draw up a list of what you can do today to protect your tribe. And if you want to receive regular updates about additional ways you can keep your family safe online, check out my blog.

‘till next time.

Alex x

 

 

 

The post Aussies Fear Snakes, Spiders and Getting Hacked appeared first on McAfee Blogs.

McAfee Receives the 2019 Security Excellence Award From IoT Evolution

If you’re like most users, you’ve probably adopted several smart devices into your home over the last few years. Whether it be voice assistants, smart TVs, thermostats, or gaming systems, IoT devices help make our lives easier. But with greater connectivity also comes greater exposure to online threats. However, that doesn’t mean users should avoid using IoT technology altogether. With the help of smart security, users can feel safe and protected as they bring new gadgets into their lives. Solutions like McAfee Secure Home Platform, which is now the winner of the IoT Security Excellence Award, can help users connect with confidence.

Here at McAfee, we know smart security is more important now than ever before. That’s why we work tirelessly to ensure that our solutions provide consumers with the best protection possible. For example, McAfee Secure Home Platform provides automatic protection for the entire home network by automatically securing connected devices through a router with McAfee protection. It’s through the proactive evolution of our products that McAfee Secure Home Platform has received this 2019 IoT Security Excellence Award from IoT Evolution World, the leading publication covering IoT technologies.

The IoT Security Excellence Award celebrates the most innovative products and solutions in the world of IoT. It honors technology empowered by the new availability of information being deduced, inferred, and directly gathered from sensors, systems, and anything else that is supporting better business and personal decisions. Winners of this award are recognized for their innovation in gathering and managing information from connected devices that often are not associated with IoT.

“We are thrilled that McAfee Secure Home Platform has been recognized by IoT Evolution World as a recipient of the 2019 IoT Evolution Security Excellence Award. We continue to prioritize creating solutions that lead with ease of use and first-class protection, in order for consumers to best protect every connected device in their homes.” – Gary Davis, Chief Consumer Security Evangelist at McAfee.

As long as technology continues to evolve, so will the threat landscape. This is what drives us to keep developing leading solutions that help you and your loved ones connect with confidence. Solutions like McAfee Secure Home Platform are leading the charge in providing top home network security while still empowering users to enjoy their smart devices.

To stay updated on the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post McAfee Receives the 2019 Security Excellence Award From IoT Evolution appeared first on McAfee Blogs.

The Seven Main Phishing Lures of Cybercriminals

One of the oldest tricks in the cybercrime playbook is phishing. It first hit the digital scene in 1995, at a time when millions flocked to America Online (AOL) every day. And if we know one thing about cybercriminals, it’s that they tend to follow the masses. In earlier iterations, phishing attempts were easy to spot due to link misspellings, odd link redirects, and other giveaways. However, today’s phishing tricks have become personalized, advanced, and shrouded in new disguises. So, let’s take a look at some of the different types, real-world examples and how you can recognize a phishing lure.

Be Wary of Suspicious Emails

Every day, users get sent thousands of emails. Some are important, but most are just plain junk. These emails often get filtered to a spam folder, where phishing emails are often trapped. But sometimes they slip through the digital cracks, into a main inbox. These messages typically have urgent requests that require the user to input sensitive information or fill out a form through an external link. These phishing emails can take on many personas, such as banking institutions, popular services, and universities. As such, always remember to stay vigilant and double-check the source before giving away any information.

Link Look-A-Likes

A sort of sibling to email phishing, link manipulation is when a cybercriminal sends users a link to malicious website under the ruse of an urgent request or deadline. After clicking on the deceptive link, the user is brought to the cybercriminal’s fake website rather than a real or verified link and asked to input or verify personal details. This exact scenario happened last year when several universities and businesses fell for a campaign disguised as a package delivery issue from FedEx. This scheme is a reminder that anyone can fall for a cybercriminals trap, which is why users always have to careful when clicking, as well as ensure the validity of the claim and source of the link. To check the validity, it’s always a good idea to contact the source directly to see if the notice or request is legitimate.

Gone Whaling

Corporate executives have always been high-level targets for cybercriminals. That’s why C-suite members have a special name for when cybercriminals try to phish them – whaling. What sounds like a silly name is anything but. In this sophisticated, as well as personalized attack, a cybercriminal attempts to manipulate the target to obtain money, trade secrets, or employee information. In recent years, organizations have become smarter and in turn, whaling has slowed down. Before the slowdown, however, many companies were hit with data breaches due to cybercriminals impersonating C-suite members and asking lower-level employees for company information. To avoid this pesky phishing attempt, train C-suite members to be able to identify phishing, as well as encourage unique, strong passwords on all devices and accounts.

Spear Target Acquired

 Just as email spam and link manipulation are phishing siblings, so too are whaling and spear-phishing. While whaling attacks target the C-suite of a specific organization, spear-phishing rather targets lower-level employees of a specific organization. Just as selective and sophisticated as whaling, spear-phishing targets members of a specific organization to gain access to critical information, like staff credentials, intellectual property, customer data, and more. Spear-phishing attacks tend to be more lucrative than a run-of-the-mill phishing attack, which is why cybercriminals will often spend more time crafting and obtaining personal information from these specific targets. To avoid falling for this phishing scheme, employees must have proper security training so they know how to spot a phishing lure when they see one.

Spoofed Content

With so many things to click on a website, it’s easy to see why cybercriminals would take advantage of that fact. Content spoofing is based on exactly that notion – a cybercriminal alters a section of content on a page of a reliable website to redirect an unsuspecting user to an illegitimate website where they are then asked to enter personal details. The best way to steer clear of this phishing scheme is to check that the URL matches the primary domain name.

Phishing in a Search Engine Pond

 When users search for something online, they expect reliable resources. But sometimes, phishing sites can sneak their way into legitimate results. This tactic is called search engine phishing and involves search engines being manipulated into showing malicious results. Users are attracted to these sites by discount offers for products or services. However, when the user goes to buy said product or service, their personal details are collected by the deceptive site. To stay secure, watch out for potentially sketchy ads in particular and when in doubt always navigate to the official site first.

Who’s That Caller?

With new technologies come new avenues for cybercriminals to try and obtain personal data. Vishing, or voice phishing, is one of those new avenues. In a vishing attempt, cybercriminals contact users by phone and ask the user to dial a number to receive identifiable bank account or personal information through the phone by using a fake caller ID. For example, just last year, a security researcher received a call from their financial institution saying that their card had been compromised. Instead of offering a replacement card, the bank suggested simply blocking any future geographic-specific transactions. Sensing something was up, the researcher hung up and dialed his bank – they had no record of the call or the fraudulent card transactions. This scenario, as sophisticated as it sounds, reminds users to always double-check directly with businesses before sharing any personal information.

