Category Archives: facebook

Breaches and Bugs: How Secure are Your Family’s Favorite Apps?

app safety

app safetyIs your family feeling more vulnerable online lately? If so, you aren’t alone. The recent WhatsApp bug and social media breaches recently have app users thinking twice about security.

Hackers behind the recent WhatsApp malware attack, it’s reported, could record conversations, steal private messages, grab photos and location data, and turn on a device’s camera and microphone. (Is anyone else feeling like you just got caught in the middle an episode of Homeland?)

There’s not much you and your family can do about an attack like this except to stay on top of the news, be sure to share knowledge and react promptly, and discuss device security in your home as much as possible.

How much does your family love its apps? Here’s some insight:

  • Facebook Messenger 3.408 billion downloads
  • WhatsApp 2.979 billion downloads
  • Instagram 1.843 billion downloads
  • Skype 1.039 billion downloads
  • Twitter 833.858 million downloads
  • Candy Crush 805.826 million downloads
  • Snapchat 782.837 million downloads

So, should you require your family to delete its favorite apps? Not even. A certain degree of vulnerability comes with the territory of a digital culture.

However, what you can and should do to ease that sense of vulnerability is to adopt proactive safety habits — and teach your kids — to layer up safeguards wherever possible.

Tips to Help Your Family Avoid Being Hacked

Don’t be complacent. Talk to your kids about digital responsibility and to treat each app like a potential doorway that could expose your family’s data. Take the time to sit down and teach kids how to lock down privacy settings and the importance of keeping device software updated. Counsel them not to accept data breaches as a regular part of digital life and how to fight back against online criminals with a security mindset.

Power up your passwords. Teach your kids to use unique, complex passwords for all of their apps and to use multi-factor authentication when it’s offered.

Auto update all apps. App developers regularly issue updates to fix security vulnerabilities. You can turn on auto updates in your device’s Settings.

Add extra security. If you can add a robust, easy-to-install layer of security to protect your family’s devices, why not? McAfee mobile solutions are available for both iOS and Android and will help safeguard devices from cyber threats.

Avoid suspicious links. Hackers send malicious links through text, messenger, email, pop-ups, or within the context of an ongoing conversation. Teach your kids to be aware of these tricks and not to click suspicious links or download unfamiliar content.

Share responsibly. When you use chat apps like WhatsApp or Facebook Messenger, it’s easy to forget that an outsider can access your conversation. Remind your children that nothing is private — even messaging apps that feel as if a conversation is private. Hackers are looking for personal information (birthday, address, hometown, or names of family members and pets) to crack your passwords, steal your identity, or gain access to other accounts.

What to Do If You Get Hacked

If one of your apps is compromised, act quickly to minimize the fallout. If you’ve been hacked, you may notice your device running slowly, a drain on your data, strange apps on your home screen, and evidence of calls, texts or emails you did not send.

Social media accounts. For Facebook and other social accounts, change your password immediately and alert your contacts that your account was compromised.

Review your purchase history. Check to see if there are any new apps or games installed that you didn’t authorize. You may have to cancel the credit card associated with your Google Play or iTunes account.

Revoke app access, delete old apps. Sometimes it’s not a person but a malicious app you may have downloaded that is wreaking havoc on your device. Encourage your kids to go through their apps and delete suspicious ones as well as apps they don’t use.

Bugs and breaches are part of our digital culture, but we don’t have to resign ourselves to being targets. By sharing knowledge and teaching kids to put on a security mindset, together, you can stay one step ahead of a cybercrook’s digital traps.

The post Breaches and Bugs: How Secure are Your Family’s Favorite Apps? appeared first on McAfee Blogs.

Facebook banned Archimedes Group, misinformation made in Israel

A new political misinformation campaign was uncovered and blocked by Facebook, this time it was not operated by Russia but Israel’s Archimedes Group

Facebook uncovered and blocked a misinformation campaign powered by Israel’ Archimedes Group, the corporation used fake accounts to manipulated political campaigns.

According to Facebook, the Archimedes Group used hundreds of pages, accounts, and groups in the attempt to influence the public sentiment on political discussions.

The misinformation focused on specific countries in Africa (Nigeria, Senegal, Togo, Angola, Niger, and Tunisia), Latin America and Southeast Asia. The operators behind this campaign posed themselves as local people and organizations to fuel the debate on specific political events.

“Today we removed 265 Facebook and Instagram accounts, Facebook Pages, Groups and events involved in coordinated inauthentic behavior. This activity originated in Israel and focused on Nigeria, Senegal, Togo, Angola, Niger and Tunisia along with some activity in Latin America and Southeast Asia.” wrote Nathaniel Gleicher, Head of cybersecurity Policy at Facebook. “The people behind this network used fake accounts to run Pages, disseminate their content and artificially increase engagement.”

Facebook banned Archimedes Group and all of its subsidiaries from its social media platforms.

