Category Archives: cybersafety

Are Your Kids Part of the TikTok App Craze? Here’s What Parents Need to Know

What phone app has over 150 million active users and more than 14 million uploads every day? You might guess Facebook, Instagram, or Snapchat, but you’d be wrong. Meet TikTok — a video app kids are flocking to that’s, no doubt, tons of fun but also carries risk.

What Is It?

TikTok is a free social media app that allows users to create and share short 15-second videos set to favorite music. If your child was a fan of Musical.ly, then he or she is probably active on TikTok since Musical.ly shut down last year and moved all of its users to TikTok. Kids love the app because it’s got all the social perks — music, filters, stickers — and the ability to amass likes and shares (yes, becoming TikTok-famous is an aspiration for some).

The Upside

There are a lot of positive things about this app. It’s filling the void of the sorely missed Vine app in that it’s a fun hub for video creation and peer connection. Spending time on TikTok will make you laugh out loud, sing, and admire the degree of creativity so many young users put into their videos. You will see everything from heartfelt, brave monologues, to incredible athletic stunts, to hilarious, random moments in the lives of teens. It’s serious fun.

Another big positive is the app appears to take Digital Wellbeing (tools in the app that encourage screen time), privacy, and online safety seriously. Its resources tab is rich with tips for both parents and kids.

The (Potential) Downside

As with any other social app, TikTok carries inherent risks, as reported by several news sources, including ABC.

For instance, anyone can view your child’s videos, send a direct message, and access their location information. And, while TikTok requires that users are at least 13 years old to use the app and anyone under 18 must have parent’s approval, if you browse the app, you’ll quickly find that plenty of preteens are using it. A predator could easily create a fake account or many accounts to strike up conversations with minors.

Another danger zone is inappropriate content. While a lot of TikTok content is fun and harmless, there’s a fair share of the music that includes explicit language and users posting content that should not be viewed by a young audience.

And, wherever there’s a public forum, there’s a risk of cyberbullying. When a TikTok user posts a video, that content instantly becomes open for public comment or criticism and dialogue can get mean.

Talking Points for Families

Most social media apps have an inherent risk factor because the world wide web is just that — much of the planet’s population in the palm of your child’s hand. Different age groups and kids will use apps differently. So, when it comes to apps, it’s a good idea to monitor how your child uses each app and tailor conversations from there.

  • Download the app. If your child uses TikTok, it’s a good idea to download the app too. Look around inside the community. Analyze the content and the culture. Are the accounts your child follows age appropriate? Are the comments and conversations positive? Does your child know his or her followers? Is your child posting appropriately?
  • Talk about the risks. Spend time with your child and watch how he or she uses TikTok. Let them teach you why they love it. Encourage creativity and fun, but don’t hesitate to point out danger zones and how your child can avoid them.
  • Monitor direct messages. This may seem invasive, but a lot of the safety threats to your child take place behind the curtain of the public feed in direct messages. Depending on the age of your child (and the established digital ground rules of your family) consider requiring access to his or her account.
  • Adjust settings. Make sure to click account settings to ‘private’ so only people your child knows can access his or her content and send direct messages. Also, turn off location services and consider getting comprehensive security software for all family devices.

Apps are where the fun is for kids so you can bet your child will at least check out buzz-worthy platforms like TikTok. They may browse, or they may become content creators. Your best social monitoring tool is to keep an open dialogue with your child. Keep talking with your kids about what’s going on in their digital life — where they hang out, who their friends are, and what’s new.  You may get some resistance but don’t let that stop you from doing all you can to keep your family safe online.

The post Are Your Kids Part of the TikTok App Craze? Here’s What Parents Need to Know appeared first on McAfee Blogs.

Game Golf Exposure Leaves Users in a Sand Trap of Data Concerns

Apps not only provide users with a form of entertainment, but they also help us become more efficient or learn new things. One such app is Game Golf, which comes as a free app, a paid pro version with coaching tools, or with a wearable analyzer. With over 50,000 downloads on Google Play, the app helps golfers track their on-course performance and use the data to help improve their game. Unfortunately, millions of golfer records from the Game Golf app were recently exposed to anyone with an internet connection, thanks to a cloud database lacking password protection.

According to researchers, this exposure consisted of millions of records, including details on 134 million rounds of golf, 4.9 million user notifications, and 19.2 million records in an activity feed folder. Additionally, the database contained profile data like usernames, hashed passwords, emails, gender, Facebook IDs, and authorization tokens. The database also contained network information for the company behind the Game Golf app, Game Your Game Inc., including IP addresses, ports, pathways, and storage information that cybercrooks could potentially exploit to further access the network. A combination of all of this data could theoretically provide cybercriminals with more information on the user, creating greater privacy concerns. Thankfully, the database was secured about two weeks after the company was initially notified of the exposure.

Although it is still unclear as to whether cybercriminals took a swing at this data, the magnitude of the information exposed by the app is cause for concern. Luckily, users can follow these tips to help safeguard their data:

  • Change your passwords. If a cybercriminal got a hold of the exposed data, they could easily gain access into other online accounts if your login credentials were the same across different platforms. Err on the side of caution and change your passwords to something strong and unique for each account.
  • Check to see if you’ve been affected. If you’ve used the Game Golf app and believe your data might have been exposed, use this tool to check or set an alert to be notified of other potential exposures.
  • Secure your online profiles. Use a security solution like McAfee Safe Connect to encrypt your online activity, help protect your privacy by hiding your IP address, and better defend against cybercriminals.

And, of course, to stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Game Golf Exposure Leaves Users in a Sand Trap of Data Concerns appeared first on McAfee Blogs.

3 Tips for Protecting Against the New WhatsApp Bug

Messaging apps are a common form of digital communication these days, with Facebook’s WhatsApp being one of the most popular options out there. The communication platform boasts over 1.5 billion users – who now need to immediately update the app due to a new security threat. In fact, WhatsApp just announced a recently discovered security vulnerability that exposes both iOS and Android devices to malicious spyware.

So, how does this cyberthreat work, exactly? Leveraging the new WhatsApp bug, cybercriminals first begin the scheme by calling an innocent user via the app. Regardless of whether the user picks up or not, the attacker can use that phone call to infect the device with malicious spyware. From there, crooks can snoop around the user’s device, likely without the victim’s knowledge.

Fortunately, WhatsApp has already issued a patch that solves for the problem – which means users will fix the bug if they update their app immediately. But that doesn’t mean users shouldn’t still keep security top of mind now and in the future when it comes to messaging apps and the crucial data they contain. With that said, here are a few security steps to follow:

  • Flip on automatic updates. No matter the type of application or platform, it’s always crucial to keep your software up-to-date, as fixes for vulnerabilities are usually included in each new version. Turning on automatic updates will ensure that you are always equipped with the latest security patches.
  • Be selective about what information you share. When chatting with fellow users on WhatsApp and other messaging platforms, it’s important you’re always careful of sharing personal data. Never exchange financial information or crucial personal details over the app, as they can possibly be stolen in the chance your device does become compromised with spyware or other malware.
  • Protect your mobile phones from spyware. To help prevent your device from becoming compromised by malicious software, such as this WhatsApp spyware, be sure to add an extra layer of security to it by leveraging a mobile security solution. With McAfee Mobile Security being available for both iOS and Android, devices of all types will remain protected from cyberthreats.

And, as always, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post 3 Tips for Protecting Against the New WhatsApp Bug appeared first on McAfee Blogs.

Privacy Awareness Week 2019 – Are You In The Dark About Your Online Privacy?

If you haven’t given your online privacy much attention lately then things need to change. In our era of weekly data breaches, the ‘I’ve got nothing to hide’ excuse no longer cuts it. In my opinion, ensuring your privacy is protected online is probably more important than protecting your home and car! A sloppy approach to online privacy can have devastating ramifications to your financial health, your career and even your physical wellbeing.

This week is Privacy Awareness Week in Australia – a great reminder to give our online privacy a ‘check-up’ and work out what we can do to ensure the information we share online (and who sees it) is locked down.

What Do We Need to Protect?

When we think about online privacy, we often think about protecting our password and financial data online. But it’s a little more complicated. There are 2 categories of information that we share in our online life that requires protection.

  1. Personally Identifying Information (PII) – this includes our name, birthdate, address and Medicare number
  2. Non-Personally Identifying Information – this includes the information about what we do online. It’s a combination of the websites we visit, what we buy online, our online searches and the pages we like on our social media profiles. Our online activity creates a digital folder about ourselves and many companies just love this data so they can send targeted ads your way. Ever wondered why you receive ads about holiday destinations after a few wishful holiday Google searches?

Without adequate online privacy, all the information about our online activities can be collected and analysed by third parties. In fact, data collected (legally) about you by websites can be very lucrative! Companies, known as data brokers, collect and maintain data on millions on people and charge handsomely for their services!

Why Do I Need To Worry About My Online Privacy?

Just think for a moment about some of the information that is stored about you online…

  • Your PII is stored in the background of probably every online account you have including social media, news and banking
  • Your online banking and superannuation sites contain details of all your accounts and your net worth
  • Your health and taxation records maybe accessible online which may contain sensitive information you would prefer not to be shared
  • If you haven’t disabled location services on your phone, your whereabouts can be tracked by clever parties on a daily basis
  • Your pictures and videos

While some of this information is stored without your control, there are steps you can take to tighten up access.

Now, think about your daily online activity…

  • Anything you order online via your web browser can be recorded
  • Anytime you send an email with sensitive information, there is a risk this will also be shared
  • Anytime you pay on the go using a facility like Apple Pay, your purchase will be tracked
  • Anything you search for, the articles you read, the movie tickets you buy and even your weekly online grocery order can be tracked

If this comes as a shock to you then you’re not alone. Many Aussies have been in the dark about what information is available about them online. But, don’t throw the towel in – there are strategies to tighten up your online privacy.

How To Get Your Online Privacy Under Control

There are a few simple steps you can take to lock down your valuable online information. So, make yourself a nice cuppa and let’s get to work:

  1. Manage Your Passwords

Your online passwords are as important as your house keys. In fact, in many cases, it is the only thing stopping cybercriminals from accessing our vital information that we have saved online. So, if you want to tighten up access to your online banking, your social media platforms and your favourite online shopping sites then you need to think carefully about how you manage your passwords.

Passwords need to be complex and unique with at least 8-10 characters and a combination of letters, numbers and symbols. And each of your online accounts should have a separate password which should be changed regularly. Too hard? Consider a Password Manager which creates and manages complex passwords for each of your online accounts – a complete no brainer!! McAfee’s Total Protection software includes a Password Manager which stores, auto-fills and generates unique passwords for all your online accounts. All you need to do is remember one master password! Easy!

And don’t forget, if one of your online accounts is affected by a data breach, then you need to change that password ASAP. If you have a password manager, simply have it generate another password for you.

  1. Use Public Wi-Fi With Caution

If you are serious about your online privacy then you need to use public Wi-Fi sparingly. Unsecured public Wi-Fi is a very risky business. Anything you share could easily find its way into the hands of cybercriminals. So, please avoid sharing any sensitive or personal information while using public Wi-Fi. If you travel regularly or spend the bulk of your time on the road then consider investing in a VPN. A VPN (Virtual Private Network) encrypts your activity which means your login details and other sensitive information is protected. McAfee has a great VPN product called Safe Connect. An excellent insurance policy!

  1. Use 2-Factor Authentication

Adding an additional layer of security to protect yourself when accessing your online accounts is another great way of guarding your online privacy. Turn on two-factor authentication for Google, Dropbox, Facebook and whatever other site offers it. For those new to this option, this means that in addition to your password, you will need to provide another form of identification to ensure you are who you say you are. Most commonly, this is a code sent to your mobile phone or generated by a smart phone app.

  1. Keep Your Software Updated

Software updates and patches are often designed to address a security vulnerability so ALWAYS install them so the bad guys can’t take advantage of security hole in your system. If it all becomes to hard, why not automate the updates?

  1. Invest in Security Software for ALL Your Devices

Installing comprehensive security software on all your devices including laptops, tablets and smartphones adds another layer of protection to your vital online information. Check out McAfee’s Total Protection software that will ensure you and your devices are protected against viruses, malware spyware and ransomware.