As you can see, phishing comes in all shapes and sizes. This blog only scratches the surface of all the ways cybercriminals lure unsuspecting users into phishing traps. The best way to stay protected is to invest in comprehensive security and stay updated on new phishing scams.

Looking for more security tips and trends? Be sure to follow @McAfee Home on Twitter, and like us on Facebook.

The post The Seven Main Phishing Lures of Cybercriminals appeared first on McAfee Blogs.

Solving the Gamer’s Dilemma: Security vs. Performance

As of last year, 2.2 billion1 people consider themselves gamers across the globe. Of that 2.2 billion, over 50% – 1.22 billion2 – play their game of choice on a PC. The sheer number of PC gamers throughout the world, however, has sparked the interest of cybercriminals and cyberthreats targeting gamers have spiked. Threats including malware, potentially unwanted programs (PUPs), phishing, account takeovers (ATO), and more have slowly started to permeate gamers’ domains at an alarming level.

PC gamers often adopt lesser security protocols, as they’re concerned about the potential negative impact on in-game performance. At the same time, they are the most connected, online users, meaning their exposure to threats is generally higher. While they recognize and understand the importance of having cybersecurity, they do not want to sacrifice performance for security. The gamer’s dilemma – security versus performance – is the crux as to why gamers put security second, even though the average gamer has experienced almost five cyberattacks.

There’s good news though – McAfee Gamer Security is here to counter the notion that antivirus slows gamers down. This brand-new security solution from McAfee provides gamers with the security they need without sacrificing performance or creating in-game slowdowns, such as drops in frames per second (FPS) and lag. Built from the ground up, this solution delivers performance optimization by monitoring key system metrics coupled with the ability to manually kill resource hogs on-the-fly, while automatically prioritizing resources and pausing background services. McAfee Gamer Security also features cloud-based MicroAV, which offloads detection from the system to the cloud for all the protection gamers could want or need, without the “bloat” that usually accompanies security software.

While McAfee Gamer Security is now available for purchase, in spring 2019 McAfee surveyed users that participated in beta testing. Here’s how they responded to a few questions we asked:

Overall, what impact, if any, did you feel in your gaming experience?

“I believe I had [experienced] a positive impact of the software during my overall use of the program because it increased the speed of my game as well as gave me peace of mind that I…[stayed] protected during my gameplay.”

What one benefit would make you talk about McAfee Gamer Security to your friends? What is the primary reason for your choice? 

“Good security which doesn’t slow down my system; Normally, antiviruses…hog background resources [and] you trade performance for security. McAfee Gamer Security offers the best of both worlds, without contradicting each other.”

Overall, how useful or not useful has Gamer Security been?                      

“Every couple [of] hours or so while gaming, I…used the software to check up on my RAM/GPU/CPU performance and make sure my system isn’t bottlenecking, there aren’t any irregularities, etc. I also really like that I can experience a boost in my gameplay without having to take the risk of overclocking my components.”

In addition to using a security solution like McAfee Gamer Security, here are some other general tips to help you stay secure while playing your favorite video game:

  1. Ensure all applications, hardware and software are up-to-date. Cybercriminals can take advantage of software, hardware, and application vulnerabilities to spread cyberthreats, such as malware. Keep your devices and applications updated with the latest security patches and fixes to help combat this threat.
  2. Periodically visit your device to add/remove programs. Some apps on your device may be vampirically siphoning in-game performance. Remove apps that you do not need or no longer use.
  3. Create strong, unique passwords. Over 55% of gamers re-use the same password across accounts for online gaming services. And while it might be easier to remember the same password, reusing credentials across multiple accounts could put the hundreds, or even thousands, of invested hours in leveling up characters and gathering rare items at risk in the event one account is breached. Be sure to construct a complex password that is difficult to guess.

And, as always, stay on top of the latest consumer and gaming security threats with @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

Footnotes

  1. Number of active video gamers worldwide from 2014 to 2021 (in millions), Statista, 2019
  2. Number of active PC gamers worldwide from 2014 to 2021 (in millions), Statista, 2019

The post Solving the Gamer’s Dilemma: Security vs. Performance appeared first on McAfee Blogs.

How To Practise Good Social Media Hygiene

Fact – your social media posts may affect your career, or worse case, your identity!

New research from the world’s largest dedicated cybersecurity firm, McAfee, has revealed that two thirds (67%) of Aussies are embarrassed by the content that appears on their social media profiles. Yikes! And just to make the picture even more complicated, 34% of Aussies admit to never increasing the privacy on their accounts from the default privacy settings despite knowing how to.

So, next time these Aussies apply for a job and the Human Resources Manager decides to ‘check them out online’, you can guess what the likely outcome will be…

Proactively Managing Social Media Accounts Is Critical For Professional Reputation

For many Aussies, social media accounts operate as a memory timeline of their social lives. Whether they are celebrating a birthday, attending a party or just ‘letting their hair down’ – many people will document their activities for all to see through a collection of sometimes ‘colourful’ photos and videos. But sharing ‘good times’ can become a very big problem when social media accounts are not proactively managed. Ensuring your accounts are set to the tightest privacy settings possible and curating them regularly for relevance and suitability is essential if you want to keep your digital reputation in-tact. However, it appears that a large proportion of Aussies are not taking these simple steps.

McAfee’s research shows that 28% of Aussies admit to either never or not being able to recall the last time they checked their social media timeline. 66% acknowledge that they have at least one inactive social media account. 40% admit that they’ve not even thought about deleting inactive accounts or giving them a clear-out and concerningly, 11% don’t know how to adjust their privacy settings! So, I have no doubt that some of the Aussies that fall into these groups would have NOT come up trumps when they were ‘checked out online’ by either their current or future Human Resources Managers!!

What Social Media Posts Are Aussies Most Embarrassed By?

As part of the research study, Aussies were asked to nominate the social media posts that they have been most embarrassed by. Here are the top 10:

  1. Drunken behaviour
  2. Comment that can be perceived as offensive
  3. Wearing an embarrassing outfit
  4. Wardrobe malfunction
  5. In their underwear
  6. Throwing up
  7. Swearing
  8. Kissing someone they shouldn’t have been
  9. Sleeping somewhere they shouldn’t
  10. Exposing themselves on purpose

Cybercriminals Love Online Sharers

As well as the potential to hurt career prospects, relaxed attitudes to social media could be leaving the door open for cybercriminals. If you are posting about recent purchases, your upcoming holidays and ‘checking-in’ at your current location then you are making it very easy for cybercriminals to put together a picture of you and possibly steal your identity. And having none or even default privacy settings in place effectively means you are handing this information to cybercriminals on a platter!!