Facebook shared some interesting details about the efforts of the corporations in spreading fake news to change the perception of the reality:

  • Presence on Facebook and Instagram: 65 Facebook accounts, 161 Pages, 23 Groups, 12 events and four Instagram accounts.
  • Followers: About 2.8 million accounts followed one or more of these Pages, about 5,500accounts joined at least one of these Groups and around 920 people followed one or more of these Instagram accounts.
  • Advertising: Around $812,000 in spending for ads on Facebook paid for in Brazilian reals, Israeli shekel, and US dollars. The first ad ran in December 2012 and the most recent ad ran in April 2019.
  • Events: Nine events were hosted by these Pages. The first was scheduled for October 2017 and the most recent was scheduled for May 2019. Up to 2,900 people expressed interest in at least one of these events, and a portion of their accounts were previously identified and disabled as fake. We cannot confirm whether any of these events actually occurred.

Facebook provided an example of the type of content that was removed, the following image is related to Martin Fayulu, leader of the Engagement for Citizenship and Development party in the Democratic Republic of the Congo.

screenshot-2019-05-17-at-07-17-23.png

Archimedes Group invested a total of $812,000 on Facebook ads, these figures could give you an idea about the strategic importance of social networks in misinformation campaigns.

“It has repeatedly violated our misrepresentation and other policies, including by engaging in coordinated inauthentic behavior,” Facebook says. “This organization and all its subsidiaries are now banned from Facebook, and it has been issued a cease and desist letter.”

Now the question is, who paid this campaign?

If you appreciate my effort in spreading cybersecurity awareness, please vote for Security Affairs in the section “Your Vote for the Best EU Security Tweeter”

https://www.surveymonkey.com/r/EUBloggerAwards2018

I’m one of the finalists thanks to your support

Thank you

Pierluigi

Pierluigi Paganini

(SecurityAffairs – Facebook, Archimedes Group

The post Facebook banned Archimedes Group, misinformation made in Israel appeared first on Security Affairs.

WhatsApp Compromised by Spyware

WhatsApp disclosed a major security vulnerability that allowed hackers to remotely install spyware on mobile devices.

The vulnerability, discovered earlier this month, allowed third parties to see and intercept encrypted communications. The spyware deployed has been traced back to NSO Group, an Israeli cyber company alleged to have enabled Middle East governments to surveil its citizens.

“The attack has all the hallmarks of a private company reportedly that works with governments to deliver spyware that takes over the functions of mobile phone operating systems,” WhatsApp announced in a statement.

NSO Group has denied involvement.

“Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is solely operated by intelligence and law enforcement agencies,” the company said in a press release.

WhatsApp, which is owned by Facebook, has released a patch to fix the vulnerability and urges all users to update as soon as possible.

“Given the limited information we collect, it is hard for us to say with certainty the impact to specific users,” WhatsApp said in a statement. “Out of an abundance of caution we are encouraging all users to update WhatsApp as well as keep their mobile OS up to date.”

The post WhatsApp Compromised by Spyware appeared first on Adam Levin.

Saving Summer: 5 Strategies to Help Reign In Family Screen Time Over Break

summer screen time

summer screen timeIt’s the most wonderful time of the year — for teachers and lifeguards. For everyone else (parents) we have a little prep work to do to make sure the summer doesn’t lull our kids into digital comas.

Most of us have learned that given zero limits, kids will play video games, watch YouTube, send snaps, and scroll Instagram into the midnight hours. This ever-present digital lure, combined with the “summer slide,” which is the academic ground kids lose over the summer, means that most parents are hoping to make the most of the summer months need to get proactive — now.

No matter your child’s age, teaching kids to use technology in a healthy way and pick up skills and habits that will make them savvy digital citizens, becomes even more critical in the summer months. Studies show that excess screen time can lead to increased cyberbullying, low self-esteem, depression, isolation, and anxiety in children and teens. Also, the World Health Organization (WHO) has now classified a new form of addiction called “gaming disorder.” That designation means health professionals can now treat dangerous levels of video gaming as a legitimate addiction. (Yes, this is the new normal of parenting).

Warning signs of too much tech:

  • Tantrums or inappropriate resistance to screen limits or refusing to let you see their devices
  • Lack of sleep (which can cause anger outbursts, moodiness, fatigue, and even illness)
  • Isolation and decrease in face-to-face time with friends and family
  • Complaining about family outings and declining invitations to participate in activities
  • Losing interest in physical activity

Tech balance in one family will look different than in another because every family has its own values, dynamic, and parenting styles. You may have to establish ground rules together and make edits over time — that’s okay, stay flexible. The important thing is to set limits and set them together, so your child feels as if he or she is part of the process and learns how and why to self-regulate over time.

summer screen time

Here are some tips for launching your family conversation and getting summer off to a positive, tech-healthy start.