  1. Consider a Search Engine that Doesn’t Track Your Every Move Online

If you would prefer that your search engines didn’t collect and store the information you enter then consider an alternative ‘privacy focussed’ search engine. Check out DuckDuckGo that doesn’t profile users or track or sell your information to third parties.

  1. Delete All Cookies

Cookies are another way your online activity can be tracked. While some are harmless and used to simply remember things about you such as your login information and language, others known as  tracking cookies remain permanently constantly gathering information about your behaviour and what you click on. So, let’s get rid of them! Head into your web browser’s Privacy settings and clean them out.

So, let’s get our online privacy under control this Privacy Awareness Week. But don’t forget about your kids and elderly relatives too! Proactively managing one’s online privacy needs to be a priority for everyone. Why not start a conversation at the dinner table? Perhaps give the family a daily privacy related task every day during Privacy Awareness Week? For example:

Monday – Clean up your passwords or set up a Password Manager

Tuesday –  Research a VPN

Wednesday – Set up 2 factor authentication

Thursday – Ensure all your software is up to date and set up auto-updates where possible

Friday – Research privacy focussed search engines and delete all cookies

Over to you mums and dads. Would love to hear how you go.

Alex xx

 

 

The post Privacy Awareness Week 2019 – Are You In The Dark About Your Online Privacy? appeared first on McAfee Blogs.

Avoid a Security Endgame: Learn About the Latest “Avengers” Scam

Marvel Studio’s $2.2 billion box-office hit “Avengers: Endgame” has quickly risen to the second-highest grossing film of all time in its first two weekends. Not surprisingly, cybercriminals have wasted no time in capitalizing on the movie’s success by luring victims with free digital downloads of the film. How? By tempting users with security shortcuts so they can watch the film without worrying about spoilers or sold-out movie tickets.

When a victim goes to download the movie from one of the many scam sites popping up around the web, the streaming appears to begin automatically. What the user doesn’t know is that the footage being streamed is just from the movie’s trailer. Soon after, a message pops up stating that the user needs to create an account to continue with the download. The “free” account prompts the user to create a username and password in advance, which could potentially be useful for cybercriminals due to the common practice of password reuse. Once a victim creates an account, they are asked for billing information and credit card details in order to “verify location” and make sure the service is “licensed to distribute” the movie in the victim’s region. These crooks are then able to scrape the victim’s personal and financial data, potentially leading to online account hacks, stolen funds, identity theft, and more.

Luckily, Marvel fans can protect their online data to avoid a cybersecurity endgame by using the following tips:

  • Look out for potential scam activity. If it seems too good to be true, then it probably is. Be wary of websites promising free movie downloads, especially for movies that are still in theaters.
  • Shield your financial data. Be suspicious of “free downloads” that still require you to fill out billing information. If an unknown website asks for your credit card information or your bank account data, it’s best to avoid the site altogether.
  • Make sure your credentials are unique. With this scam, threat actors could use the login credentials provided by the victim to access their other accounts if they didn’t have a unique login. Avoiding username and password reuse makes it a lot harder for cybercriminals to hack into your other online accounts if they gain access to one.
  • Assemble a team of comprehensive security tools. Using a tool like McAfee WebAdvisor can help you avoid dangerous websites and links and will warn you in the event that you do accidentally click on something malicious.

And, as always, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post Avoid a Security Endgame: Learn About the Latest “Avengers” Scam appeared first on McAfee Blogs.

Protect Your Digital Life: Why Strong Passwords Matter

Over the years, our lives have become more and more digital. Think about it: 20 years ago, no one was using banking apps and social media had just barely begun coming to fruition. Now, many of us are reliant on mobile banking to pay our bills and we check our favorite social media platforms multiple times a day. Our lives exist almost entirely online with our sensitive personal data shielded by password protection — from our financials to our official documentation, personal photos and more. With so much of our personal data relying on the strength of our online passwords, it’s vital that users stay up-to-date on the latest password security practices. As we take the time to recognize World Password Day, it’s important to think about why passwords matter and how you’re safeguarding your personal information online.

 

 

Think about all of the online data you have that is password protected: your email, your social media accounts, your online banking profile, your movie and TV streaming service, the list goes on and on. If you aren’t following best practices for password security and just one of your passwords is exposed or breached, this could potentially lead to cybersecurity turmoil. For example, an Android app that helped users find and connect to free Wi-Fi hotspots recently left its database of more than 2 million network passwords exposed. While the app claimed to only share public hotspots, many were found to be home wireless networks thanks to the precise GPS location data that was also stored in the database. Now imagine that one of the victims of this password exposure utilized the same credentials for their online banking profile. If their password ended up in the wrong hands, a cybercriminal could potentially access the user’s financial data, leading to fraudulent charges or even identity theft. As you can see, creating a strong and unique password could mean the difference between keeping your online data safe and being at risk of a cyberattack.

Many people just go through the motions when creating passwords instead of taking the time to consider what exactly their credentials are protecting. World Password Day is the perfect opportunity to be diligent about revamping passwords. Check out the following tips to take your password security to the next level:

  • See if your passwords have been exposed. Go to a site such as HaveiBeenPwned to see if your password(s) have been compromised in a breach. Change them if you find that your credentials may have been jeopardized.
  • Layer up your passwords. Passwords should always contain a variety of capital and lowercase letters, numbers, and symbols. Today, many systems enforce password requirements during the account set-up process to ensure password strength.
  • Choose unique passwords across all of your accounts. Many consumers utilize the same password, or variations of it, across all of their accounts. This means if a hacker discovers just one password, all personal data is suddenly at risk. Therefore, it is crucial to diversify your passcodes to ensure hackers cannot obtain access to all of your accounts at once, should one password be compromised.
  • Use a password manager. Since it can be difficult to remember multiple complex passwords, use a password manager to keep track. With password managers, you’ll only need to remember one master password, in order to access the rest. Many password managers can also generate strong passwords to utilize when creating new logins.
  • Enable two or multi-factor authentication. Two or multi-factor authentication provides an extra layer of security, as it requires multiple forms of verification. This reduces the risk of successful impersonation by hackers.

And, as always, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post Protect Your Digital Life: Why Strong Passwords Matter appeared first on McAfee Blogs.

The “Nasty List” Phishing Scam Is out to Steal Your Instagram Login

How often do you check your social media accounts? According to a recent study, internet users spend an average of 2 hours and 22 minutes per day on social networking platforms. Since users are pretty reliant on social media, cybercriminals use it as an avenue to target victims with various cyberattacks. The latest social media scheme called “The Nasty List” scams users into giving up their Instagram credentials and uses their accounts to further promote the phishing scam.

So, how exactly do hackers trick innocent users into handing over their login information? Cybercriminals spread this scam by sending messages through hacked accounts to the user’s followers, stating that they were spotted on a “Nasty List.” These messages will read something like “OMG your actually on here, @TheNastyList_34, your number is 15! its really messed up.” If the recipient visits the profile listed in the message, they will see a link in the profile description. An example of one URL that has been listed in these scam profiles is nastylist-instatop50[.]me. The user is tricked into believing that this link will supposedly allow them to see why they are on this list. This link brings up what appears to be a legitimate Instagram login page. When the victim enters their credentials on the fake login page, the cybercriminals behind this scheme will be able to take over the account and use it to further promote the scam.

Images courtesy of Bleeping Computer.
Images courtesy of Bleeping Computer.

Fortunately, there are a number of steps Instagram users can take to ensure that they don’t fall victim to this trap. Check out the following tips:

  • Be skeptical of messages from unknown users. If you receive a message from someone you don’t know, it’s best to ignore the message altogether or block the user. Additionally, if you think a friend’s social media account has been compromised, look out for spelling mistakes and grammatical errors in their message, which are common in these scams.
  • Exercise caution when inspecting links sent to your messages. Always inspect a URL before you click on it. In the case of this scam, the URL that appears with the fake login page is clearly incorrect, as it ends in a [.]me.
  • Reset your password. If your account was hacked by ‘The Nasty List’ but you still have access to your account, reset your password to regain control of your account.

And, as usual, to stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home  on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post The “Nasty List” Phishing Scam Is out to Steal Your Instagram Login appeared first on McAfee Blogs.

The Mute Button: How to Use Your Most Underrated Social Superpower

For a Monday, the school day was turning out to be surprisingly awesome. Mackenzie sat with friends at lunch, chatted with her favorite teacher, and aced her English test.

Then came the shift.

It happened between 5th and 6th period when Mackenzie checked her Instagram account. One glance showed several posts from the popular girls (yet another party I wasn’t invited to, she thought). She saw her friend Emma’s Spring Break photos (how can someone look that good in a bikini, she wondered) followed by several whos-dating-who posts from blissful looking couples (when is someone going to love me, she mused). In less than 60 seconds, the images and comments Mackenzie saw had the power to subtly alter her heart and mind.

FOMO

Mackenzie isn’t alone. Studies have repeatedly linked Social networks with high levels of anxiety, depression, bullying and an emotional phenomenon called FOMO (fear of missing out) among teens and — if we’re honest — among plenty of adults.

We can’t control the perpetual stream of photos, comments, and videos that flood our social feeds. Social is here to stay, and to some extent, most of us are required to be online. However, we can control the amount and the quality of the content that comes at us. And, we can teach our kids to do the same.

It’s called the mute button, and it could be your family’s most underrated superpower when it comes to enjoying life online. Many people either don’t know about their mute button or forget they have it.

The mute button allows you to turn off someone’s feed (yes—make it vanish) without the awkwardness of unfollowing or unfriending them. The cool part: No one knows you’ve muted them, so there are no hurt feelings. You can still view a muted person’s profile, and they can see yours. You can send or receive direct messages as if everything were copacetic.

How to mute

Thankfully, you can mute people easily on most social networks.

To mute someone on Instagram, go to the person’s page, find to the three little dots in the top upper right of the page, click and choose mute (you can choose to mute their feed and their stories). You can mute someone on Facebook by going to the person’s main page and clicking the “friends” button under their photo. You will have the option to “unfollow,” which will mute the person’s content but allow you to stay friends. On Twitter, you can stop seeing a person’s tweets by going to the three dots in the top upper right corner and choosing “mute.”

This simple, powerful click will allow you to curate what you see in your feed every day and instantly block the content that is annoying or negative. The result? Fewer emotional darts are flying at you randomly throughout the day and, hopefully, a more enjoyable, positive experience online.

When to mute

What’ s considered annoying or offensive to one person may be entirely acceptable and even enjoyable to someone else. So, the reasons for muting someone can vary greatly.

A few reasons to mute might be: 

  • Inappropriate or offensive content
  • Mean, bullying, or reckless content
  • Posting too frequently
  • Excessive bragging, boasting, or self-promotion
  • Content that negatively impacts your mental health
  • Non-stop political posts or rants
  • Too many selfies
  • Graphic or disturbing images or videos
  • Constant negative or critical posts
  • Useless, uninteresting, or tedious information
  • Monopolizing conversations
  • Perpetual personal drama
  • Too much content on one topic

Talking points for families

Editing your social circle is okay. The voices that surround you have influence, so choose the voices you surround yourself with carefully. Also, being “friends” with 1,000 or even 300 people isn’t realistic or reflective of real life. Remind kids: That tug (or compulsion) you feel to like, comment, post, or chime in online should not rule your time or your mind. You (and your family) may be surprised how good it feels to whittle down the number of voices you allow into your day.

Pay attention to emotional triggers. In many ways, you are what you consume online. Ask yourself: Is this person’s account positive or negative? Does it make me feel included and worthy or excluded and less-than? Do I feel jealous, annoyed, or negative when I see this person’s updates, photos, or tweets? Edit boldly. You can mute negative accounts temporarily or permanently without guilt.

Less noise, less clutter. If you want things to be different, you have to do things differently, and this applies online. Forming your thoughts and opinions is much more difficult when you are constantly absorbing other people’s ideas. The less digital clutter, the more room for quiet contemplation and self-awareness, which is always a good idea for young and older mind minds alike.