Considering how much personal information and images most social media accounts hold, it’s concerning that 16 per cent of Aussies interviewed admitted that they don’t know how to close down their inactive social media accounts and a third (34%) don’t know the passwords or no longer have access to the email addresses they used to set them up – effectively locking them out!

What Can We Do To Protect Ourselves?

The good news is that there are things we can do TODAY to improve our social media hygiene and reduce the risk of our online information getting into the wrong hands. Here are my top tips:

  1. Clean-up your digital past. Sift through your old and neglected social media accounts. If you are not using them – delete the account. Then take some time to audit your active accounts. Delete any unwanted tags, photos, comments and posts so they don’t come back to haunt your personal or professional life.

  1. Lockdown privacy and security settings. Leaving your social media profiles on the ‘public’ setting means anyone who has access to the internet can view your posts and photos whether you want them to or not. While you should treat anything you post online as public, turning your profiles to private will give you more control over who can see your content and what people can tag you in.

 

  1. Never reuse passwords. Use unique passwords with a combination of lower and upper case letters, numbers and symbols for each one of your accounts, even if you don’t think the account holds a lot of personal information. If managing all your passwords seems like a daunting task, look for security software that includes a password manager.

 

  1. Avoid Sharing VERY Personal Information Online. The ever-growing body of information you share online could possibly be used by cybercriminals to steal your identity. The more you share, the greater the risk. Avoid using your full name, date of birth, current employer, names of your family members, your home address even the names of your pets online – as you could be playing straight into the hands of identity thieves and hackers.
  1. Think before you post. Think twice about each post you make. Will it have a negative impact on you or someone you know now or possibly in the future? Does it give away personal information that someone could use against you? Taking a moment to think through the potential consequences BEFORE you post is the best way to avoid serious regrets in the future.

 

  1. Employ extra protection across all your devices. Threats such as viruses, identity theft, privacy breaches, and malware can all reach you through your social media. Install comprehensive security software to protect you from these nasties.

 

If you think you (or one of your kids) might just identify with the above ‘relaxed yet risky’ approach to managing your social media, then it’s time to act. Finding a job is hard enough in our crowded job market without being limited by photos of your latest social gathering! And no-one wants to be the victim of identity theft which could possibly affect your financial reputation for the rest of your life! So, make yourself a cuppa and get to work cleaning up your digital life! It’s so worth it!!

Alex xx

 

 

The post How To Practise Good Social Media Hygiene appeared first on McAfee Blogs.

Cybercrime’s Most Wanted: Four Mobile Threats that Might Surprise You

It’s hard to imagine a world without cellphones. Whether it be a smartphone or a flip phone, these devices have truly shaped the late 20th century and will continue to do so for the foreseeable future. But while users have become accustomed to having almost everything they could ever want at fingertips length, cybercriminals were busy setting up shop. To trick unsuspecting users, cybercriminals have set up crafty mobile threats – some that users may not even be fully aware of. These sneaky cyberthreats include SMSishing, fake networks, malicious apps, and grayware, which have all grown in sophistication over time. This means users need to be equipped with the know-how to navigate the choppy waters that come with these smartphone-related cyberthreats. Let’s get started.

Watch out for SMSishing Hooks

If you use email, then you are probably familiar with what phishing is. And while phishing is commonly executed through email and malicious links, there is a form of phishing that specifically targets mobile devices called SMSishing. This growing threat allows cybercriminals to utilize messaging apps to send unsuspecting users a SMSishing message. These messages serve one purpose – to obtain personal information, such as logins and financial information. With that information, cybercriminals could impersonate the user to access banking records or steal their identity.

While this threat was once a rarity, it’s rise in popularity is two-fold. The first aspect being that users have been educated to distrust email messages and the second being the rise in mobile phone usage throughout the world. Although this threat shows no sign of slowing down, there are ways to avoid a cybercriminal’s SMSishing hooks. Get started with these tips:

  1. Always double-check the message’s source. If you receive a text from your bank or credit card company, call the organization directly to ensure the message is legit.
  2. Delete potential SMSishing Do not reply to or click on any links within a suspected malicious text, as that could lead to more SMSishing attempts bombarding your phone.
  3. Invest in comprehensive mobile security. Adding an extra level of security can not only help protect your device but can also notify you when a threat arises.

Public Wi-Fi Woes  

Public and free Wi-Fi is practically everywhere nowadays, with some destinations even having city-wide Wi-Fi set up. But that Wi-Fi users are connecting their mobile device to may not be the most secure, given cybercriminals can exploit weaknesses in these networks to intercept messages, login credentials, or other personal information. Beyond exploiting weaknesses, some cybercriminals take it a step further and create fake networks with generic names that trick unsuspecting users into connecting their devices. These networks are called “evil-twin” networks. For help in spotting these imposters, there are few tricks the savvy user can deploy to prevent an evil twin network from wreaking havoc on their mobile device:

  1. Look for password-protected networks. As strange as it sounds, if you purposely enter the incorrect password but are still allowed access, the network is most likely a fraud.
  2. Pay attention to page load times. If the network you are using is very slow, it is more likely a cybercriminal is using an unreliable mobile hotspot to connect your mobile device to the web.
  3. Use a virtual private network or VPN. While you’re on-the-go and using public Wi-Fi, add an extra layer of security in the event you accidentally connect to a malicious network. VPNs can encrypt your online activity and keep it away from prying eyes. 

Malicious Apps: Fake It till They Make It

Fake apps have become a rampant problem for Android and iPhone users alike. This is mainly in part due to malicious apps hiding in plain sight on legitimate sources, such as the Google Play Store and Apple’s App Store. After users download a faulty app, cybercriminals deploy malware that operates in the background of mobile devices which makes it difficult for users to realize anything is wrong. And while users think they’ve just downloaded another run-of-the-mill app, the malware is hard at work obtaining personal data.

In order to keep sensitive information out of the hands of cybercriminals, here are a few things users can look for when they need to determine whether an app is fact or fiction:

  1. Check for typos and poor grammar. Always check the app developer name, product title, and description for typos and grammatical errors. Often, malicious developers will spoof real developer IDs, even just by a single letter or number, to seem legitimate.
  2. Examine the download statistics. If you’re attempting to download a popular app, but it has a surprisingly low number of downloads, that is a good indicator that an app is most likely fake.
  3. Read the reviews. With malicious apps, user reviews are your friend. By reading a few, you can receive vital information that can help you determine whether the app is fake or not.