  1. Discuss and agree on limits. Consider what an average day looks like. Where are the critical gaps where connection can happen? Maybe it’s transition times when you pick up your child from camp or a friend’s house. Perhaps it’s the hour after you get home from work, during meals, movie time, or in restaurants. Maybe it’s family outing such as the pool, the zoo, the theatre, roadmap time, or outdoors. Also, setting a device curfew in the summer months is more critical since kids like to take their devices to bed and keep scrolling.Discuss why and when your family should be screen-free and then put your commitment in writing in a Summer Family Media plan (every age range will require different ground rules). The American Academy of Pediatrics’ website has a fun, easy form you can fill out to create your Family Media Plan based on your child’s age.
  2. Pay attention to content: Setting screen limits doesn’t matter much if the content your child views isn’thealthy. A few questions to help assess content:
  • Is the content age-appropriate?
  • Are the apps my child uses interactive and learning-based or mind-numbing or even risky?
  • Do my family’s technology habits require filtering software to help block inappropriate websites?
  • Are the privacy settings on social media and gaming accounts set to restrict what strangers can see and who can send a direct message to my child?
  1. Jump into the fun. Part of teaching kids to understand healthy technology habits is taking the time to meet them where they are in their digital world — their favorite hangouts. When they understand you aren’t limiting screen time to punish them and that technology in itself isn’t bad, they will be more likely to see the benefits of balance and self-regulate in the future. What online games do they play? Consider watching them excel in their craft and cheering them on. Better yet, grab a controller and play along. What social media sites does your child love? Join in on Snapchat and let them teach you how to have fun with photo filters on the app.summer screen time
  2. Be hyper intentional. Zig Ziglar once said that to a child, “love” is spelled T-I-M-E. Under the influence of today’s digital culture, nothing is assumed, and most everything requires intentionality — especially grabbing the quality time we desire. Consider sitting down as a family and creating a summer bucket list of things you’d like to do before summer ends. Maybe it’s more movie nights, more beach time, a family craft or building project, volunteer work, board games, workout time, trips, whatever — be realistic that nothing on your list will happen without serious intention.
  3. From monitoring to mentoring. It’s always a good idea to monitor your child’s online activities. We are big fans of filtering software and understanding what social networks and apps your kids frequent. However, because you likely have more face-to-face with your kids in the summer months, think about ways to mentor them. Talk about current events related to online safety, pay attention to their friend groups on and offline, and use this extra time to reset some digital goals that may have slipped off your radar during the school year. Some possible goals: Set up your own Snapchat account, finally learn to use Twitter, educate yourself on dangerous apps, or let your child teach you how to improve your digital skills. With this extra valuable time over the summer, you can cover some serious ground by talking more about concepts like conflict-management, empathy, resilience, self-awareness, and digital responsibility, which will all help strengthen digital skills.

In your quest to establish summer ground rules that work for your family, don’t overlook the importance of the peer-to-peer connection that technology brings. Technology is the primary channel (like it or not) kids have to build their friendships, stay the loop, and to be affirmed. They need hangout time, and that’s usually online. Keep this in mind as you work together to find the balance that works best for your family.

The post Saving Summer: 5 Strategies to Help Reign In Family Screen Time Over Break appeared first on McAfee Blogs.

The privacy paradox: why do people keep using tech firms that abuse their data? | John Naughton

Despite privacy scandals, Facebook is more profitable than ever – journalists must use the tools of tech to understand why

A dark shadow looms over our networked world. It’s called the “privacy paradox”. The main commercial engine of this world involves erosion of, and intrusions upon, our privacy. Whenever researchers, opinion pollsters and other busybodies ask people if they value their privacy, they invariably respond with a resounding “yes”. The paradox arises from the fact that they nevertheless continue to use the services that undermine their beloved privacy.

If you want confirmation, then look no further than Facebook. In privacy-scandal terms, 2018 was an annus horribilis for the company. Yet the results show that by almost every measure that matters to Wall Street, it has had a bumper year. The number of daily active users everywhere is up; average revenue per user is up 19% on last year, while overall revenue for the last quarter of 2018 is 30.4% up on the same quarter in 2017. In privacy terms, the company should be a pariah. At least some of its users must be aware of this. But it apparently makes no difference to their behaviour.

Related: Secretive hard-Brexit Facebook campaign got 1m responses

Continue reading...

Smashing Security #126: Zombie chickens and fast-food victims

What’s the worst that can happen if you join a Hollywood hard man’s Facebook page? What drove a man to hijack a website’s name at gunpoint? And can you solve the mystery of the Canadian Hamburglar?

Find out in the award-winning “Smashing Security” podcast with Graham Cluley, Carole Theriault, and special guest Mark Stockley from Naked Security.

Cyber Security Roundup for April 2019

The UK government controversially gave a green light to Huawei get involved with the building of the UK's 5G networks, although the Chinese tech giant role will be limited to non-sensitive areas of the network, such as providing antennas. This decision made by Theresa May came days after US intelligence announced Huawei was Chinese state funded, and amidst reports historical backdoors in Huawei products, stoking up the Huawei political and security row even further this month, and has resulted in the UK Defence Secretary, Gavin Williamson, being sacked. 
The National Cyber Security Centre (NCSC) launched a free online tool called "Exercise in a Box", designed by the UK cyber intelligence boffins to help organisations prepare in managing major cyber attacks.  The premise, is the tool will help UK organisations avoid scenarios such as the 2017’s Wannacry attacks, which devastated NHS IT systems and placed patient lives at risk.
 
German drug manufacturing giant, Beyer, found a malware infection, said to originate from a Chinese group called "Wicked Panda".  The malware in question was WINNIT, which is known in the security industry and allows remote access into networks, allowing hackers to deliver further malware and to conduct exploits. In my view, the presence of WINNIT is a sure sign a covert and sustained campaign by a sophisticated threat actor, likely focused on espionage given the company's sector.  Beyer stressed there was no evidence of data theft, but were are still investigating. 
 