Be brave, be you. Kids pay far more attention to friend and follower counts than adults do. They consider it intentional rejection when someone unfollows or unfriends them online. For that reason, you may need to reiterate the importance of putting mental health before popularity or people pleasing. Remind them: It’s okay to mute, unfollow, or unfriend any person who is not a positive influence on your heart and mind.

No one is everyone’s favorite. It’s impossible to like everyone or be liked by everyone — impossible. There will always be individuals who will get under your skin. And, at times, people may feel the same about you. This is a normal part of human relationships. This reality makes striving to be liked by everyone online an impossible, exhausting task.

The digital world is packed with ever-changing social complexities. Seemingly casual clicks can trigger an avalanche of positive or negative emotions that can take their toll (whether we realize it or not). Helping your child think proactively about content and take responsibility for the content comes across his or her screen, is more important than ever in raising wise, healthy digital kids.

The post The Mute Button: How to Use Your Most Underrated Social Superpower appeared first on McAfee Blogs.

Emilia Clarke Is the Most Dangerous Game of Thrones® Celebrity

The net is dark and full of terrors, especially for fans of HBO’s popular show Game of Thrones®. As followers of the series gear up for the premiere of the eighth and final season on April 14th, fans may have more than just White Walkers to worry about. According to McAfee’s study on the Most Dangerous Celebrities, it turns out that search results for Emilia Clarke are among those most likely to be infected with malware.

In fact, the actress who portrays Daenerys Targaryen in the TV drama came in at #17 of our 2018 Most Dangerous Celebrities study. Cybercriminals use the allure of celebrities – such as Clarke – to trick unsuspecting users into visiting malicious websites. These sites can be used to install malware on a victim’s device or steal their personal information or passwords. With the premiere of the new season right around the corner, it’s likely that cybercrooks will take advantage of the hype around the show to lure supporters into their trap.

Thankfully, there are plenty of ways fans can keep up with the show and characters without putting their online safety at risk. Follow these tips to pledge your allegiance to your cybersafety:

  • Refrain from using illegal streaming sites. When it comes to dangerous online behavior, using illegal streaming sites is the equivalent of spreading the Mad King’s wildfire to your device. Many illegal streaming sites are riddled with malware or adware disguised as pirated video files. Do your device a favor and stream the show from a reputable source.
  • Be careful what you click. Don’t bend the knee to hackers who tempt users to click on their malicious sites. Users looking for information on the new season should be careful and trust only reliable sources. The safest option is to wait for the official release instead of visiting a potentially malware-ridden third-party website.
  • Keep your device software updated. Install new system and application updates on your devices as soon as they’re available. These updates often include security fixes that can help protect your laptop or computer from an army of undead software bugs.
  • Protect your online realm with a cybersecurity solution. Send your regards to malicious actors with a comprehensive security solution like McAfee Total Protection. This can help protect you from malware, phishing attacks, and other threats. It also includes McAfee WebAdvisor, which helps alert users of malicious websites.

We wish you good fortune in the browsing to come. To stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

McAfee and the McAfee logo are trademarks or registered trademarks of McAfee, LLC or its subsidiaries in the United States and other countries. Other names and brands may be claimed as the property of others. Copyright ©2019 McAfee, LLC

The post Emilia Clarke Is the Most Dangerous Game of Thrones® Celebrity appeared first on McAfee Blogs.

Teen Texting Slang (and Emojis) Parents Should Know

What adults call texting, kids call talking. They “talk” on their phones via chat, social comments, snaps, posts, tweets, and direct messages. And they are talking most of the time — tap, tap, tap — much like background music. In all this “talking” a language, or code, emerges just as it has for every generation only today that language is in acronyms, hashtags, and emojis. And while the slang is perfectly understood peer-to-peer, it has parents googling like crazy to decipher it.

And this language changes all the time. It expands, contracts and specific acronyms and symbols (emojis) can change in meaning entirely over time, which is why we update this list every periodically.

This time we’ve added emojis (scroll to bottom) since those powerful little graphic symbols have singlehandedly transformed human communication, as we know it.

Harmless Banter

We publish this list with an important reminder: Teen texting slang isn’t inherently bad or created with an intent to deceive or harm. Most of the terms and symbols have emerged as a kind of clever shorthand for fast moving fingers and have no dangerous or risky meaning attached. So, if you are monitoring your kids’ phones or come across references you don’t understand, assume the best in them (then, of course, do your homework).

For example, there are dozens of harmless words such as finna (fixing to do something), yeet (a way to express excitement), skeet (let’s go), Gucci (great, awesome, or overpriced), AMIRITE (am I right?) QQ4U (quick question for you), SMH (shaking my head), bread (money), IDRK (I don’t really know), OOTD (outfit of the day), LYAAF (love you as a friend), MCE (my crush everyday), HMU (hit me up, call me), W/E (whatever), AFK (away from keyboard), RTWT (read the whole thread), CWYL (chat with you later), Ship (relationship), CYT (see you tomorrow) or SO (significant other).

The Red Flags 

Here are some terms and emojis that may not be so innocent. Any of these terms can also appear as hashtags if you put a # symbol in front of them.

Potential bullying slang

Ghost = to ignore someone on purpose

Boujee = rich or acting rich

Sip tea = mind your own business

The tea is so hot = juicy gossip

AYFKM? = are you f***ing kidding me?

Thirsty = adjective describing a desperate-acting, needy person

Basic = annoying person, interested in shallow things

Extra = over the top, excessive, dramatic person

TBH = to be honest (sometimes followed by negative comments)

Zerg = to gang up on someone (a gaming term that has morphed into a bullying term)

KYS = kill yourself

SWYP = so what’s your problem?

182 = I hate you
Curve = to reject someone

Shade = throwing shade, to put someone down.

POS = piece of sh**

WTF = what the f***

Derp = stupid

Lsr = loser

Butters = ugly

Jelly = jealous

Subtweet = talking about someone but not using their @name

Bizzle = another word for b***h

THOT or thotties = a promiscuous girl/s

YAG = you are gay

Cyber pretty = saying someone only looks good online with filters

Beyouch = another word for b***h

RAB = rude a** b***h

IMHO = in my honest opinion

IMNSHO = in my not so honest opinion

NISM = need I say more?

Potential risky behavior slang  

Broken = hung over

Pasted = high or drunk

Belfie = self-portrait (selfie) featuring the buttocks

OC = open crib, party at my house

PIR = parents in the room

9, CD9, Code 9 = parents here

99 = parents gone

Smash = to have casual sex

Slide into my DM = connecting through a direct message on a social network with sexual intentions

A3: Anytime, anywhere, anyplace

WTTP = want to trade pictures?

S2R = send to receive (pictures)
sugarpic = Refers to a suggestive or erotic photograph

TDTM = talk dirty to me

KMS = kill myself

AITR = adults in the room

KPC = keeping parents clueless

1174 = invite to a wild party usually followed by an address

53X = sex

Chirped = got caught

Cu46 = See you for sexTDTM = talk dirty to meLMIRL = let’s meet in real life

GNRN = get naked right now

Pron = porn

Frape = Facebook rape; posting to someone else’s profile when they leave it logged in.

NSFW = not safe for work (post will include nudity, etc)

Livingdangerously = taking selfies while driving or some other unsafe behavior

Kik = let’s talk on kik instant message instead

Sue = suicide

Dep = depression

Svv = self- harming behavior

SN = send nudes

Nend sudes = another way to say SN/send nudes

PNP = party and play (drugs + sex)

 

Potential drug-related slang

420, bud, tree = marijuana

Blow, mayo, white lady, rock, snow, yay, yale, yeyo, yank, yahoo = Cocaine

Special K = ketamine, liquid tranquilizer

Pearls = a nicely rolled blunt

Dabbing = concentrated doses of marijuana (began as a dance craze)

DOC = drug of choice

Turnt up / turnt = high or drunk

Geeked up = being high

Bar = Xanax pill

Bar out = to take a Xanax pill

Baseball = crack cocaine

Skrill = Money

Bread = money

CID = acid

E, XTC  = ecstasy

Hazel = heroin

Blue Boogers = snorting Adderall or Ritalin

Pharming = getting into medicine cabinets to find drugs to get high

Oxy, perks, vikes = opioids

Robo-tripping = consuming cough syrup to get high

Tweaking = high on amphetamines

Wings = cocaine; heroin

Speed, crank, uppers, Crystal or Tina = meth

 

Red flag emojis

Frog = an ugly person

Frog + tea (coffee) cup = that’s the tea (gossip)

Any kind of green plant/leaves = marijuana

Maple leaf = marijuana

Broccoli = marijuana

Smoke puff or gasoline = get high

Snowflake = cocaine

Person skiing = cocaine

Pill = ecstasy or MDMA for sale

Face with steam from nose = MDMA drug

Rocket = high potency drug for sale

Syringe = heroin

Diamond = crystal meth, crack cocaine for sale

Skull = die

Knife + screaming face = calling someone a psycho

Bowling ball + person running = I’m gonna hit you, coming for you

Flowers = drugs

Dollar sign = it’s for sale

Syringe = heroine (also tattoo)

Cat with heart eyes = sex

Purple face with horns = sex

Gas pump = sex

Tongue, eggplant, water drops, banana, peach, taco, cherries, drooling face, rocket = sex

Rose, rosette, cherry, pink cherry blossom, growing heart, airplane, crown = emojis that refer to sex trafficking

When it comes to figuring out what your kids are up to online, using your own instincts and paying attention will be your best resources. If something doesn’t sound or look right on your child’s phone trust that feeling and look deeper. You don’t have to know every term or symbol — the more important thing is to stay aware and stay involved.

The post Teen Texting Slang (and Emojis) Parents Should Know appeared first on McAfee Blogs.

10 Ways to Help Your Family Break Bad Tech Habits

A new study from Pew Research confirms our collective hunch that 95% of teens now report they have a smartphone and that 45% of teens now say they are always online. No shock there. The finding that is far more worrisome? That despite this dramatic digital shift over the past decade, parents are divided on whether today’s teens face a set of issues completely different than the issues of their youth.

When asked to compare the experiences of today’s teens to their own experiences when they were a teen, 48% of parents surveyed said today’s teens have to deal with a completely different set of issues. Likewise, 51% said that despite some differences, the issues young people deal with today is not that different from when they were teenagers.

This number is alarming from both a parenting perspective and a digital safety perspective. It means that while we’ve made incredible progress in our digital awareness and how to raise kids in this unique culture, a lot of parents are still woefully behind in their thinking. (Seriously: Could our experience as teens — minus the internet and smartphones — be any more different than the experience of today’s digital natives?)

Distracted Parents, Distracted Kids

In trying to understand this reality gap, the survey offered up another morsel of insight: That parents themselves are as distracted as kids when it comes to reliance on devices. Yep! As worried as parents say they are about the amount of time their teen spends online, parents’ digital behavior isn’t exactly praiseworthy. The survey found that 59% of parents say they at least sometimes feel obligated to respond to cell phone messages immediately, while 39% admit they regularly lose focus at work because they’re checking their mobile device and 36% say they spend too much time on their cell phone.

Reality Check

If half of us genuinely believe that our kids are growing up with issues similar to ours as teens (only with strange devices in their hands), and if we are telling our kids to lead balanced digital lives but our digital habits are off the rails, then — if we’re honest — we’ve got some serious work to do as parents.

How do we begin to shift these numbers in favor of our family’s digital health? How do we move from technology leading our family to the other way around?

Like any significant change, we begin at home — with the truth — and move forward from there. We’ve got this!