The Sly Operation of Grayware

With so many types of malware out in the world, it’s hard to keep track of them all. But there is one in particular that mobile device users need to be keenly aware of called grayware. As a coverall term for software or code that sits between normal and malicious, grayware comes in many forms, such as adware, spyware or madware. While adware and spyware can sometimes operate simultaneously on infected computers, madware — or adware on mobile devices — infiltrates smartphones by hiding within rogue apps. Once a mobile device is infected with madware from a malicious app, ads can infiltrate almost every aspect on a user’s phone. Madware isn’t just annoying; it also is a security and privacy risk, as some threats will try to obtain users’ data. To avoid the annoyance, as well as the cybersecurity risks of grayware, users can prepare their devices with these cautionary steps:

  1. Be sure to update your device. Grayware looks for vulnerabilities that can be exploited, so be sure to always keep your device’s software up-to-date.
  2. Beware of rogue apps. As mentioned in the previous section, fake apps are now a part of owning a smartphone. Use the tips in the above section to ensure you keep malicious apps off of your device that may contain grayware.
  3. Consider a comprehensive mobile security system. By adding an extra level of security, you can help protect your devices from threats, both old and new.

Can’t get enough mobile security tips and trends? Follow @McAfee_Home on Twitter, and like us on Facebook.

The post Cybercrime’s Most Wanted: Four Mobile Threats that Might Surprise You appeared first on McAfee Blogs.

How to Spring Clean Your Digital Life

With winter almost gone, now is the perfect time to start planning your annual spring clean. When we think about our yearly sort out, most of us think about decluttering our chaotic linen cupboards or the wardrobes that we can’t close. But if you want to minimise the opportunities for a hacker to get their hands on your private online information then a clean-up of your digital house (aka your online life) is absolutely essential.

Not Glamourous but Necessary

I totally accept that cleaning up your online life isn’t exciting but let me assure you it is a must if you want to avoid becoming a victim of identity theft.

Think about how much digital clutter we have accumulated over the years? Many of us have multiple social media, messaging and email accounts. And don’t forget about all the online newsletters and ‘accounts’ we have signed up for with stores and online sites? Then there are the apps and programs we no longer use.

Well, all of this can be a liability. Holding onto accounts and files you don’t need exposes you to all sorts of risks. Your devices could be stolen or hacked or, a data breach could mean that your private details are exposed quite possibly on the Dark Web. In short, the less information that there is about you online, the better off you are.

Digital clutter can be distracting, exhausting to manage and most importantly, detrimental to your online safety. A thorough digital spring clean will help to protect your important, online personal information from cybercriminals.

What is Identity Theft?

Identity theft is a serious crime that can have devastating consequences for its victims. It occurs when a person’s personal information is stolen to be used primarily for financial gain. A detailed set of personal details is often all a hacker needs to access bank accounts, apply for loans or credit cards and basically destroy your credit rating and reputation.

How To Do a Digital Spring Clean

The good news is that digital spring cleaning doesn’t require nearly as much elbow grease as scrubbing down the microwave! Here are my top tips to add to your spring-cleaning list this year:

  1. Weed Out Your Old Devices

Gather together every laptop, desktop computer, tablet and smartphone that lives in your house. Now, you need to be strong – work out which devices are past their use-by date and which need to be spring cleaned.

If it is finally time to part ways with your first iPad or the old family desktop, make sure any important documents or holiday photos are backed up in a few places (on another computer, an external hard drive AND in cloud storage program such as Dropbox and or iCloud) so you can erase all remaining data and recycle the device with peace of mind. Careful not to get ‘deleting’ confused with ‘erasing,’ which means permanently clearing data from a device. Deleted files can often linger in a device’s recycling folder.

  1. Ensure Your Machines Are Clean!

It is not uncommon for viruses or malware to find their way onto your devices through outdated software so ensure all your internet-connected devices have the latest software updates including operating systems and browsers. Ideally, you should ensure that you are running the latest version of apps too. Most software packages do auto-update but please take the time to ensure this is happening on all your devices.

  1. Review and Consolidate Files, Applications and Services

Our devices play such a huge part in our day to day lives so it is inevitable that they become very cluttered. Your kids’ old school assignments, outdated apps and programs, online subscriptions and unused accounts are likely lingering on your devices.

The big problem with old accounts is that they get hacked! And they can often lead hackers to your current accounts so it’s a no-brainer to ensure the number of accounts you are using is kept to a minimum.

Once you have decided which apps and accounts you are keeping, take some time to review the latest privacy agreements and settings so you understand what data they are collecting and when they are collecting it. You might also discover that some of your apps are using far more of your data than you realised! Might be time to opt-out!

  1. Update Passwords and Enable Two-Factor Authentication

As the average consumer manages a whopping 11 online accounts – social media, shopping, banking, entertainment, the list goes on – updating our passwords is an important ‘cyber hygiene’ practice that is often neglected. Why not use your digital spring cleaning as an excuse to update and strengthen your credentials?

Creating long and unique passwords using a variety of upper and lowercase numbers, letters and symbols is an essential way of protecting yourself and your digital assets online. And if that all feels too complicated, why not consider a password management solution? Password managers help you create, manage and organise your passwords. Some security software solutions include a password manager such as McAfee Total Protection.

Finally, wherever possible, you should enable two-factor authentication for your accounts to add an extra layer of defense against cyber criminals. Two-factor authentication is where a user is verified by opt-out password or one-off code through a separate personal device like a smart phone.

Still not convinced? If you use social media, shop online, subscribe to specialist newsletters then your existence is scattered across the internet. By failing to clean up your ‘digital junk’ you are effectively giving a set of front door keys to hackers and risking having your identity stolen. Not a great scenario at all. So, make yourself a cuppa and get to work!

Til Next Time

Alex xx

 

 

 

 

The post How to Spring Clean Your Digital Life appeared first on McAfee Blogs.

Beware of Back-To-School Scams

These days it seems that there is a scam for every season, and back-to-school is no different. From phony financial aid, to debt scams, and phishing emails designed to steal your identity information, there are a lot of threats to study up on.

Of course, many of these scams are just different twists on the threats we see year-round. For instance, debt collection, tax, and imposter scams, were named some of the top frauds of 2018 by the Federal Trade Commission, costing U.S. consumers over $1.48 billion. And many of the same techniques are being directed at students, graduates, and their parents.

Here’s what to watch out for:

Identity Theft— While you might think that identity theft would only be a risk to older students applying for aid, in fact over a million children were victims of identity theft in 2017, with two thirds of them under the age of eight. This is because children’s identities can be more valuable to cyber thieves as their Social Security numbers have never been used before, so they have clean credit reports that are rarely checked.