Another manufacturing giant severely hit by a cyber attack this month was Aebi Schmidt. A ransomware outbreak impacted its business' operations globally, with most of the damage occurring at their European base. The ransomware wasn't named, but it left multiple Windows systems, on their presumably flat network infrastructure, paralyzed.
 
Facebook may have announced the dawn of their "privacy evolution" at the end of April, but their privacy woes still continue, after Upguard researchers found and reported 540 Million Facebook member records on an unsecured AWS S3 bucket. The "Cultura Colectiva" dataset contained 146GB of data with 540 million records showing comments, likes, reactions, account names, Facebook IDs and more. Looks like Facebook really have their work cut in restoring their consumer's faith in protecting their privacy.
 
UK businesses saw a significant increase in cyber attacks in 2019 according to a report by insurer Hiscox, with 55% of respondents reporting they had faced a cyber attack in 2019, up from 40% from last year.
 
A survey by the NCSC concluded most UK users are still using weak passwords. Released just before CyberUK 2019 conference in Glasgow, which I was unable attend due work commitments, said the most common password on breached accounts was"123456", used by 23.2 million accounts worldwide. Next on the list was "123456789" and "qwerty", "password" and "1111111".  Liverpool was the most common Premier League Football team used as a password, with Blink 182 the most common music act. The NCSC also published a separate analysis of the 100,000 most commonly re-occurring passwords that have been accessed by third parties in global cyber breaches. So password still remains the biggest Achilles' heel with our security.

The UK hacktivist threat came back to the fore this month, after the Anonymous Group took revenge on the UK government for arresting WikiLeaks founder Julian Assange, by attacking Yorkshire Councils. I am not sure what Yorkshire link with Assange actually is, but the website for Barnsley Council was taken down by a DDoS attack, a tweet from the group CyberGhost404 linked to the crashed Barnsley Council website and said "Free Assange or chaos is coming for you!". A tweet from an account called 'Anonymous Espana' with an image, suggested they had access to Bedale Council's confidential files, and were threatening to leak them. 
 
Microsoft Outlook.com, Hotmail and MSN users are reported as having their accounts compromised. TechCrunch revealed the breach was caused due to the hackers getting hold of a customer support tech's login credentials. Over two million WiFi passwords were found exposed on an open database by the developer of WiFi Finder. The WiFi Finder App helps to find and log into hotspots.  Two in every three hotel websites leak guest booking details and personal data according to a report. Over 1,500 hotels in 54 countries failed to protect user information.
 
Finally, but not lest, a great report by Recorded Future on the raise of the dark web business of credential stuffing, titled "The Economy of Credential Stuffing Attacks". The report explains how low-level criminals use automated 'checkers' tools to validate compromised credentials, before selling them on.

I am aware of school children getting sucked into this illicit world, typically starts with them seeking to take over better online game accounts after their own account is compromised, they quickly end up with more money than they can spend. Aside from keeping an eye on what your children are up to online as a parent, it goes to underline the importance of using unique complex passwords with every web account (use a password manager or vault to help you - see password security section on the Security Expert website). And always use Multi-Factor Authentication where available, and if you suspect or have are informed your account 'may' have compromised, change your password straight away.

BLOG
 NEWS
AWARENESS, EDUCATION AND THREAT INTELLIGENCE
REPORTS

Facebook Braces for Multibillion Dollar Fine

Facebook announced that it was preparing for a massive fine from the Federal Trade Commission for its mishandling of user privacy. The fine could be as much as $5 billion.

The social media giant revealed the fine as a one-time expense in its annual earnings statement, explaining a 51% decline in income, “in connection with the inquiry of the FTC into our platform and user data practices.”

“We estimate that the range of loss in this matter is $3.0bn to $5.0bn,” the company’s statement explained. “The matter remains unresolved, and there can be no assurance as to the timing or the terms of any final outcome.”

Facebook has been the target of an FTC investigation to determine if it had violated a 2011 consent decree following the 2018 revelation that it improperly shared data with Cambridge Analytica.

Despite the size of the fine, the company showed continuous growth and an expansion of its ecosystem of apps.

Read more about the story here.

The post Facebook Braces for Multibillion Dollar Fine appeared first on Adam Levin.

The Mute Button: How to Use Your Most Underrated Social Superpower

For a Monday, the school day was turning out to be surprisingly awesome. Mackenzie sat with friends at lunch, chatted with her favorite teacher, and aced her English test.

Then came the shift.

It happened between 5th and 6th period when Mackenzie checked her Instagram account. One glance showed several posts from the popular girls (yet another party I wasn’t invited to, she thought). She saw her friend Emma’s Spring Break photos (how can someone look that good in a bikini, she wondered) followed by several whos-dating-who posts from blissful looking couples (when is someone going to love me, she mused). In less than 60 seconds, the images and comments Mackenzie saw had the power to subtly alter her heart and mind.

FOMO

Mackenzie isn’t alone. Studies have repeatedly linked Social networks with high levels of anxiety, depression, bullying and an emotional phenomenon called FOMO (fear of missing out) among teens and — if we’re honest — among plenty of adults.