10 Ways to Improve Your Family Tech Habits

  1. Own your stuff. Let’s get real. Change begins with acknowledging our personal responsibility in what isn’t working. If your own screen time is out of control and you are trying to set healthy digital habits for your family — that contradiction is going to undermine your success. Take a look at your screen time habits, admit to the bad habits, and establish fresh tech goals moving forward.
  2. No shame zone. We know about establishing device-free zones in the home such as the dinner table, movie time, and the bedroom at night. Consider a no shame zone — the understanding that no one is made to feel shame for his or her not-so-great tech habits. It’s hard to move forward toward new goals if we beat ourselves up for the past, compare ourselves to others, or are made to feel like the bad guy for falling short. Acknowledge bad habits, discuss them openly, and help one another do better in the future. Your chances of success double when you have a team supporting you.
  3. Stick to a device curfew. Try a device curfew — say 8 p.m. to 8 a.m. — when devices are turned off and put into a drawer (yes, you have to get this intentional). A curfew increases face-to-face family interaction and creates space for non-device activities. It specifically reduces the temptation to habitually check your phone, get lost scrolling on Instagram, and getting sucked back into work emails. More importantly, it models for your kids that you don’t have to check your phone constantly, which has countless emotional and physical benefits.
  4. Be realistic with changes. The goal is to reduce your tech and strike a balance that complements — rather than conflicts with — your family’s lifestyle and wellbeing. We know that technology is now an ever-present part of family life so cutting it out completely is neither beneficial nor realistic. Achieving a healthy tech balance is an on-going process. Some days you will fare than others. The goal is to make progress (not perfection) toward a healthier, more balanced relationship with your technology. Going haywire with rules and consequences won’t get you there faster. Discuss as a family what changes need to be made and brainstorm ways to get there. Set some realistic goals that everyone can achieve and maintain not just in the short-term but also as a lifestyle.
  5. Turn off notifications. This is a small, powerful act that can transform your digital life. Getting pop up notifications for apps, emails, texts, calendar events, social media actions — you name it — might be your normal for you but far from beneficial. So, turn them all off. I dare you.
  6. Filter content. Tech balance isn’t just about less tech; it’s also about monitoring the content that flows into your home from the other side of the screen. You can turn off your family’s devices for 23 hours a day and if the content you allow into your home for that remaining one hour isn’t age-appropriate or conflicts with your family’s values and tech goals, then that one hour has tremendous influence. Take the time to explore filtering options that allow you to set time limits on your child’s (and your) technology, block dangerous websites and apps, and helps you strike a healthy tech balance that reflects your family’s lifestyle and needs. Roll up your sleeves: Co-view movies, go through apps and video games and discuss the issues that arise around the media your kids consume.
  7. Be the parent. Kids crave consistency and leadership from parents. No matter what age your child may be, as a parent, you are the most influential person in your child’s life. You pay the bills. You can shut devices and routers off — regardless of the tantrum level. Your opinion matters on video games, media, apps, friend groups, and content. Don’t let your child’s emotional protests keep you from parenting well and establishing and enforcing good tech habits. If you think your child has a technology addiction issue trust that instinct and take action.
  8. Get a plan, work it. We all nod when we read this but who has done it? You can’t get where you are going without a map. Put a family tech plan in place (with group input) and stick to it. Ideas to consider: Phone free zones, device curfew, chores and responsibilities, physical activity vs. screen time, social media behavior, tech security rules, TV viewing time, video game time limits, content guidelines, and expectations. If you discover that your tech plan isn’t working, zero in and make adjustments.
  9. Rediscover real life — together. Maybe you’ve gotten in some bad habits over the years. Don’t beat yourself up. Just decide to change things up moving forward. It’s never too late to change your family vibe. Explore new things together — nature, art classes, concerts, camping — anything that helps you disconnect from technology and reconnect to each other and real life.
  10. Keep. On. Talking. Sure you’ve said it before, so what? Make the conversation about digital issues a priority in your home. Ask your kids what’s going on with their friend groups and online. Talk about tech issues in the news. Talk about the health and emotional issues connected to excessive tech use. According to your child’s age, talk about the stuff that’s tough to talk about talking about like cyberbullying, suicide, self-harm, body image, and sexting. A good rapport with your child is the most powerful tool you have as a parent today.

Remember, technology is a tool not a way of life. Healthy screen habits begin parents who are grounded in reality and who model healthy screen habits themselves. Times have changed, there are challenges to be sure but stay the course parent: You’ve got the tools and the tenacity you need to get in front of those challenges and equip our kids to live wise, balanced digital lives.

The post 10 Ways to Help Your Family Break Bad Tech Habits appeared first on McAfee Blogs.

iOS Users: Update Your Software to Avoid Security Vulnerabilities

On Monday, Apple made some bold announcements at their keynote event, including new subscription offerings for news, television, video games, and a credit card service. But while these exciting announcements were being made, the release of iOS 12.2 seemed to slip under the radar. This update contains 51 different security fixes and impacts devices ranging from the iPhone 5s and later, the iPad Air, and even products running tvOS. These software patches cover a variety of bugs that cybercriminals could use to obtain effects like denial-of-service, overwrite arbitrary files, or execute malicious code.

The iOS 12.2 update includes patches for vulnerabilities in core apps like Contacts, FaceTime, Mail, Messages, and more. According to security professional Alex Stamos, most of the vulnerabilities were found in Webkit, the browser engine Apple uses in many of its products including Safari, Mail, and App Store. Among these vulnerabilities were memory corruption bugs, which could lead to arbitrary code execution. This type of attack allows malicious actors to run any command on the target system, potentially taking over the victim’s files or allowing them to take over the victim’s system remotely. To prevent arbitrary code execution attacks, Apple improved device memory handling, state, and management. These processes control and coordinate device computer memory in order to optimize overall system performance. Another issue patched by this update is the ability for a cybercriminal to bypass sandbox restrictions, which protect a device’s critical infrastructure from suspicious code. To combat this, Apple issued an improvement to validation checks.

While it can be easy to click the “Remind Me Later” option when you receive a software update notification, the security updates included in iOS 12.2 should not be overlooked. To help keep your iOS devices protected and running smoothly, check out the following tips:

  • Update your software. To update your device to iOS 12.2, go to your Settings, then to General, and then click Software Update. From there, you will be able to download and install the update and patch over 50 security holes.
  • Turn on automatic updates. Turning on automatic updates helps shield you from exposure to threats brought on by software bugs and vulnerabilities. You can enable automatic updates in your Settings as well.
  • Use a security solution. To add an extra layer of protection to all your devices, install a security solution like McAfee Total Protection. This will allow you to have an extra security weapon and help defend your devices from cyberthreats.

And, as always, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post iOS Users: Update Your Software to Avoid Security Vulnerabilities appeared first on McAfee Blogs.

Hidden & Fake Apps: How Hackers Could Be Targeting Your Connected Home

Like most parents, before you go to sleep each night, you take extra care to lock doors and windows to keep your family safe from any outside threats. The only thing you may have overlooked is the smartphone illuminated on your nightstand. And if you were to add up the smartphones humming all over your house, suddenly you’d have a number of unlocked doors that a determined criminal could enter through. Maybe not tonight — but eventually.

Digital Ecosystem

Over time you’ve purchased and plugged in devices throughout your home. You might have a voice assistant, a baby monitor, a thermostat, a treadmill, a gaming system, a fitness watch, smart TVs, a refrigerator, and many other fun, useful gadgets. Each purchase likely connects to your smartphone. Take stock: You now have a digital ecosystem growing all around you. And while you rarely stop to take notice of this invisible power grid around you, hackers can’t stop thinking about it.

This digital framework that pulsates within your home gives cybercriminals potential new entryways into your life and your data. Depending on your devices, by accessing your smartphone, outsiders may be able to unlock your literal doors while you are away (via your home security system), eavesdrop on your family conversations and collect important information (via your voice assistant), access financial information (via your gaming system, tablet, or laptop).

What you can do:

  • Change factory security settings. Before you fire up that smart TV, drone, or sound system, be sure to change each product’s factory settings and replace it with a bulletproof password to put a layer of protection between you and would-be hackers.
  • Protect your home network. We are connected people living in connected homes. So, part of the wired lifestyle is taking the lead on doing all we can to protect it. One way to do that is at the router level with built-in network security, which can help secure your connected devices.
  • Stay on top of software updates. Cybercrooks rely on consumers to ignore software updates; it makes their job so much easier. So be sure to install updates to your devices, security software, and IoT products when alerted to do so.

Smartphone = Front Gate

The most common entry point to all of these connected things is your smartphone. While you’ve done a lot of things to protect your phone — a lock screen, secure passwords on accounts, and system updates — there are hacking tactics you likely know nothing about. According to McAfee’s recent  Mobile Threat Report, you don’t know because the scope and complexity of mobile hacks are increasing at alarming rates.

Hidden Apps

The latest statistics report that the average person has between 60-90 apps installed on their phones. Multiply that between all the users in your home, and you are looking at anywhere from 200-500 apps living under your digital roof. Hackers gravitate toward digital trends. They go where the most people congregate because that’s where they can grab the most money. Many of us control everything in our homes from our apps, so app downloads are off the charts, which is why crooks have engineered some of their most sophisticated schemes specifically around app users.

Hidden apps are a way that crooks trick users into letting them inside their phones. Typically, hidden apps (such as TimpDoor) get to users via Google Play when they download games or customized tools. TimpDoor will then directly communicate with users via a text with a link to a voice message that gives detailed instructions to enable apps from unknown sources. That link downloads malware which will run in the background after the app closes. Users often forget they’ve downloaded this and go on with life while the malware runs in the background and can access other internal networks on the smartphone.

What you can do:

  • Stay alert. Don’t fall for the traps or click links to other apps sent via text message.
  • Stay legit. Only download apps hosted by the original trusted stores and verified partner sites.
  • Avoid spam. Don’t click on any email links, pop-ups, or direct messages that include suspicious links, password prompts, or fake attachments. Delete and block spam emails and texts.
  • Disable and delete. If you are not using an app, disable it. And, as a safety habit, remove apps from your phone, tablet, or laptop you no longer use.

Fake Apps

Again, crooks go where the most people congregate, and this year it is the 60 million+ downloaded game Fortnite. The Fortnite craze has lead hackers to design fake Fortnite apps masquerading as the real thing. The fraudulent app designers go to great lengths to make the download look legitimate. They offer enticing downloads and promise users a ton of free perks and add ons. Once users download the fake app, crooks can collect money through ads, send text messages with more bad app links, crypto jack users, or install malware or spyware.

What you can do:

  • Don’t install apps from unknown sources. Not all gaming companies distribute via Google Play or the App Store. This makes it even harder for users to know that the app they are downloading is legit. Do all you can to verify the legitimacy of the site you are downloading from.
  • Delete suspicious acting apps. If you download an app and it begins to request access to anything outside of its service, delete it immediately from your device.
  • Update devices regularly. Keep new bugs and threats at bay by updating your devices automatically.
  • Monitor bank statements. Check statements regularly to monitor the activity of the card linked to your Fortnite account. If you notice repeat or multiple transactions from your account or see charges that you don’t recognize, alert your bank immediately.
  • Be a savvy app user. Verify an app’s legitimacy. Read other user reviews and be discerning before you download anything. This practice also applies to partner sites that sell game hacks, credits, patches, or virtual assets players use to gain rank within a game. Beware of “free” downloads and avoid illegal file-sharing sites. Free downloads can be hotbeds for malware. Stick with the safer, paid options from a reputable source.

The post Hidden & Fake Apps: How Hackers Could Be Targeting Your Connected Home appeared first on McAfee Blogs.

How Online Scams Drive College Basketball Fans Mad

Sports fans everywhere look forward to mid-March for the NCAA men’s college basketball tournament. However, it’s not just college basketball fans that look forward to this time of year. Cybercriminals use March to launch malicious campaigns in the hopes of gaining access to personal information from unsuspecting fans. Let’s take a look at the most popular techniques cybercriminals use to gain access to passwords and financial information, as well as encourage victims to click on suspicious links.

Online betting provides cybercriminals with a wealth of opportunities to steal personal and financial information from users looking to engage with the games while potentially making a few extra bucks. The American Gaming Association (AGA) estimates that consumers will wager $8.5 billion on the 2019 NCAA men’s basketball tournament. What many users don’t realize is that online pools that ask for your personal and credit card information create a perfect opportunity for cybercriminals to take advantage of unsuspecting fans.