Some savvy scammers have even started to ask parents for their child’s identity information when applying for common back-to-school activities, such as joining a sports league or after school class.

Phony Tuition Fees—“Don’t lose your spot!” This is the call to action scammers are using to trick students and parents into paying a made-up tuition fee. You may receive an official looking email, or receive a call directly from scammers, hoping to take advantage of the stress that many people feel around getting into the school of their choice. Some victims of this scam have already paid tuition, but are confused by last-minute requests for a fee to save their spot.

Financial Aid Fraud—Education has become incredibly expensive in recent years, and scammers know it. That’s why they put up ads for phony financial aid, and send phishing emails, hoping to lure applicants with the promise of guaranteed assistance, or time sensitive opportunities.

Many pose as financial aid services that charge an “advance fee” to help students apply for loans. When you fill out an application the fraudsters potentially get both your money (for the “service”) and your identity information. This can lead to identity theft, costing victims an enormous amount of time and money.

Student Loan Forgiveness—We’ve seen a proliferation of social media ads and emails offering to help student borrowers reduce, or even completely forgive, their loan debt. Some of these offers are from legitimate companies that lend advice on complicated financial matters, but others are scams, charging exorbitant fees with the promise of renegotiating your debt. Just remember, debt relief companies are not permitted to negotiate federal student loans.

Phony Student Taxes—Another common scam that targets students are phony messages and phone calls from the IRS, claiming that the victim needs to immediately pay a “federal student tax”, or face arrest. Of course, this tax does not exist.

Shopping Scams—From books, clothes, and supplies, to dorm accessories, the start of the school year often means the start of an online shopping frenzy. That’s when students and parents are susceptible to phishing emails that offer “student discounts” on popular items, or claim that they “missed a delivery” and need to click on an attachment. Links in these emails often lead to phony websites that collect their payment information, or malware. The same is true for offers of cheap or “free” downloads on normally expensive textbooks.

Here are some tips to avoid these sneaky school-related scams:

  • Be suspicious of any school programs that ask for more information than they need, like your child’s Social Security number just to join a club.
  • Only shop on reputable e-commerce sites for back to school supplies. Buy textbooks from recommended providers, and avoid any “free” digital downloads. Consider installing a web advisor to steer you away from risky websites.
  • When seeking financial aid, ask a school adviser for a list of reputable sources. Avoid any offers that sound too good to be true, like “guaranteed” or zero interest loans. Remember that it does not cost money to simply apply for financial aid.
  • If you receive any threatening emails or phone calls about loans or fees, do not respond. Instead, contact your loan provider directly to check on the status of your account.
  • Avoid using unsecured public Wi-Fi on campus, since it’s easy for a hacker to intercept the information that you are sending over the network. Only connect to secure networks that require a password.
  • Install comprehensive security software all of your computers and devices. Look for software that protects you from malware, phishing attempts, and risky websites, as well as providing identity protection.

Looking for more mobile security tips and trends? Be sure to follow @McAfee Home on Twitter, and like us on Facebook.

The post Beware of Back-To-School Scams appeared first on McAfee Blogs.

Ellen DeGeneres Instagram Hack: What You Can Do to Protect Your Account

Today was not an easy morning for Ellen DeGeneres. She woke to find that her Instagram account was briefly hacked according to the talk show host’s Twitter and Yahoo Entertainment. A series of giveaways offering free Tesla cars, MacBooks, and more, were posted to the talk show host’s account last night. After seeing the posts, some of her followers became skeptical and warned her of the suspicious behavior. They were smart to flag the giveaways as untrustworthy because DeGeneres confirmed that her Instagram was in fact affected by malicious activity.

While Ellen joked about “password” not being the most secure password, it’s always a best practice to use strong passwords that differ from each of your other accounts to avoid easy break-ins from cybercriminals.

One of the central reasons hackers target social media accounts is to retrieve stored personal information. Once cybercriminals log into an account, they have access to everything that has ever been shared with the platform, such as date of birth, email, hometown, and answers to security questions. They then could potentially use this information to try to log into other accounts or even steal the person’s identity, depending on the level of information they have access to.

Another motive for hijacking a user’s social media account is to spread phishing scams or malware amongst the user’s network. In DeGeneres’ case, her 76 million Instagram followers were prompted to click on links that were scams disguised as giveaways so hackers could steal their personal information. In other cases, hackers will use adware so they can profit off of clicks and gain access to even more valuable information from you and your contacts. Sometimes these cybercriminals will post publicly on your behalf to reach your entire network, and other times they will read through private messages and communicate with your close network directly.

It’s not just celebrities that are vulnerable to cybercriminals. In fact, over 22% of internet users reported that their online accounts have been hacked at least once, and more than 14% said that they were hacked more than once. If your account gets hacked, the first step is to change your password right away and notify your network, so they don’t click on any specious links.

The good news is that by taking proper precautions, you can significantly reduce risk to help keep your account safe. Here are five best practices for protecting your social media accounts from malicious activity:

  • Use your best judgment and don’t click on suspicious messages or links, even if they appear to be posted by a friend.
  • Flag any scam posts or messages you encounter on social media to the platform, so they can help stop the threat from spreading.
  • Use unique, complicated passwords for all your accounts.
  • Avoid posting any identifying information or personal details that might allow a hacker to guess your security questions.
  • Always use comprehensive security software that can keep you protected from the latest threats.

To stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Ellen DeGeneres Instagram Hack: What You Can Do to Protect Your Account appeared first on McAfee Blogs.

How To Help Your Kids Manage Our ‘Culture of Likes’

As a mum of 4 sons, my biggest concerns about the era of social media is the impact of the ‘like culture’ on our children’s mental health. The need to generate likes online has become a biological compulsion for many teens and let’s be honest – adults too! The rush of dopamine that surges through one’s body when a new like has been received can make this like culture understandably addictive.

 

Research Shows Likes Can Make You Feel As Good As Chocolate!

The reason why our offspring (and even us) just can’t give up social media is because it can make us feel just so damn good! In fact, the dopamine surges we get from the likes we collect can give us a true psychological high and create a reward loop that is almost impossible to break. Research published in Psychological Science, a journal of the Association for Psychological Science, shows the brain circuits that are activated by eating chocolate and winning money are also activated when teens see large numbers of ‘likes’ on their own photos or photos of peers in a social network.

Likes and Self Worth

Approval and validation by our peers has, unfortunately, always had an impact on our sense of self-worth. Before the era of social media, teens may have measured this approval by the number of invitations they received to parties or the number of cards they received on their birthday. But in the digital world of the 21st  century, this is measured very publicly through the number of followers we have or the number of likes we receive on our posts.