We can’t control the perpetual stream of photos, comments, and videos that flood our social feeds. Social is here to stay, and to some extent, most of us are required to be online. However, we can control the amount and the quality of the content that comes at us. And, we can teach our kids to do the same.

It’s called the mute button, and it could be your family’s most underrated superpower when it comes to enjoying life online. Many people either don’t know about their mute button or forget they have it.

The mute button allows you to turn off someone’s feed (yes—make it vanish) without the awkwardness of unfollowing or unfriending them. The cool part: No one knows you’ve muted them, so there are no hurt feelings. You can still view a muted person’s profile, and they can see yours. You can send or receive direct messages as if everything were copacetic.

How to mute

Thankfully, you can mute people easily on most social networks.

To mute someone on Instagram, go to the person’s page, find to the three little dots in the top upper right of the page, click and choose mute (you can choose to mute their feed and their stories). You can mute someone on Facebook by going to the person’s main page and clicking the “friends” button under their photo. You will have the option to “unfollow,” which will mute the person’s content but allow you to stay friends. On Twitter, you can stop seeing a person’s tweets by going to the three dots in the top upper right corner and choosing “mute.”

This simple, powerful click will allow you to curate what you see in your feed every day and instantly block the content that is annoying or negative. The result? Fewer emotional darts are flying at you randomly throughout the day and, hopefully, a more enjoyable, positive experience online.

When to mute

What’ s considered annoying or offensive to one person may be entirely acceptable and even enjoyable to someone else. So, the reasons for muting someone can vary greatly.

A few reasons to mute might be: 

  • Inappropriate or offensive content
  • Mean, bullying, or reckless content
  • Posting too frequently
  • Excessive bragging, boasting, or self-promotion
  • Content that negatively impacts your mental health
  • Non-stop political posts or rants
  • Too many selfies
  • Graphic or disturbing images or videos
  • Constant negative or critical posts
  • Useless, uninteresting, or tedious information
  • Monopolizing conversations
  • Perpetual personal drama
  • Too much content on one topic

Talking points for families

Editing your social circle is okay. The voices that surround you have influence, so choose the voices you surround yourself with carefully. Also, being “friends” with 1,000 or even 300 people isn’t realistic or reflective of real life. Remind kids: That tug (or compulsion) you feel to like, comment, post, or chime in online should not rule your time or your mind. You (and your family) may be surprised how good it feels to whittle down the number of voices you allow into your day.

Pay attention to emotional triggers. In many ways, you are what you consume online. Ask yourself: Is this person’s account positive or negative? Does it make me feel included and worthy or excluded and less-than? Do I feel jealous, annoyed, or negative when I see this person’s updates, photos, or tweets? Edit boldly. You can mute negative accounts temporarily or permanently without guilt.

Less noise, less clutter. If you want things to be different, you have to do things differently, and this applies online. Forming your thoughts and opinions is much more difficult when you are constantly absorbing other people’s ideas. The less digital clutter, the more room for quiet contemplation and self-awareness, which is always a good idea for young and older mind minds alike.

Be brave, be you. Kids pay far more attention to friend and follower counts than adults do. They consider it intentional rejection when someone unfollows or unfriends them online. For that reason, you may need to reiterate the importance of putting mental health before popularity or people pleasing. Remind them: It’s okay to mute, unfollow, or unfriend any person who is not a positive influence on your heart and mind.

No one is everyone’s favorite. It’s impossible to like everyone or be liked by everyone — impossible. There will always be individuals who will get under your skin. And, at times, people may feel the same about you. This is a normal part of human relationships. This reality makes striving to be liked by everyone online an impossible, exhausting task.

The digital world is packed with ever-changing social complexities. Seemingly casual clicks can trigger an avalanche of positive or negative emotions that can take their toll (whether we realize it or not). Helping your child think proactively about content and take responsibility for the content comes across his or her screen, is more important than ever in raising wise, healthy digital kids.

The post The Mute Button: How to Use Your Most Underrated Social Superpower appeared first on McAfee Blogs.

Social Underground: Kids Using Google Docs as New Digital Hangout

Over the years kids have succeeded in staying one step ahead of parents on the digital front. Remember the golden days of social? Teens owned Facebook until every parent, auntie, and grandparent on the planet showed up. So, teens migrated to Instagram, Twitter, and Snapchat hoping to carve out a private patch of land for their tribe. And, according to a report in The Atlantic, the latest app these digital nomads have claimed as a covert hangout surprisingly is Google Docs.

Yes — Google Docs — that boring looking online tool many of us parents use at work to collaborate on projects. Google Docs is perfect when you think about it. The app can be accessed on a tablet, laptop, or as a phone app. It allows multiple users to edit a document at the same time — kind of like an online party or the ultimate private group chat.

To interact, kids can use the chat function or even highlight words or phrases and use a comment bubble to chat. Because teachers use the application in the classroom, kids are using Google Docs to chat during class without getting busted or dupe parents at home into thinking they are doing their homework.

Another big perk: Schools have firewalls that block social networking sites during school hours, but Google Docs is officially cleared for school use.

The Risks

As with any app, what begins as a covert, harmlessly chat channel between friends, can get malicious quickly as more and more people are invited into a shared document to talk.