In addition to online betting scams, users should also be on the lookout for malicious streaming sites. As fewer and fewer homes have cable, many users look to online streaming sites to keep up with all of the games. However, even seemingly reputable sites could contain malicious phishing links. If a streaming site asks you to download a “player” to watch the games, there’s a possibility that you could end up with a nasty malware on your computer.

Ticket scammers are also on the prowl during March, distributing fake tickets on classified sites they’ve designed to look just like the real thing. Of course, these fake tickets all have the same barcode. With these scams floating around the internet, users looking for cheap tickets to the games may be more susceptible to buying counterfeit tickets if they are just looking for the best deal online and are too hasty in their purchase.

So, if you’re a college basketball fan hoping to partake in this exciting month – what next? In order to enjoy the fun that comes with the NCAA tournament without the risk of cyberthreats, check out the following tips to help you box out cybercriminals this March:

  • Verify the legitimacy of gambling sites. Before creating a new account or providing any personal information on an online gambling website, poke around and look for information any legitimate site would have. Most gambling sites will have information about the site rules (i.e., age requirements) and contact information. If you can’t find such information, you’re better off not using the site.
  • Be leery of free streaming websites. The content on some of these free streaming websites is likely stolen and hosted in a suspicious manner, as well as potentially contains malware. So, if you’re going to watch the games online, it’s best to purchase a subscription from a legitimate streaming service.
  • Stay cautious on popular sports sites and apps. Cybercriminals know that millions of loyal fans will be logging on to popular sports sites and apps to stay updated on the scores. Be careful when you’re visiting these sites you’re not clicking on any conspicuous ads or links that could contain malware. If you see an offer that interests you in an online ad, you’re better off going directly to the website from the company displaying the ad as opposed to clicking on the ad from the sports site or app.
  • Beware of online ticket scams. Scammers will be looking to steal payment information from fans in search of last-minute tickets to the games. To avoid this, it’s best to buy directly from the venue whenever possible. If you decide to purchase from a reseller, make sure to do your research and only buy from trusted vendors.
  • Use comprehensive security software. Using a tool like McAfee WebAdvisor can help you avoid dangerous websites and links, and will warn you in the event that you do accidentally click on something malicious. It will provide visual warnings if you’re about to go to a suspicious site.

And, of course, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post How Online Scams Drive College Basketball Fans Mad appeared first on McAfee Blogs.

How to Safeguard Your Family Against A Medical Data Breach

Medical Data BreachThe risk to your family’s healthcare data often begins with that piece of paper on a clipboard your physician or hospital asks you to fill out or in the online application for healthcare you completed.

That data gets transferred into a computer where a patient Electronic Health Record (EHR) is created or added to. From there, depending on the security measures your physician, healthcare facility, or healthcare provider has put in place, your data is either safely stored or up for grabs.

It’s a double-edged sword: We all need healthcare but to access it we have to hand over our most sensitive data armed only with the hope that the people on the other side of the glass window will do their part to protect it.

Breaches on the Rise

Feeling a tad vulnerable? You aren’t alone. The stats on medical breaches don’t do much to assuage consumer fears.

A recent study in the Journal of the American Medical Association reveals that the number of annual health data breaches increased 70% over the past seven years, with 75% of the breached, lost, or stolen records being breached by a hacking or IT incident at a cost close to consumers at nearly $6 billion.

The IoT Factor

Medical Data Breach

Not only are medical facilities vulnerable to hackers, but with the growth of the Internet of Things (IoT) consumer products — which, in short, means everything is digitally connected to everything else — also provide entry points for hackers. Wireless devices at risk include insulin pumps and monitors, Fitbits, scales, thermometers, heart and blood pressure monitors.

To protect yourself when using these devices, experts recommend staying on top of device updates and inputting as little personal information as possible when launching and maintaining the app or device.

The Dark Web

The engine driving healthcare attacks of all kinds is the Dark Web where criminals can buy, sell, and trade stolen consumer data without detection. Healthcare data is precious because it often includes a much more complete picture of a person including social security number, credit card/banking information, birthdate, address, health care card information, and patient history.

With this kind of data, many corrupt acts are possible including identity theft, fraudulent medical claims, tax fraud, credit card fraud, and the list goes on. Complete medical profiles garner higher prices on the Dark Web.

Some of the most valuable data to criminals are children’s health information (stolen from pediatrician offices) since a child’s credit records are clean and more useful tools in credit card fraud.

According to Raj Samani, Chief Scientist and McAfee Fellow, Advanced Threat Research, predictions for 2019 include criminals working even more diligently in the Dark Web marketplace to devise and launch more significant threats.

“The game of cat and mouse the security industry plays with ransomware developers will escalate, and the industry will need to respond more quickly and effectively than ever before,” Says Samani.

Medical Data Breach

Healthcare professionals, hospitals, and health insurance companies, while giving criminals an entry point, though responsible, aren’t the bad guys. They are being fined by the government for breaches and lack of proper security, and targeted and extorted by cyber crooks, while simultaneously focusing on patient care and outcomes. Another factor working against them is the lack of qualified cybersecurity professionals equipped to protect healthcare practices and facilities.

Protecting ourselves and our families in the face of this kind of threat can feel overwhelming and even futile. It’s not. Every layer of protection you build between you and a hacker, matters. There are some things you can do to strengthen your family’s healthcare data practices.

Ways to Safeguard Medical Data

Don’t be quick to share your SSN. Your family’s patient information needs to be treated like financial data because it has that same power. For that reason, don’t give away your Social Security Number — even if a medical provider asks for it. The American Medical Association (AMA) discourages medical professionals from collecting patient SSNs nowadays in light of all the security breaches.

Keep your healthcare card close. Treat your healthcare card like a banking card. Know where it is, only offer it to physicians when checking in for an appointment, and report it immediately if it’s missing.

Monitor statements. The Federal Trade Commission recommends consumers keep a close eye on medical bills. If someone has compromised your data, you will notice bogus charges right away. Pay close attention to your “explanation of benefits,” and immediately contact your healthcare provider if anything appears suspicious.

Ask about security. While it’s not likely you can change your healthcare provider’s security practices on the spot, the more consumers inquire about security standards, the more accountable healthcare providers are to following strong data protection practices.

Pay attention to apps, wearables. Understand how app owners are using your data. Where is the data stored? Who is it shared with? If the app seems sketchy on privacy, find a better one.

How to Protect IoT Devices

Medical Data Breach

According to the Federal Bureau of Investigation (FBI), IoT devices, while improving medical care and outcomes, have their own set of safety precautions consumers need to follow.

  • Change default usernames and passwords
  • Isolate IoT devices on their protected networks
  • Configure network firewalls to inhibit traffic from unauthorized IP addresses
  • Implement security recommendations from the device manufacturer and, if appropriate, turn off devices when not in use
  • Visit reputable websites that specialize in cybersecurity analysis when purchasing an IoT device
  • Ensure devices and their associated security patches are up-to-date
  • Apply cybersecurity best practices when connecting devices to a wireless network
  • Invest in a secure router with appropriate security and authentication practices

The post How to Safeguard Your Family Against A Medical Data Breach appeared first on McAfee Blogs.

5 Tips For Creating Bulletproof Passwords

While biometric tools like facial ID and fingerprints have become more common when it comes to securing our data and devices, strong passwords still play an essential part in safeguarding our digital lives.

This can be frustrating at times, since many of us have more accounts and passwords than we can possibly remember. This can lead us to dangerous password practices, such as choosing short and familiar passwords, and repeating them across numerous accounts. But password safety doesn’t have to be so hard. Here are some essential tips for creating bulletproof passwords.

Remember, simple is not safe

Every year surveys find that the most popular passwords are as simple as  “1234567” and just “password.” This is great news for the cybercrooks, but really bad news for the safety of our personal and financial information.

When it comes to creating strong passwords, length and complexity matter because it makes them harder to guess, and harder to crack if the cybercriminal is using an algorithm to quickly process combinations. The alarming truth is that passwords that are just 7 characters long take less than a third of a second to crack using these “brute force attack” algorithms.

Tricks:

  • Make sure that your passwords are at least 12 characters long and include numbers, symbols, and upper and lowercase letters.
  • Try substituting numbers and symbols for letters, such as zero for “O”, or @ for “A”.
  • If you’re using internet-connected devices, like IP cameras and interactive speakers, make sure to change the default passwords to something unique, since hackers often know the manufacturer’s default settings.

Keep it impersonal

Passwords that include bits of personal information, such as your name, address, or pet’s name, make them easier to guess. This is especially true when we share a lot of personal information online. But you can use personal preferences that aren’t well known to create strong passphrases.

Tricks:

  • Try making your password a phrase, with random numbers and characters. For instance, if you love crime novels you might pick the phrase: ILoveBooksOnCrime
    Then you would substitute some letters for numbers and characters, and put a portion in all caps to make it even stronger, such as: 1L0VEBook$oNcRIM3!
  • If you do need to use personal information when setting up security questions, choose answers that are not easy to find online.
  • Keep all your passwords and passphrases private.

Never reuse passwords

If you reuse passwords and someone guesses a password for one account, they can potentially use it to get into others. This practice has gotten even riskier over the last several years, due to the high number of corporate data breaches. With just one hack, cybercriminals can get their hands on thousands of passwords, which they can then use to try to access multiple accounts.

Tricks:

  • Use unique passwords for each one of your accounts, even if it’s for an account that doesn’t hold a lot of personal information. These too can be compromised, and if you use the same password for more sensitive accounts, they too are at risk.
  • If a website or monitoring service you use warns you that your details may have been exposed, change your password immediately.

Employ a password manager

If just the thought of creating and managing complex passwords has you overwhelmed, outsource the work to a password manager! These are software programs that can create random and complex passwords for each of your accounts, and store them securely. This means you don’t have to remember your passwords – you can simply rely on the password manager to enter them when needed.

Tricks:

  • Look for security software that includes a password manager
  • Make sure your password manager uses multi-factor authentication, meaning it uses multiple pieces of information to identify you, such as facial recognition, a fingerprint, and a password.

Boost your overall security

Now that you’ve made sure that your passwords are bulletproof, make sure you have comprehensive security software that can protect you from a wide variety of threats.

Tricks:

  • Keep you software up-to-date and consider using a web advisor that protects you from accidentally typing passwords into phishing sites.

Looking for more mobile security tips and trends? Be sure to follow @McAfee Home on Twitter, and like us on Facebook.

The post 5 Tips For Creating Bulletproof Passwords appeared first on McAfee Blogs.

Don’t Let Thunderclap Flaws Strike Your Device

If you own a Mac or PC, odds are you’ve used your laptop’s Thunderbolt port to connect another device to your machine. Thunderbolt ports are convenient for charging other devices using your laptop or desktop’s battery power. However, a new flaw called Thunderclap allows attackers to steal sensitive information such as passwords, encryption keys, financial information, or run detrimental code on the system if a malicious device is plugged into a machine’s port while it’s running.

So, how can attackers exploit this flaw? Thunderbolt accessories are granted direct-memory access (DMA), which is a method of transferring data from a computer’s random-access memory (RAM) to another part of the computer without it needing to pass through the central processing unit (CPU). DMA can save processing time and is a more efficient way to move data from the computer’s memory to other devices. However, attackers with physical access to the computer can take advantage of DMA by running arbitrary code on the device plugged into the Thunderbolt port. This allows criminals to steal sensitive data from the computer. Mind you, Thunderclap vulnerabilities also provide cybercriminals with direct and unlimited access to the machine’s memory, allowing for greater malicious activity.

Thunderclap-based attacks can be carried out with either specially built malicious peripheral devices or common devices such as projectors or chargers that have been altered to automatically attack the host they are connected to. What’s more, they can compromise a vulnerable computer in just a matter of seconds. Researchers who discovered this vulnerability informed manufacturers and fixes have been deployed, but it’s always good to take extra precautions. So, here are some ways users can defend themselves against these flaws:

  • Disable the Thunderbolt interface on your computer. To remove Thunderbolt accessibility on a Mac, go to the Network Preference panel, click “OK” on the New Interface Detected dialog, and select “Thunderbolt Bridge” from the sidebar. Click the [-] button to delete the option as a networking interface and choose “Apply.” PCs often allow users to disable Thunderbolt in BIOS or UEFI firmware settings, which connect a computer’s firmware to its operating system.
  • Don’t leave your computer unattended. Because this flaw requires a cybercriminal to have physical access to your device, make sure you keep a close eye on your laptop or PC to ensure no one can plug anything into your machine without permission.
  • Don’t borrow chargers or use publicly available charging stations. Public chargers may have been maliciously altered without your knowledge, so always use your own computer accessories.