But this is dangerous territory. Living our lives purely for the approval of others is a perilous game. If our self-worth is reliant on the amount of likes we receive then we are living very fragile existences.

Instagram’s Big Move

In recognition of the competition social media has become for many, Instagram has decided to trial hiding the likes tally on posts. Instagram believes this move, which is also being trialled in six other countries including Canada and New Zealand, will improve the well-being of users and allow them to focus more on ‘telling their story’ and less on their likes tally.

But the move has been met with criticism. Some believe Instagram is ‘mollycoddling’ the more fragile members of our community whilst others believe it is threatening the livelihood of ‘Insta influencers’ whose income is reliant on public displays of likes.

Does Instagram’s Move Really Solve Address our Likes Culture?

While I applaud Instagram for taking a step to address the wellbeing and mental health of users, I believe that it won’t be long before users simply find another method of social validation to replace our likes stats. Whether it’s follower numbers or the amount of comments or shares, many of us have been wired to view social media platforms like Instagram as a digital popularity contest so will adjust accordingly. Preparing our kids for the harshness of this competitive digital environment needs to be a priority for all parents.

What Can Parents Do?

Before your child joins social media, it is imperative that you do your prep work with your child. There are several things that need to be discussed:

  1. Your Kids Are So Much More Than Their Likes Tally

It is not uncommon for tweens and teens to judge their worth by the number of followers or likes they receive on their social media posts. Clearly, this is crazy but a common trend/ So, please discuss the irrationality of the likes culture and online popularity contest that has become a feature of almost all social media platforms. Make sure they understand that social media platforms play on the ‘reward loop’ that keep us coming back for more. Likes on our posts and validating comments from our followers provide hits of dopamine that means we find it hard to step away. While many tweens and teens view likes as a measure of social acceptance, it is essential that you continue to tell them that this is not a true measure of a person.

  1. Encourage Off-Line Activities

Help your kids develop skills and relationships that are not dependent on screens. Fill their time with activities that build face-to-face friendships and develop their individual talents. Whether it’s sport, music, drama, volunteering or even a part time job – ensuring your child has a life away from screens is essential to creating balance.

  1. Education is Key

Teaching your kids to be cyber safe and good digital citizens will minimise the chances of them experiencing any issues online. Reminding them about the perils of oversharing online, the importance of proactively managing their digital reputation and the harsh reality of online predators will prepare them for the inevitable challenges they will have to navigate.

  1. Keep the Communication Channels Open – Always!

Ensuring your kids really understand that they can speak to you about ANYTHING that is worrying them online is one of the best digital parenting insurance policies available. If they do come to you with an issue, it is essential that you remain calm and do not threaten to disconnect them from their online life. Whether it’s cyberbullying, inappropriate texting or a leak of their personal information, working with them to troubleshoot and solve problems and challenges they face is a must for all digital parents.

Like many parents, I wish I could wave a magic wand and get rid of the competition the likes culture has created online for many of our teens. But that is not possible. So, instead let’s work with our kids to educate them about its futility and help them develop a genuine sense of self-worth that will buffer them from harshness this likes culture has created.

Alex xx

The post How To Help Your Kids Manage Our ‘Culture of Likes’ appeared first on McAfee Blogs.

Backpacks Ready, Pencils Up – It’s Time for a Back-to-School #RT2Win

It’s time to unpack the suitcases and pack up those backpacks! With the summer season quickly coming to an end, it’s time to get those college cybersecurity priorities in order so you can have the best school year yet. As students across the country get ready to embark on—or return to—their college adventure, many are not proactively protecting their data according. A recent survey from McAfee. found that only 19% of students take extra steps to protect their academic records, which is surprising considering 80% of students have either been a victim of a cyberattack or know someone who has been impacted. In fact, in the first few months of 2019, publicly disclosed cyberattacks targeting the education sector increased by 50%, including financial aid schemes and identity theft.

From data breaches to phishing and ransomware attacks, hitting the books is stressful enough without the added pressure of ensuring your devises and data are secure too. But you’re in luck! Avoid being the cybersecurity class clown and head back to school in style with our A+ worthy Back-to-School RT2Win sweepstakes!

Three [3] lucky winners of the sweepstakes drawing will receive a McAfee Back-to-School Essentials Backpack complete with vital tech and cybersecurity supplies like Beats Headphones, UE BOOM Waterproof Bluetooth Speaker, Fujifilm Instax Mini 9 Instant Camera, DLINK router with McAfee Secure Home Platform, Anker PowerCore Portable Charger and so much more! ($750 value, full details below in Section 6. PRIZES). The best part? Entering is a breeze! Follow the instructions below to enter and good luck!

#RT2Win Sweepstakes Official Rules

  • To enter, go to https://twitter.com/McAfee_Home, and find the #RT2Win sweepstakes tweet.
  • The sweepstakes tweet will be released on Tuesday, August 13, 2019, at 12:00pm PT. This tweet will include the hashtags: #ProtectWhatMatters, #RT2Win AND #Sweepstakes.
  • Retweet the sweepstakes tweet released on the above date, from your own handle. The #ProtectWhatMatters, #RT2Win AND #Sweepstakes hashtags must be included to be entered.
  • Sweepstakes will end on Monday, August 26, 2019 at 11:59pm PT. All entries must be made before that date and time.
  • Winners will be notified on Wednesday, August 28, 2019, via Twitter direct message.
  • Limit one entry per person.

1. How to Win:

Retweet one of our contest tweets on @McAfee_Home that include “#ProtectWhatMatters, #RT2Win AND #Sweepstakes” for a chance to win a McAfee Back-to-School Essential Backpack (for full prize details please see “Prizes” section below). Three [3] total winners will be selected and announced on August 28, 2019. Winners will be notified by direct message on Twitter. For full Sweepstakes details, please see the Terms and Conditions, below.

#RT2Win Sweepstakes Terms and Conditions

2. How to Enter: 

No purchase necessary. A purchase will not increase your chances of winning. McAfee Back-to-School #RT2Win Sweepstakes will be conducted from August 13, 2019 through August 27, 2019. All entries for each day of the McAfee Back-to-School #RT2Win Sweepstakes must be received during the time allotted for the McAfee Back-to-School #RT2Win Sweepstakes. Pacific Daylight Time shall control the McAfee Back-to-School #RT2Win Sweepstakes, duration is as follows:

  • Begins Tuesday, August 13 at 12:00pm PST
  • Ends: Monday, August 26, 2019 at 11:59pm PST
  • Three [3] winners will be announced: Wednesday, August 28, 2019

For the McAfee Back-to-School #RT2Win Sweepstakes, participants must complete the following steps during the time allotted for the McAfee Back-to-School Sweepstakes:

  1. Find the sweepstakes tweet of the day posted on @McAfee_Home which will include the hashtags: #ProtectWhatMatters, #RT2Win and #Sweepstakes
  2. Retweet the sweepstakes tweet of the day and make sure it includes the #ProtectWhatMatters, #RT2Win, and hashtags.
  3. Note: Tweets that do not contain the #ProtectWhatMatters, #RT2Win, and #Sweepstakes hashtags will not be considered for entry.
  4. Limit one entry per person.