Kids can easily share videos, memes, and hurtful, joking, or inappropriate content within a Google Doc. They can gang up on other kids and bully others just as they do on any other social network. Similar to the way images disappear on Snapchat in 24 hours or on Instagram stories, the “resolve” button on Google Docs chat function, allows kids to instantly delete a chat thread if a teacher or parent heads their way or hovers too closely.

Because Google Docs live on the cloud, there’s no need to download or install a piece of software to use or access it. Any device connected to the Internet can access a Google Doc, which means kids can also use it as a digital diary without a digital trail and hide potentially harmful behaviors from parents.

10 Ways to Coach Your Kids Around Digital Safety 

  1. Know where they go. Just as you’d ask where your child where he or she is going offline, be aware of their digital destinations online. Check on them during homework hours to be sure they aren’t chatting away their learning time.
  2. Check for other apps. If you’ve grounded your child from his or her smartphone for any reason, and they claim they have online homework to do, check their laptops and tablets for chat apps like Kik, WhatsApp, hidden vault apps, and of course, as we now know, Google Docs (see right for the icon).
  3. Remember, it’s forever. Even if an image or video is “resolved” on Google Docs, deleted on Instagram or Twitter, or “vanishes” on Snapchat, the great equalizer is the screenshot. Anyone can take one, and anyone can use it to bully, extort, or shame another person anytime they decide. Remind kids of the responsibility they have with any content they share anywhere online — privacy does not exist.
  4. Sharing is caring. If your child is on Google Docs and you have a hunch, they aren’t doing homework, ask them to share their document with you so you can monitor their work. Just hit the big blue “share” button and insert your email address and you will have immediate access to the homework document.
  5. Keep in touch with teachers. If your child’s grades begin to slip, he or she could be distracted at school. Ask about what apps are used in the classroom and alert the teacher if you think your child might be distracted be it with technology or anything else.
  6. Parental controls. Hey, we’re busy because we’re parents. Enlist some help in monitoring your child’s online activity with parental control software. This will help you block risky sites, limit excessive app use, and give you a report of where your kids spend most of their time online.
  7. Look for red flags. Everyone needs and desires privacy even your teen. The tough part is discerning when a teen is being private or trying to hide risky behavior. A few red flags to look for include defensiveness when asked about an app or chat activity, turning off a device screen when you come around, and getting angry when you ask to see their screen. Another sign of unhealthy app use is an increase in data use and fatigue at school from lack of sleep.
  8. Connect with other parents. Here’s the snag in the whole plan: The rules that apply to homework and devices at your house, may not apply at other people’s homes where kids often study. Bullying or inappropriate online behaviors often take place under other people’s roofs. So get intentional. Keep in touch with other parents. Find common ground on digital values before letting kids go offsite for homework time.
  9. Talk, talk, talk. Your best defense in keeping your kids safe online — be it using apps or other sites — is a strong offense. Talk with your kids often about what they like to do online, what their friends do, and address digital issues immediately.
  10. Be flexible. Parental monitoring is going to look different in every family. Every child is different in maturity, and every parent-child relationship varies greatly. Find a monitoring solution that works for your family. Coming down too hard on your kids could drive them into deeper secrecy while taking a hands-off approach could put them in danger. Try different methods until you find one that fits your family.

Remember: You won’t be able to keep your finger on everything your child is up to online, but you can still have a considerable influence by staying in the know on digital trends and best online safety practices.

The post Social Underground: Kids Using Google Docs as New Digital Hangout appeared first on McAfee Blogs.

Teen Texting Slang (and Emojis) Parents Should Know

What adults call texting, kids call talking. They “talk” on their phones via chat, social comments, snaps, posts, tweets, and direct messages. And they are talking most of the time — tap, tap, tap — much like background music. In all this “talking” a language, or code, emerges just as it has for every generation only today that language is in acronyms, hashtags, and emojis. And while the slang is perfectly understood peer-to-peer, it has parents googling like crazy to decipher it.

And this language changes all the time. It expands, contracts and specific acronyms and symbols (emojis) can change in meaning entirely over time, which is why we update this list every periodically.

This time we’ve added emojis (scroll to bottom) since those powerful little graphic symbols have singlehandedly transformed human communication, as we know it.

Harmless Banter

We publish this list with an important reminder: Teen texting slang isn’t inherently bad or created with an intent to deceive or harm. Most of the terms and symbols have emerged as a kind of clever shorthand for fast moving fingers and have no dangerous or risky meaning attached. So, if you are monitoring your kids’ phones or come across references you don’t understand, assume the best in them (then, of course, do your homework).

For example, there are dozens of harmless words such as finna (fixing to do something), yeet (a way to express excitement), skeet (let’s go), Gucci (great, awesome, or overpriced), AMIRITE (am I right?) QQ4U (quick question for you), SMH (shaking my head), bread (money), IDRK (I don’t really know), OOTD (outfit of the day), LYAAF (love you as a friend), MCE (my crush everyday), HMU (hit me up, call me), W/E (whatever), AFK (away from keyboard), RTWT (read the whole thread), CWYL (chat with you later), Ship (relationship), CYT (see you tomorrow) or SO (significant other).