And, as always, stay on top of the latest consumer and mobile security threats by following @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Don’t Let Thunderclap Flaws Strike Your Device appeared first on McAfee Blogs.

How To Secure Your Smart Home

Do you live in a “smart” home? If you look around and see interactive speakers, IP cameras, and other internet-connected devices like thermostats and appliances, you are now one of the millions of people who live with so-called “smart” devices. They bring convenience and comfort into our lives, but they also bring greater risks, by giving cybercrooks new opportunities to access our information, and even launch attacks.

You may remember a couple of years ago when thousands of infected devices were used to take down the websites of internet giants like Twitter and Netflix by overwhelming them with traffic. The owners of those devices were regular consumers, who had no idea that their IP cameras and DVRs had been compromised. You may also have heard stories of people who were eavesdropped on via their baby monitors, digital assistants, and webcams when their private networks were breached.

Unfortunately, these are not rare cases. In recent months, the “Internet of Things” (IoT) has been used repeatedly to spy on businesses, launch attacks, or even deliver cryptojacking malware or ransomware.

Still, given the benefits we get from these devices, they are probably here to stay.  We just need to acknowledge that today’s “smart” devices can be a little “dumb” when it comes to security. Many lack built-in security protections, and consumers are still learning about the risks they can pose. This is particularly concerning since the market for smart devices is large and growing. There are currently 7 billion IoT devices being used worldwide, and that number is expected to grow to 22 billion by 2025.

Cybercrooks have already taken note of these opportunities since malware attacks on smart devices have escalated rapidly. In fact, McAfee reported that malware directed at IoT devices was up 73%in the third quarter of 2018 alone.

So, whether you have one IoT device, or many, it’s worth learning how to use them safely.

Follow these smart home safety tips:

  • Research before you buy—Although most IoT devices don’t have built-in protection, some are safer than others. Look for devices that make it easy to disable unnecessary features, update software, or change default passwords. If you already have an older device that lacks many of these features, consider upgrading it.
  • Safeguard your devices—Before you connect a new IoT device to your home network — allowing it to potentially connect with other data-rich devices, like smartphones and computers— change the default username and password to something strong, and unique. Hackers often know the default settings and share them online.Then, turn off any manufacturer settings that do not benefit you, like remote access. This is a feature some manufacturers use to monitor their products, but it could also be used by cybercrooks to access your system. Finally, make sure that your device software is up-to-date by checking the manufacturer’s website. This ensures that you are protected from any known vulnerabilities.
  • Secure your network—Your router is the central hub that connects all of the devices in your home, so you need to make sure that it’s secure. If you haven’t already, change the default password and name of your router. Make sure your network name does not give away your address, so hackers can’t locate it. Then check that your router is using an encryption method, like WPA2, which will keep your communications secure. Consider setting up a “guest network” for your IoT devices. This is a second network on your router that allows you to keep your computers and smartphones separate from IoT devices. So, if a device is compromised, a hacker still cannot get to all the valuable information that is saved on your computers. Check your router’s manual for instructions on how to set up a guest network. You may also want to consider investing in an advanced internet router that has built-in protection and can secure and monitor any device that connects to your network.
  • Install comprehensive security software –Finally, use comprehensive security software that can safeguard all your devices and data from known vulnerabilities and emerging threats.

Looking for more mobile security tips and trends? Be sure to follow @McAfee Home on Twitter, and like us on Facebook.

The post How To Secure Your Smart Home appeared first on McAfee Blogs.

How to Steer Clear of Tax Season Scams

*This blog contains research discovered by Elizabeth Farrell

It’s that time of year again – tax season! Whether you’ve already filed in the hopes of an early refund or have yet to start the process, one thing is for sure: cybercriminals will certainly use tax season as a means to get victims to give up their personal and financial information. This time of year is advantageous for malicious actors since the IRS and tax preparers are some of the few people who actually need your personal data. As a result, consumers are targeted with various scams impersonating trusted sources like the IRS or DIY tax software companies. Fortunately, every year the IRS outlines the most prevalent tax scams, such as voice phishing, email phishing, and fake tax software scams. Let’s explore the details of these threats.

So, how do cybercriminals use voice phishing to impersonate the IRS? Voice phishing, a form of criminal phone fraud, uses social engineering tactics to gain access to victims’ personal and financial information. For tax scams, criminals will make unsolicited calls posing as the IRS and leave voicemails requesting an immediate callback. The crooks will then demand that the victim pay a phony tax bill in the form of a wire transfer, prepaid debit card or gift card. In one case outlined by Forbes, victims received emails in their inbox that allegedly contained voicemails from the IRS. The emails didn’t actually contain any voicemails but instead directed victims to a suspicious SharePoint URL. Last year, a number of SharePoint phishing scams occurred as an attempt to steal Office 365 credentials, so it’s not surprising that cybercriminals are using this technique to access taxpayers’ personal data now as well.

In addition to voice phishing schemes, malicious actors are also using email to try and get consumers to give up their personal and financial information. This year alone, almost 400 IRS phishing URLs have been reported. Even back in December, we saw a surge of new email phishing scams trying to fool consumers into thinking the message was coming from the IRS or other members of the tax community. In a typical email phishing scheme, scammers try to obtain personal tax information like usernames and passwords by using spoofed email addresses and stolen logos. In many cases, the emails contain suspicious hyperlinks that redirect users to a fake site or PDF attachments that may download malware or viruses. If a victim clicks on these malicious links or attachments, they can seriously endanger their tax data by giving identity thieves the opportunity to steal their refund. What’s more, cybercriminals are also using subject lines like “IRS Important Notice” and “IRS Taxpayer Notice” and demanding payment or threatening to seize the victim’s tax refund.

Cybercriminals are even going so far as to impersonate trusted brands like TurboTax for their scams. In this case, DIY tax preparers who search for TurboTax software on Google are shown ads for pirated versions of TurboTax. The victims will pay a fee for the software via PayPal, only to have their computer infected with malware after downloading the software. You may be wondering, how do victims happen upon this malicious software through a simple Google search? Unfortunately, scammers have been paying to have their spoofed sites show up in search results, increasing the chances that an innocent taxpayer will fall victim to their scheme.

Money is a prime motivator for many consumers, and malicious actors are fully prepared to exploit this. Many people are concerned about how much they might owe or are predicting how much they’ll get back on their tax refund, and scammers play to both of these emotions. So, as hundreds of taxpayers are waiting for a potential tax return, it’s important that they navigate tax season wisely. Check out the following tips to avoid being spoofed by cybercriminals and identity thieves:

  • File before cybercriminals do it for you. The easiest defense you can take against tax seasons schemes is to get your hands on your W-2 and file as soon as possible. The more prompt you are to file, the less likely your data will be raked in by a cybercriminal.
  • Obtain a copy of your credit report. FYI – you’re entitled to a free copy of your credit report from each of the major bureaus once a year. So, make it a habit to request a copy of your file every three to four months, each time from a different credit bureau. That way, you can keep better track of and monitor any suspicious activity and act early if something appears fishy.
  • Beware of phishing attempts. It’s clear that phishing is the primary tactic crooks are leveraging this tax season, so it’s crucial you stay vigilant around your inbox. This means if any unfamiliar or remotely suspicious emails come through requesting tax data, double check their legitimacy with a manager or the security department before you respond. Be wary of strange file attachment names such as “virus-for-you.doc.” Remember: the IRS only contacts people by snail mail, so if you get an email from someone claiming to be from the IRS, stay away.
  • Watch out for spoofed websites. Scammers have extremely sophisticated tools that help disguise phony web addresses for DIY tax software, such as stolen company logos and site designs. To avoid falling for this, go directly to the source. Type the address of a website directly into the address bar of your browser instead of following a link from an email or internet search. If you receive any suspicious links in your email, investigating the domain is usually a good way to tell if the source is legitimate or not.
  • Consider an identity theft protection solution. If for some reason your personal data does become compromised, be sure to use an identity theft solution such as McAfee Identity Theft Protection, which allows users to take a proactive approach to protect their identities with personal and financial monitoring and recovery tools to help keep their identities personal and secured.

And, as always, stay on top of the latest consumer and mobile security threats by following @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post How to Steer Clear of Tax Season Scams appeared first on McAfee Blogs.

The Risks of Public Wi-Fi and How to Close the Security Gap

public wi-fi risksAs I write this blog post, I’m digitally exposed, and I know it. For the past week, I’ve had to log on to a hospital’s public Wi-Fi each day to work while a loved one recuperates.

What seems like a routine, casual connection to the hospital’s Wi-Fi isn’t. Using public Wi-Fi is a daily choice loaded with risk. Sure, I’m conducting business and knocking out my to-do list like a rock star but at what cost to my security?

The Risks

By using public Wi-Fi, I’ve opened my online activity and personal data (via my laptop) up to a variety of threats including eavesdropping, malware distribution, and bitcoin mining. There’s even a chance I could have logged on to a malicious hotspot that looked like the hospital network.

Like many public Wi-Fi spots, the hospital’s network could lack encryption, which is a security measure that scrambles the information sent from my computer to the hospital’s router so other people can’t read it. Minus encryption, whatever I send over the hospital’s network could potentially be intercepted and used maliciously by cybercriminals.

Because logging on to public Wi-Fi is often a necessity — like my situation this week — security isn’t always the first thing on our minds. But over the past year, a new normal is emerging. A lot of us are thinking twice. With data breaches, privacy concerns, the increase in the market for stolen credentials, and increasingly sophisticated online scams making the headlines every day, the risks of using public Wi-Fi are front and center.

Rising Star: VPNpublic wi-fi risks

The solution to risky public Wi-Fi? A Virtual Private Network (VPN). A VPN allows users to securely access a private network and share data remotely through public networks. Much like a firewall protects the data on your computer, a VPN protects your online activity by encrypting your data when you connect to the internet from a remote or public location. A VPN also conceals your location, IP address, and online activity.

Using a VPN helps protect you from potential hackers using public Wi-Fi, which is one of their favorite easy-to-access security loopholes.

Who Needs a VPN?

If you (or your family members) travel and love to shop online, access your bank account, watch movies, and do everyday business via your phone or laptop, a VPN would allow you to connect safely and encrypt your data no matter where you are.

A VPN can mask, or scramble, your physical location, banking account credentials, and credit card information.

Also, if you have a family data plan you’ve likely encouraged your kids to save data by connecting to public Wi-Fi whenever possible. Using a VPN, this habit would be secured from criminal sniffers and snoopers.

A VPN allows you to connect to a proxy server that will access online sites on your behalf and enables a secure connection most anywhere you go. A VPN also allows hides your IP address and allows you to browse anonymously from any location.

How VPNs work

To use a VPN you subscribe to VPN service, download the app onto your desktop or phone, set up your account, and then log onto a VPN server to conduct your online activity privately.

If you are still logging on to public Wi-Fi, here are a few tips to keep you safe until VPNs become as popular as Wi-Fi.

Stay Safe on Public Wi-Fi 

Verify your connection. Fake networks that mine your data abound. If you are logging on to Wi-Fi in a coffee shop, hotel, airport, or library, verify the exact name of the network with an employee. Also, only use Wi-Fi that requires a password to log on.public wi-fi risks

Don’t get distracted. For adults, as well as kids, it’s easy to get distracted and absorbed with our screens — this is risky when on public Wi-Fi, according to Diana Graber, author of Raising Humans in a Digital World. “Knowing how to guard their personal information online is one of the most important skills parents need to equip their young kids with today,” says Graber. “Lots of young people visit public spaces, like a local coffee shop or library, and use public Wi-Fi to do homework, for example. It’s not uncommon for them to get distracted by something else online or even tempted to buy something, without realizing their personal information (or yours!) might be at risk.”