Three [3] winners will be chosen for the McAfee Back-to-School #RT2Win Sweepstakes tweet from the viable pool of entries that retweeted and included #ProtectWhatMatters, #RT2Win and #Sweepstakes. McAfee and the McAfee social team will choose winners from all the viable entries. The winners will be announced and privately messaged on Wednesday, August 28, 2019 on the @McAfee_Home Twitter handle. No other method of entry will be accepted besides Twitter. Only one entry per user is allowed, per Sweepstakes.  

3. Eligibility: 

McAfee Back-to-School #RT2Win Sweepstakes is open to all legal residents of the 50 United States who are 18 years of age or older on the dates of the McAfee Back-to-School #RT2Win Sweepstakes begins and live in a jurisdiction where this prize and McAfee Back-to-School #RT2Win Sweepstakes not prohibited. Employees of Sponsor and its subsidiaries, affiliates, prize suppliers, and advertising and promotional agencies, their immediate families (spouses, parents, children, and siblings and their spouses), and individuals living in the same household as such employees are ineligible.

4. Winner Selection:

Winners will be selected at random from all eligible retweets received during the McAfee Back-to-School #RT2Win Sweepstakes drawing entry period. Sponsor will select the names of three [3] potential winners of the prizes in a random drawing from among all eligible submissions at the address listed below. The odds of winning depend on the number of eligible entries received. By participating, entrants agree to be bound by the Official McAfee Back-to-School #RT2Win Sweepstakes Rules and the decisions of the coordinators, which shall be final and binding in all respects.

5. Winner Notification: 

Each winner will be notified via direct message (“DM”) on Twitter.com by August 28, 2019. Prize winners may be required to sign an Affidavit of Eligibility and Liability/Publicity Release (where permitted by law) to be returned within ten (10) days of written notification, or prize may be forfeited, and an alternate winner selected. If a prize notification is returned as unclaimed or undeliverable to a potential winner, if potential winner cannot be reached within twenty-four (24) hours from the first DM notification attempt, or if potential winner fails to return requisite document within the specified time period, or if a potential winner is not in compliance with these Official Rules, then such person shall be disqualified and, at Sponsor’s sole discretion, an alternate winner may be selected for the prize at issue based on the winner selection process described above. 

6. Prizes: 

McAFEE BACK-TO-SCHOOL ESSENTIAL BACKPACK (3)

  • Approximate ARV for Prize: $750
    • McAfee Backpack
    • McAfee Water Bottle
    • McAfee Notebook
    • D-Link Ethernet Wireless Router with McAfee Secure Home
    • McAfee Total Protection, 5 devices, 1-year subscription
    • Beats EP On-Ear Headphones
    • Ultimate Ears BOOM Portable Waterproof Bluetooth Speaker
    • Fujifilm Instax Mini 9 Instant Camera with Mini Film Twin Pack
    • Tile Mate – Anything Finder
    • Anker PowerCore 10000, Portable Charger

Limit one (1) prize per person/household. Prizes are non-transferable, and no cash equivalent or substitution of prize is offered.

The prize for the McAfee Back-To-School #RT2Win Sweepstakes is a ONE (1) Back-to-School Essential Backpack, complete with the above supplies, for each of the three (3) entrants. Entrants agree that Sponsor has the sole right to determine the winners of the McAfee Back-to-School #RT2Win Sweepstakes and all matters or disputes arising from the McAfee Back-to-School #RT2Win Sweepstakes and that its determination is final and binding. There are no prize substitutions, transfers or cash equivalents permitted except at the sole discretion of Sponsor. Sponsor will not replace any lost or stolen prizes. Sponsor is not responsible for delays in prize delivery beyond its control. All other expenses and items not specifically mentioned in these Official Rules are not included and are the prize winners’ sole responsibility.

7. General Conditions: 

Entrants agree that by entering they agree to be bound by these rules. All federal, state, and local taxes, fees, and surcharges on prize packages are the sole responsibility of the prizewinner. Sponsor is not responsible for incorrect or inaccurate entry information, whether caused by any of the equipment or programming associated with or utilized in the McAfee Back-to-School #RT2Win Sweepstakes, or by any technical or human error, which may occur in the processing of the McAfee Back-to-School #RT2Win Sweepstakes. entries. By entering, participants release and hold harmless Sponsor and its respective parents, subsidiaries, affiliates, directors, officers, employees, attorneys, agents, and representatives from any and all liability for any injuries, loss, claim, action, demand, or damage of any kind arising from or in connection with the McAfee Back-to-School #RT2Win Sweepstakes, any prize won, any misuse or malfunction of any prize awarded, participation in any McAfee Back-to-School #RT2Win Sweepstakes-related activity, or participation in the McAfee Back-to-School #RT2Win Sweepstakes. Except for applicable manufacturer’s standard warranties, the prizes are awarded “AS IS” and WITHOUT WARRANTY OF ANY KIND, express or implied (including any implied warranty of merchantability or fitness for a particular purpose).

8. Limitations of Liability; Releases:

By entering the Sweepstakes, you release Sponsor and all Released Parties from any liability whatsoever, and waive any and all causes of action, related to any claims, costs, injuries, losses, or damages of any kind arising out of or in connection with the Sweepstakes or delivery, misdelivery, acceptance, possession, use of or inability to use any prize (including claims, costs, injuries, losses and damages related to rights of publicity or privacy, defamation or portrayal in a false light, whether intentional or unintentional), whether under a theory of contract, tort (including negligence), warranty or other theory.

To the fullest extent permitted by applicable law, in no event will the sponsor or the released parties be liable for any special, indirect, incidental, or consequential damages, including loss of use, loss of profits or loss of data, whether in an action in contract, tort (including, negligence) or otherwise, arising out of or in any way connected to your participation in the sweepstakes or use or inability to use any equipment provided for use in the sweepstakes or any prize, even if a released party has been advised of the possibility of such damages.