The Red Flags 

Here are some terms and emojis that may not be so innocent. Any of these terms can also appear as hashtags if you put a # symbol in front of them.

Potential bullying slang

Ghost = to ignore someone on purpose

Boujee = rich or acting rich

Sip tea = mind your own business

The tea is so hot = juicy gossip

AYFKM? = are you f***ing kidding me?

Thirsty = adjective describing a desperate-acting, needy person

Basic = annoying person, interested in shallow things

Extra = over the top, excessive, dramatic person

TBH = to be honest (sometimes followed by negative comments)

Zerg = to gang up on someone (a gaming term that has morphed into a bullying term)

KYS = kill yourself

SWYP = so what’s your problem?

182 = I hate you
Curve = to reject someone

Shade = throwing shade, to put someone down.

POS = piece of sh**

WTF = what the f***

Derp = stupid

Lsr = loser

Butters = ugly

Jelly = jealous

Subtweet = talking about someone but not using their @name

Bizzle = another word for b***h

THOT or thotties = a promiscuous girl/s

YAG = you are gay

Cyber pretty = saying someone only looks good online with filters

Beyouch = another word for b***h

RAB = rude a** b***h

IMHO = in my honest opinion

IMNSHO = in my not so honest opinion

NISM = need I say more?

Potential risky behavior slang  

Broken = hung over

Pasted = high or drunk

Belfie = self-portrait (selfie) featuring the buttocks

OC = open crib, party at my house

PIR = parents in the room

9, CD9, Code 9 = parents here

99 = parents gone

Smash = to have casual sex

Slide into my DM = connecting through a direct message on a social network with sexual intentions

A3: Anytime, anywhere, anyplace

WTTP = want to trade pictures?

S2R = send to receive (pictures)
sugarpic = Refers to a suggestive or erotic photograph

TDTM = talk dirty to me

KMS = kill myself

AITR = adults in the room

KPC = keeping parents clueless

1174 = invite to a wild party usually followed by an address

53X = sex

Chirped = got caught

Cu46 = See you for sexTDTM = talk dirty to meLMIRL = let’s meet in real life

GNRN = get naked right now

Pron = porn

Frape = Facebook rape; posting to someone else’s profile when they leave it logged in.

NSFW = not safe for work (post will include nudity, etc)

Livingdangerously = taking selfies while driving or some other unsafe behavior

Kik = let’s talk on kik instant message instead

Sue = suicide

Dep = depression

Svv = self- harming behavior

SN = send nudes

Nend sudes = another way to say SN/send nudes

PNP = party and play (drugs + sex)

 

Potential drug-related slang

420, bud, tree = marijuana

Blow, mayo, white lady, rock, snow, yay, yale, yeyo, yank, yahoo = Cocaine

Special K = ketamine, liquid tranquilizer

Pearls = a nicely rolled blunt

Dabbing = concentrated doses of marijuana (began as a dance craze)

DOC = drug of choice

Turnt up / turnt = high or drunk

Geeked up = being high

Bar = Xanax pill

Bar out = to take a Xanax pill

Baseball = crack cocaine

Skrill = Money

Bread = money

CID = acid

E, XTC  = ecstasy

Hazel = heroin

Blue Boogers = snorting Adderall or Ritalin

Pharming = getting into medicine cabinets to find drugs to get high

Oxy, perks, vikes = opioids

Robo-tripping = consuming cough syrup to get high

Tweaking = high on amphetamines

Wings = cocaine; heroin

Speed, crank, uppers, Crystal or Tina = meth

 

Red flag emojis

Frog = an ugly person

Frog + tea (coffee) cup = that’s the tea (gossip)

Any kind of green plant/leaves = marijuana

Maple leaf = marijuana

Broccoli = marijuana

Smoke puff or gasoline = get high

Snowflake = cocaine

Person skiing = cocaine

Pill = ecstasy or MDMA for sale

Face with steam from nose = MDMA drug

Rocket = high potency drug for sale

Syringe = heroin

Diamond = crystal meth, crack cocaine for sale

Skull = die

Knife + screaming face = calling someone a psycho

Bowling ball + person running = I’m gonna hit you, coming for you

Flowers = drugs

Dollar sign = it’s for sale

Syringe = heroine (also tattoo)

Cat with heart eyes = sex

Purple face with horns = sex

Gas pump = sex

Tongue, eggplant, water drops, banana, peach, taco, cherries, drooling face, rocket = sex

Rose, rosette, cherry, pink cherry blossom, growing heart, airplane, crown = emojis that refer to sex trafficking

When it comes to figuring out what your kids are up to online, using your own instincts and paying attention will be your best resources. If something doesn’t sound or look right on your child’s phone trust that feeling and look deeper. You don’t have to know every term or symbol — the more important thing is to stay aware and stay involved.

The post Teen Texting Slang (and Emojis) Parents Should Know appeared first on McAfee Blogs.