Disable auto Wi-Fi connect. If your phone automatically joins surrounding networks, you can disable this function in your settings. Avoid linking to unknown or unrecognized networks.

Turn off Wi-Fi when done. Your computer or phone can still transmit data even when you are not using it. Be sure to disable your Wi-Fi from the network when you are finished using it.

Avoid financial transactions. If you must use public Wi-Fi, don’t conduct a sensitive transaction such as banking, shopping, or any kind of activity that requires your social security or credit card numbers or password use. Wait until you get to a secured home network to conduct personal business.

Look for the HTTPS. Fake or unsecured websites will not have the HTTPS in their address. Also, look for the little lock icon in the address bar to confirm a secure connection.

Secure your devices. Use a personal VPN as an extra layer of security against hackers and malware.

The post The Risks of Public Wi-Fi and How to Close the Security Gap appeared first on McAfee Blogs.

Valentine’s Alert: Don’t Let Scammers Break Your Heart or Your Bank Account

Online Dating ScamsIt’s hard to believe that as savvy as we’ve become about our tech, people are still getting catfished, scammed, and heartbroken in their pursuit of love online.

The dinner conversation between bystanders goes something like this: “How could anyone be so dumb? Seriously? If they are going to be that reckless and uninformed, then maybe they deserve what they got!”

Some friends and I recently had a similar conversation about online dating scams. I noticed, however, that one friend, Sarah*, wasn’t so eager to jump into the conversation. She shrunk back in the booth and quietly sipped her margarita. Only later did she share her story with me.

The power of love

A single mom in her late 40s, well-educated, and attractive, Sarah’s teenager had convinced her to join a dating site the year before. She was especially lonely after her divorce three years earlier, so she agreed to create a profile on a popular dating app. After a handful of dates fell flat, she found Scott. He was charismatic, kind. “We had an instant connection,” according to Sarah. They spent hours on the phone sharing their deepest secrets and even started imagining a future together. But after about three months, Scott fell on hard times. At first, he needed to borrow $400 to pay for airfare to visit a dying relative, which he paid back immediately. Over the next few months, the numbers grew to $1,000 for rent and $3,000 for a business venture.

Online Dating Scams

Before long, Sarah had loaned her new love over $8,500. When she pressed him to repay the money, Scott ghosted Sarah online, moved out of town, and she never saw him again. My friend didn’t share her story with many people. She didn’t report it. She was too embarrassed and humiliated and even became depressed following what she calls “the Scott scam.” Her trust in other people and in love itself has been obliterated.

Sarah’s story doesn’t just echo that of desperate, clueless people, or lonely older women. Scammers are targeting good people who still believe in and value love and companionship. The pursuit of love online extends to adults as well as teens.

Confidence Fraud

Law enforcement calls these kinds of online romance scams confidence fraud because scammers will take a considerable amount of time gaining the trust and confidence of their victims. They will appear empathetic and supportive as they gather personal information they can use over time to carry out their scam.

According to the Federal Bureau of Investigation (FBI) confidence fraud has jumped 20% in the past year despite reports and warnings — especially around this time of year.

The FBI’s Internet Crime Complaint Center (IC3) reports that romance scams top all other financial online crimes. In 2016, people reported almost 15,000 romance scams to IC3 (nearly 2,500 more than the previous year), with losses exceeding $230 million.

Tips for Safe Online Dating

Never send money. Be it a romantic relationship you’ve engaged with or a phishing email, no matter the sob story, do not send money to anyone online. If you do send money, put a loan agreement in place that is legally enforceable should one party default.

Suspicious behavior. If someone promises to meet you somewhere but keeps canceling or if he or she refuses to video chat, those are red flags. Technology means anyone from anywhere in the world can successfully maintain a scam.Online Dating Scams

Take things slow. If someone is pushing the pace of a relationship or too quick to declare love and talk about the future, pause and assess the situation.

Do a background check. Love is a powerful force and can easily cloud a person’s correct understanding of reality. If you dare to create a dating profile, make a deal with yourself that you will extend the same courage to doing a background check on someone.

Be a sleuth. Don’t be afraid to gather facts on someone you’ve met online. Simple steps such as Googling the person’s name or dropping their photo in Google’s Reverse Image Search will help you get a better understanding of a person. Have faith: Good, legitimate people do exist. However, if there’s anything dubious, it’s best to find it out earlier rather than later. Part of doing your homework is tracking down mutual friends and making inquiries about the person you are talking with online.

Keep your social profiles private. Experts agree that you should edit your online footprint before you start dating people you’ve met online. Making your Instagram, Twitter, and Facebook private will guard you against potential.

Never send racy photos. Some scammers gain the confidence of their victims with every intention of extorting them in the future. They will threaten to send any racy photos with your family, friends, or business associates. The best way to avoid this is to never, ever send racy photos to anyone.Online Dating Scams

Google yourself, restrict info. Google yourself to see if there are any digital breadcrumbs that give away your home address or phone number. If possible, delete or revise that info. Likewise, go through your social accounts and remove any personal information you’ve shared in the past. Digital stalking is a risk for people who date online so turn off GPS on your dating apps and make sure your profile information is vague. Even if you get comfortable online with others, never get too comfortable since apps have privacy loopholes that can easily be exploited by hackers.

Take solid precautions. Enlist at least one friend as your dating safety pal. This will be the person who knows where you are going, who you will be with, and the background on the person you are meeting. Ask that person to check in with you during the date and carry pepper spray or a taser for physical protection. Go the extra step and turn on your Friend Finder or a location app that allows safety friend to track your whereabouts during a date.

*Names have been changed

The post Valentine’s Alert: Don’t Let Scammers Break Your Heart or Your Bank Account appeared first on McAfee Blogs.

Safer Internet Day 2019 – Together for a Better Internet

What You Can Do Today to Help Create a Better Internet

 

Today is Safer Internet Day (SID) – an annual worldwide event to encourage us all to work together to create a better internet. Celebrated globally in over 130 countries, SID is an opportunity for millions of people worldwide to come together to inspire positive change and raise awareness about the importance of online safety.

The theme for 2019 is: ‘Together for a Better Internet’ which I believe is a timely reminder of the importance of us all working together if we are serious about making the internet a safer place. Whether we are parents, carers, teachers or just avid users, we all have a part to play.

The 4R’s of Online Safety

In order to make a positive change to our online world, this year we are being encouraged to focus on four critical skills that many experts believe will help us all (especially our kids) better navigate the internet and create a more positive online environment. Let’s call them the 4R’s of online safety: Respect, Responsibility, Reasoning and Resilience. So, here is my advice on what we can do to try and incorporate these four important skills into our family’s digital lives

  1. Respect – ‘I treat myself and others the way I like to be treated’

I firmly believe that having respect for others online is critical if we are going to foster a safer and more supportive internet for our children and future generations. While many parents realise that our constant reminders about the importance of good manners and respect must also now be extended to include the online world, not everyone is on the same page.

Keyboard warriors who fire off abusive comments online, or harass and troll others clearly do not have any notion of online respect. Online actions can have serious real-world implications. In fact, online actions can often have more significant implications as the dialogue is not just contained to a few, rather it is witnessed by everyone’s online friends which could stretch into the 1000’s. Such public exchanges then create the opportunity for commentary which often further magnifies the hurt and fallout.

It is therefore essential that we have very direct conversations with our children about what is and isn’t appropriate online. And if there is even any confusion, always revert to one of my favourite lessons from my Sunday School days: treat others how you would like to be treated yourself.

  1. Responsibility – ‘I am accountable for my actions and I take a stand when I feel something is wrong’

In my opinion, teaching our kids online responsibility is another important step in making the internet a better place. Ensuring our kids understand that they are not only responsible but accountable for their behaviour is essential. If they harass or bully others online, or are involved in sending inappropriate pics, there are consequences that could quite possible include interactions with the police department.

But being responsible online also means getting involved if you feel something isn’t right. Whether a mate is on the receiving end of online harassment or a cruel joke, getting involved and telling the perpetrator that their behaviour ‘isn’t cool’ is essential.

  1. Reasoning – ‘I question what is real’

Teaching our kids to think critically is an essential survival skill for our kids in our content-driven online world. We need our kids to question, analyse and verify online content. They need to be able to identify reputable and credible sources and think carefully before they share and digest information.

The best thing we can do as parents is challenge our kids and get them thinking! If for example, your child is researching online for a school assignment then get them thinking. Ask them what agenda the author of the article has. Ask them whether there is a counter argument to the one laid out in the article. Ask them whether the source sharing the information is trustworthy. The aim is to teach them to question and not take anything they find online at face value.

  1. Resilience – ‘I get back up from tough situations’

Unfortunately, the chances that your child will experience some challenges online is quite high. Whether someone posts a mean comment, they are harassed, or worst case, cyberbullied – these nasty online interactions can really hurt.

Ensuring your kids know that they can come to you about any issue they experience is essential. And you need to repeat this to them regularly, so they don’t forget! And if your child does come to you with a problem they experienced online, the worst thing you can do is threaten to disconnect them. If you do this, I guarantee you that they will never share anything else with you again.

In 2014, Parent Zone, one of the UK’s leading family digital safety organisations collaborated with the Oxford Internet Institute to examine ways to build children’s online resilience. The resulting report, A Shared Responsibility: Building Children’s Online Resilience, showed that unconditional love and respect from parents, a good set of digital skills plus the opportunity for kids to take risks and develop strategies in the online world – without being overly micro-managed by their parents – were key to building online resilience.

So, love them, educate them and give them some independence so they can start to take some small risks online and start developing resilience.

What Can You Do this Safer Internet Day?

Why not pledge to make one small change to help make the internet a better place this Safer Internet Day? Whether it’s modelling online respect, reminding your kids of their online responsibilities, challenging them to demonstrate reasoning when assessing online content or working with them to develop online resilience, just a few small steps can make a positive change.

 

 

 

 

 

The post Safer Internet Day 2019 – Together for a Better Internet appeared first on McAfee Blogs.

Cash Out with Our CES 2019 #RT2Win Sweepstakes!

We’ve officially touched down in Las Vegas for CES 2019!

If you aren’t familiar with CES, it is the global stage for innovators to showcase the next generation of consumer technologies. With the growing consumer technology landscape, we understand the importance of creating new solutions for those who want to live their connected lives with confidence. That’s why we’ve made some exciting new additions to our security lineup and employed multiple partnerships with other innovators like Google and Verizon to help protect users’ online safety. Check out all the details, here.

To celebrate the latest innovations, we’re giving two [2] lucky people the chance to win a $500 Amazon gift card. Not heading to CES this year? No problem! Simply retweet one of our official contest tweets with the required hashtags between January 8th – 11th for your chance to win. Follow the instructions below to enter, and good luck!

#RT2Win Sweepstakes Official Rules

  • To enter, follow @McAfee_Home on Twitter and find the #RT2Win sweepstakes tweet.
  • The sweepstakes tweet will be released on Tuesday, January 8, 2019 at 8:00 a.m. PT. This tweet will include the hashtags: #McAfeeAtCES, #RT2Win, AND #Sweepstakes.
  • Retweet the sweepstakes tweet released on the above date from your own handle. The #McAfeeAtCES, #RT2Win AND #Sweepstakes hashtags must be included to be entered.
  • Make sure you’re following @McAfee_Home on Twitter! You must follow for your entry to count.
  • Sweepstakes will end on Friday, January 11, 2019 at 11:59 p.m. PST. All entries must be made before that date and time.
  • Winners will be notified on Monday, January 14, 2019 via Twitter direct message.
  • Limit one entry per person.
1. How To Win

Retweet one of our contest tweets on @McAfee_Home that include “#McAfeeAtCES, #RT2Win, AND #Sweepstakes” for a chance to win a $500 Amazon gift card (for full prize details please see “Prizes” section below). Two [2] total winners will be selected and announced on January 14, 2019. Winners will be notified by direct message on Twitter. For full Sweepstakes details, please see the Terms and Conditions, below.