  1. To the fullest extent permitted by applicable law, in no event will the aggregate liability of the released parties (jointly) arising out of or relating to your participation in the sweepstakes or use of or inability to use any equipment provided for use in the sweepstakes or any prize exceed $10. The limitations set forth in this section will not exclude or limit liability for personal injury or property damage caused by products rented from the sponsor, or for the released parties’ gross negligence, intentional misconduct, or for fraud.
  2. Use of Winner’s Name, Likeness, etc.: Except where prohibited by law, entry into the Sweepstakes constitutes permission to use your name, hometown, aural and visual likeness and prize information for advertising, marketing, and promotional purposes without further permission or compensation (including in a public-facing winner list).  As a condition of being awarded any prize, except where prohibited by law, winner may be required to execute a consent to the use of their name, hometown, aural and visual likeness and prize information for advertising, marketing, and promotional purposes without further permission or compensation. By entering this Sweepstakes, you consent to being contacted by Sponsor for any purpose in connection with this Sweepstakes.

9. Prize Forfeiture:

If winner cannot be notified, does not respond to notification, does not meet eligibility requirements, or otherwise does not comply with the prize McAfee Back-to-School #RT2Win Sweepstakes rules, then the winner will forfeit the prize and an alternate winner will be selected from remaining eligible entry forms for each McAfee Back-to-School #RT2Win Sweepstakes.

10. Dispute Resolution:

Entrants agree that Sponsor has the sole right to determine the winners of the McAfee Back-to-School #RT2Win Sweepstakes and all matters or disputes arising from the McAfee Back-to-School #RT2Win Sweepstakes and that its determination is final and binding. There are no prize substitutions, transfers or cash equivalents permitted except at the sole discretion of Sponsor.

11. Governing Law & Disputes:

Each entrant agrees that any disputes, claims, and causes of action arising out of or connected with this sweepstakes or any prize awarded will be resolved individually, without resort to any form of class action and these rules will be construed in accordance with the laws, jurisdiction, and venue of New York.

12. Privacy Policy: 

Personal information obtained in connection with this prize McAfee Back-to-School #RT2Win Sweepstakes will be handled in accordance policy set forth at http://www.mcafee.com/us/about/privacy.html.

  1. Winner List; Rules Request: For a copy of the winner list, send a stamped, self-addressed, business-size envelope for arrival after August 13,2019 before August 27, 2019 to the address listed below, Attn: #RT2Win at CES Sweepstakes.  To obtain a copy of these Official Rules, visit this link or send a stamped, self-addressed business-size envelope to the address listed in below, Attn: Sarah Grayson. VT residents may omit return postage.
  2. Intellectual Property Notice: McAfee and the McAfee logo are registered trademarks of McAfee, LLC. The Sweepstakes and all accompanying materials are copyright © 2019 by McAfee, LLC.  All rights reserved.
  3. Sponsor: McAfee, LLC, Corporate Headquarters 2821 Mission College Blvd. Santa Clara, CA 95054 USA
  4. Administrator: LEWIS, 111 Sutter St., Suite 850, San Francisco, CA 94104

The post Backpacks Ready, Pencils Up – It’s Time for a Back-to-School #RT2Win appeared first on McAfee Blogs.

School of Cyberthreats: 3 Attacks Impacting Today’s Schools

Educational institutions are data-rich gold mines. From student and employee records to sensitive financial information, schools contain a plethora of data that can be obtained by cybercriminals rather easily due to lack of security protocols. This fact has cybercriminals pivoting their strategies, leading to a recent uptick in attacks on the education sector in the United States and around the world. In fact, there are three main threats impacting schools — data breaches, phishing, and ransomware. Let’s take a look at each of these threats, how cybercriminals have executed them, and the precautions students can take in the future.

Data Breaches

Nearly half of the cyberattacks that impacted schools in 2018 were data breaches, which occur when an unauthorized, third-party gains access to a school’s network. From there, cybercriminals gain access to a host of private information on employees and students, including names, dates of birth, addresses, phone numbers, email addresses, and Social Security numbers. After an attack of this nature occurs, educational institutions reassess their current cybersecurity strategy. This usually entails revisiting privacy settings and reviewing all security protocols. 

Phishing

Even the savviest email user can fall for a phishing scheme. These types of schemes usually entail tricking teachers or students out of private information or money. When cybercriminals send emails with fraudulent links, unsuspecting users click on that link because the web address is usually only off by one or two letters. Once the scammer has been given access through the malicious link, they get to work obtaining private information contained on the device. Using this data, they can enact further schemes. There have even been cases of cybercriminals impersonating deans or teachers asking for gift cards, which is a type of spear-phishing where scammers take the information they have obtained about a victim and use it to their advantage. The good news? Users can prevent against these sneaky attacks by staying vigilant and applying security best practices.

Ransomware

When ransomware hits, schools don’t really have a lot of options. If they have data backups in place, then they don’t have to pay the ransom, otherwise educational institutions have no choice but to completely shut down. Considering how much technology has been integrated into classrooms, this isn’t surprising. A ransomware attack usually occurs when a school district’s system is infiltrated by a virus intending to bring operations to a halt. Cybercriminals hold systems hostage for a certain amount of money or ransom until the district decides to pay. The data that is held can range from a variety of things – lesson plans, financial information, personal employee and student records. There aren’t many ways for schools to bypass these types of attacks unless they are prepared beforehand. One way to be prepared is to back up files in multiple places, such as an external hard drive or cloud.

With the uptick in overall cyberthreats against schools, more and more educational institutions need to put protocols into place to avoid the multitude of ever-growing threats. However, students can do their part in prioritizing cybersecurity by following these tips to ensure personal data is secure:

  1. Watch what you are clicking. Phishing schemes are becoming craftier. A too good to be true study guide or deal on a textbook might end in a compromised system. It is always best to check directly with the source of the email or link before handing over money or data.
  2. Make sure you recognize the sender. When responding to a message, first check to see if you recognize the sender’s name and email address. If it looks strange, ignore the message. If you are unsure, check with the sender in person.
  3. Never reuse passwords. Many users reuse the same passwords or slight variations of it, across all of their accounts. That means if a hacker uncovers one password, all other accounts are put at risk. So, it is crucial to use different passcodes to ensure hackers cannot obtain access to all of your accounts.
  4. Stay on a secure network. If you connect to public Wi-Fi, be sure the network is secure. If it is not, consider using a virtual private network (VPN).
  5. Install security software on all devices. Security doesn’t begin or end with personal computers. All devices need to be protected with comprehensive security software, including mobile devices and tablets.
  6. Make sure all device software is up-to-date. This is one of the easiest and best ways to secure devices against threats, as developers are constantly releasing patches for vulnerabilities and flaws.

And as always, if you are interested in learning more about IoT and mobile security trends and information, follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post School of Cyberthreats: 3 Attacks Impacting Today’s Schools appeared first on McAfee Blogs.