#RT2Win Sweepstakes Terms and Conditions

2. How to Enter: 

No purchase necessary. A purchase will not increase your chances of winning. McAfee CES 2019 #RT2Win Sweepstakes will be conducted from January 8, 2019 through January 11, 2019. All entries for each day of the McAfee CES 2019 #RT2Win Sweepstakes must be received during the time allotted for the McAfee CES 2019 #RT2Win Sweepstakes. Pacific Daylight Time shall control the McAfee CES 2019 #RT2Win Sweepstakes, duration is as follows:

  • Begins: Tuesday, January 8, 2019­­ at 8:00 a.m. PST
  • Ends: Friday, January 11, 2019 at 11:59 p.m. PST
  • Two [2] winners will be announced: Monday, January 14, 2019

For the McAfee CES 2019 #RT2Win Sweepstakes, participants must complete the following steps during the time allotted for the McAfee CES 2019 #RT2Win Sweepstakes:

  1. Follow @McAfee_Home on Twitter.
  2. Find the sweepstakes tweet of the day posted on @McAfee_Home which will include the hashtags: #McAfeeAtCES, #RT2Win and #Sweepstakes.
  3. Retweet the sweepstakes tweet of the day and make sure it includes the #McAfeeAtCES, #RT2Win, and hashtags.
  4. Note: Tweets that do not contain the #McAfeeAtCES, #RT2Win, and #Sweepstakes hashtags will not be considered for entry.
  5. Limit one entry per person.

Two [2] winners will be chosen for the McAfee CES 2019 #RT2Win Sweepstakes tweet from the viable pool of entries that retweeted and included #McAfeeAtCES, #RT2Win and #Sweepstakes. McAfee and the McAfee social team will choose winners from all the viable entries. The winners will be announced and privately messaged on Monday, January 14, 2019 on the @McAfee_Home Twitter handle. No other method of entry will be accepted besides Twitter. Only one entry per user is allowed, per Sweepstakes.   

3. Eligibility:

McAfee CES 2019 #RT2Win Sweepstakes is open to all legal residents of the 50 United States who are 18 years of age or older on the dates of the McAfee CES 2019 #RT2Win Sweepstakes begins and live in a jurisdiction where this prize and McAfee CES 2019 #RT2Win Sweepstakes not prohibited. Employees of Sponsor and its subsidiaries, affiliates, prize suppliers, and advertising and promotional agencies, their immediate families (spouses, parents, children, and siblings and their spouses), and individuals living in the same household as such employees are ineligible.

4. Winner Selection:

Winners will be selected at random from all eligible retweets received during the McAfee CES 2019 #RT2Win Sweepstakes drawing entry period. Sponsor will select the names of two [2] potential winners of the prizes in a random drawing from among all eligible submissions at the address listed below. The odds of winning depend on the number of eligible entries received. By participating, entrants agree to be bound by the Official McAfee CES 2019 #RT2Win Sweepstakes Rules and the decisions of the coordinators, which shall be final and binding in all respects.

5. Winner Notification: 

Each winner will be notified via direct message (“DM”) on Twitter.com by January 14, 2019. Prize winners may be required to sign an Affidavit of Eligibility and Liability/Publicity Release (where permitted by law) to be returned within ten (10) days of written notification, or prize may be forfeited, and an alternate winner selected. If a prize notification is returned as unclaimed or undeliverable to a potential winner, if potential winner cannot be reached within twenty four (24) hours from the first DM notification attempt, or if potential winner fails to return requisite document within the specified time period, or if a potential winner is not in compliance with these Official Rules, then such person shall be disqualified and, at Sponsor’s sole discretion, an alternate winner may be selected for the prize at issue based on the winner selection process described above.

6. Prizes: 

The prize for the McAfee CES 2019 #RT2Win Sweepstakes is a $500 Amazon gift card for each of the two [2] entrants/winners. Entrants agree that Sponsor has the sole right to determine the winners of the McAfee CES 2019 #RT2Win Sweepstakes and all matters or disputes arising from the McAfee CES 2019 #RT2Win Sweepstakes and that its determination is final and binding. There are no prize substitutions, transfers or cash equivalents permitted except at the sole discretion of Sponsor. Sponsor will not replace any lost or stolen prizes. Sponsor is not responsible for delays in prize delivery beyond its control. All other expenses and items not specifically mentioned in these Official Rules are not included and are the prize winners’ sole responsibility.

Limit one (1) prize per person/household. Prizes are non-transferable, and no cash equivalent or substitution of prize is offered. The McAfee CES 2019 #RT2Win Sweepstakes has no affiliation with Amazon.

7. General Conditions: 

Entrants agree that by entering they agree to be bound by these rules. All federal, state, and local taxes, fees, and surcharges on prize packages are the sole responsibility of the prizewinner. Sponsor is not responsible for incorrect or inaccurate entry information, whether caused by any of the equipment or programming associated with or utilized in the McAfee CES 2019 #RT2Win Sweepstakes, or by any technical or human error, which may occur in the processing of the McAfee CES 2019 #RT2Win Sweepstakes. entries. By entering, participants release and hold harmless Sponsor and its respective parents, subsidiaries, affiliates, directors, officers, employees, attorneys, agents, and representatives from any and all liability for any injuries, loss, claim, action, demand, or damage of any kind arising from or in connection with the McAfee CES 2019 #RT2Win Sweepstakes, any prize won, any misuse or malfunction of any prize awarded, participation in any McAfee CES 2019 #RT2Win Sweepstakes -related activity, or participation in the McAfee CES 2019 #RT2Win Sweepstakes. Except for applicable manufacturer’s standard warranties, the prizes are awarded “AS IS” and WITHOUT WARRANTY OF ANY KIND, express or implied (including any implied warranty of merchantability or fitness for a particular purpose).

8. Limitations of Liability; Releases:

By entering the Sweepstakes, you release Sponsor and all Released Parties from any liability whatsoever, and waive any and all causes of action, related to any claims, costs, injuries, losses, or damages of any kind arising out of or in connection with the Sweepstakes or delivery, misdelivery, acceptance, possession, use of or inability to use any prize (including claims, costs, injuries, losses and damages related to rights of publicity or privacy, defamation or portrayal in a false light, whether intentional or unintentional), whether under a theory of contract, tort (including negligence), warranty or other theory.

To the fullest extent permitted by applicable law, in no event will the sponsor or the released parties be liable for any special, indirect, incidental, or consequential damages, including loss of use, loss of profits or loss of data, whether in an action in contract, tort (including, negligence) or otherwise, arising out of or in any way connected to your participation in the sweepstakes or use or inability to use any equipment provided for use in the sweepstakes or any prize, even if a released party has been advised of the possibility of such damages.

  • To the fullest extent permitted by applicable law, in no event will the aggregate liability of the released parties (jointly) arising out of or relating to your participation in the sweepstakes or use of or inability to use any equipment provided for use in the sweepstakes or any prize exceed $10. The limitations set forth in this section will not exclude or limit liability for personal injury or property damage caused by products rented from the sponsor, or for the released parties’ gross negligence, intentional misconduct, or for fraud.
  • Use of Winner’s Name, Likeness, etc.: Except where prohibited by law, entry into the Sweepstakes constitutes permission to use your name, hometown, aural and visual likeness and prize information for advertising, marketing, and promotional purposes without further permission or compensation (including in a public-facing winner list).  As a condition of being awarded any prize, except where prohibited by law, winner may be required to execute a consent to the use of their name, hometown, aural and visual likeness and prize information for advertising, marketing, and promotional purposes without further permission or compensation. By entering this Sweepstakes, you consent to being contacted by Sponsor for any purpose in connection with this Sweepstakes.
9. Prize Forfeiture:

If winner cannot be notified, does not respond to notification, does not meet eligibility requirements, or otherwise does not comply with the prize McAfee CES 2019 #RT2Win Sweepstakes rules, then the winner will forfeit the prize and an alternate winner will be selected from remaining eligible entry forms for each McAfee CES 2019 #RT2Win Sweepstakes.

10. Dispute Resolution:

Entrants agree that Sponsor has the sole right to determine the winners of the McAfee CES 2019 #RT2Win Sweepstakes and all matters or disputes arising from the McAfee CES 2019 #RT2Win Sweepstakes and that its determination is final and binding. There are no prize substitutions, transfers or cash equivalents permitted except at the sole discretion of Sponsor.

11. Governing Law & Disputes:

Each entrant agrees that any disputes, claims, and causes of action arising out of or connected with this sweepstakes or any prize awarded will be resolved individually, without resort to any form of class action and these rules will be construed in accordance with the laws, jurisdiction, and venue of the State of New York, U.S.A.

12. Privacy Policy: 

Personal information obtained in connection with this prize McAfee CES 2019 #RT2Win Sweepstakes will be handled in accordance policy set forth at http://www.mcafee.com/us/about/privacy.html.

  1. Winner List; Rules Request: For a copy of the winner list, send a stamped, self-addressed, business-size envelope for arrival after January 8, 2019 before January 11, 2019 to the address listed below, Attn: #RT2Win at CES Sweepstakes.  To obtain a copy of these Official Rules, visit this link or send a stamped, self-addressed business-size envelope to the address listed in below, Attn: Sarah Grayson. VT residents may omit return postage.
  2. Intellectual Property Notice: McAfee and the McAfee logo are registered trademarks of McAfee, LLC. The Sweepstakes and all accompanying materials are copyright © 2019 by McAfee, LLC.  All rights reserved.
  3. Sponsor: McAfee, LLC, Corporate Headquarters 2821 Mission College Blvd. Santa Clara, CA 95054 USA
  4. Administrator: LEWIS Pulse, 111 Sutter St., Suiter 850, San Francisco, CA 94104

The post Cash Out with Our CES 2019 #RT2Win Sweepstakes! appeared first on McAfee Blogs.

Level Up Your Cybersecurity: Insights from Our Gaming Survey

Online gaming has seen a rise in popularity over the years. Many people see it as a way to unwind from a stressful day or complete new challenges. However, just like any other internet-connected channel, online gaming can expose users to a variety of cybersecurity risks. So, to examine the relationship between cybersecurity and gaming, we decided to survey 1,000 U.S. residents ages 18 and over who are frequent gamers. *

Time to Upgrade Your Online Safety

Of those surveyed, 75% of PC gamers chose security as the element that most concerned them about the future of gaming. This makes sense since 64% of our respondents either have or know someone who has been directly affected by a cyberattack. And while 83% of the gamers do use an antivirus software to protect their PCs, we found that gamers still participate in risky online behavior.

Poor Habits Could Mean Game Over for Your Cybersecurity

So, what does this risky behavior look like, exactly? The following sums it up pretty well:

  • 55% of gamers reuse passwords for multiple online accounts, leading to greater risk if their password is cracked.
  • 36% of respondents rely on incognito mode or private browsing to keep their PC safe.
  • 41% read the privacy policies associated with games, though this technique won’t help to keep their device secure.

With these lax habits in place, it’s not hard to believe that 38% of our respondents experienced at least one malicious attack on their PC. And while 92% installed an antivirus software after experiencing a cyberattack, it’s important for gamers to take action against potential threats before they occur.

Level Up Your Gaming Security

Now the question is – what do these gamers need to do to stay safe while they play? Start by following these tips:

  • Do not reuse passwords. Reusing passwords makes it easier for hackers to access more than one of your accounts if they crack one of your logins. Prevent this by using unique login credentials for all of your accounts.
  • Click with caution. Avoid interacting with messages from players you don’t know and don’t click on suspicious links. Cybercriminals can use phishing emails to send gamers malicious files and links that can infect their device with malware.
  • Use a security solution. Using a security service to safeguard your devices can help protect you from a variety of threats that can disrupt your gaming experience. Look out for our newest product McAfee Gamer Security, which we launched just in time for CES 2019. Although this product is still in beta mode, it could be used to combat cyberthreats while optimizing your computing resources.

And, as always, stay on top of the latest consumer and mobile security threats by following @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

*Survey respondents played video games at least four times a month and spent at least $200 annually on gaming.

The post Level Up Your Cybersecurity: Insights from Our Gaming Survey appeared first on McAfee Blogs.