Cyber Security Roundup for March 2019

The potential threat posed by Huawei to the UK national infrastructure continues to be played out. GCHQ called for a ban on Huawei technology within UK critical networks, such as 5G networks, while Three said a Huawei ban would delay the UK 5G rollout, and the EU ignored the US calls to ban Huawei in 5G rollouts, while promoting the EU Cybersecurity certification scheme to counter the Chinese IT threat, which is all rather confusing.  Meanwhile, Microsoft Researchers found an NSA-style Backdoor in Huawei Laptops, which was reported to Huawei by Microsoft, leading to the flaw being patched in January 2019.
A serious security flaw placed Royal Bank of Scotland (RBS) customers at risk. The vulnerability was discovered by PenTest Partners in the bank provided 'Heimdal Thor', security software, which was meant to protect NatWest customers from cyber-attacks but actually permitted remote injection commands at the customer's endpoint. PenTest Partners said "We were able to gain access to a victim's computer very easily. Attackers could have had complete control of that person's emails, internet history and bank details. To do this we had to intercept the user's internet traffic but that is quite simple to do when you consider the unsecured public wi-fi out there, and it's often all too easy to compromise home wi-fi setups.
 
Facebook made negative security headlines yet against after they disclosed that 20,000 of their employees had access to hundreds of millions of their user account passwords for years.

One of the world’s biggest aluminium producers, 
Norsk Hydrosuffered production outages after a ransomware outbreak impacted its European and US operations.  Damages from ransomware attack on Norsk Hydro reach as high as $40M.

Citrix disclosed a security breach of its internal network may have compromised 6Tb of sensitive data. The FBI had told Citrix that international cyber criminals had likely gained access to its internal network. Citrix said in a statement it had taken action to contain the breach, “We commenced a forensic investigation; engaged a leading cyber security firm to assist; took actions to secure our internal network; and continue to cooperate with the FBI”.  According to security firm Resecurity, the attacks were perpetrated by Iranian-linked group known as IRIDIUM.

Credit monitoring Equifax admitted in a report it didn't follow its own patching schedule, neglecting to patch Apache Struts which led to a major 2017 breach which impacted 145 million people.  The report also said Equifax delayed alerting their customers for 6 weeks after detecting the breach.

ASUS computers had backdoors added through its software update system, in an attack coined “ShadowHammer”. Kaspersky researchers estimated malware was distributed to nearly a million people, although the cybercriminals appeared to have only targeted 600 specific devices. Asus patched the vulnerability but questions still remain.


The top 10 biggest breaches of 2018 according to 4iQ were:
  1. Anti-Public Combo Collections – (Hacked) Sanixer Collection #1-6, 1.8 billion unique email addresses.
  2. Aadhaar, India – (Open third party device) 1.1 billion people affected
  3. Marriott Starwood Hotels – (Hacked) 500 million guests PII
  4. Exactis – (Open device) 340 million people and businesses.
  5. HuaZhu Group – (Accidental Exposure) 240 million records
  6. Apollo – (Open device) 150 million app users.
  7. Quora – (Hacked) 100 million users.
  8. Google+ – (API Glitch) 52.2 million users.
  9. Chegg – (Hacked) 40 million accounts 
  10. Cathay Pacific Airways (Targeted attack) 9.4 million passengers.
Barracuda Networks reported the top 12 phishing email subject lines, after they analysed 360,000 phishing emails over a three-month period.
BLOG
NEWS

10 Ways to Help Your Family Break Bad Tech Habits

A new study from Pew Research confirms our collective hunch that 95% of teens now report they have a smartphone and that 45% of teens now say they are always online. No shock there. The finding that is far more worrisome? That despite this dramatic digital shift over the past decade, parents are divided on whether today’s teens face a set of issues completely different than the issues of their youth.

When asked to compare the experiences of today’s teens to their own experiences when they were a teen, 48% of parents surveyed said today’s teens have to deal with a completely different set of issues. Likewise, 51% said that despite some differences, the issues young people deal with today is not that different from when they were teenagers.

This number is alarming from both a parenting perspective and a digital safety perspective. It means that while we’ve made incredible progress in our digital awareness and how to raise kids in this unique culture, a lot of parents are still woefully behind in their thinking. (Seriously: Could our experience as teens — minus the internet and smartphones — be any more different than the experience of today’s digital natives?)

Distracted Parents, Distracted Kids

In trying to understand this reality gap, the survey offered up another morsel of insight: That parents themselves are as distracted as kids when it comes to reliance on devices. Yep! As worried as parents say they are about the amount of time their teen spends online, parents’ digital behavior isn’t exactly praiseworthy. The survey found that 59% of parents say they at least sometimes feel obligated to respond to cell phone messages immediately, while 39% admit they regularly lose focus at work because they’re checking their mobile device and 36% say they spend too much time on their cell phone.

Reality Check

If half of us genuinely believe that our kids are growing up with issues similar to ours as teens (only with strange devices in their hands), and if we are telling our kids to lead balanced digital lives but our digital habits are off the rails, then — if we’re honest — we’ve got some serious work to do as parents.

How do we begin to shift these numbers in favor of our family’s digital health? How do we move from technology leading our family to the other way around?

Like any significant change, we begin at home — with the truth — and move forward from there. We’ve got this!

10 Ways to Improve Your Family Tech Habits

  1. Own your stuff. Let’s get real. Change begins with acknowledging our personal responsibility in what isn’t working. If your own screen time is out of control and you are trying to set healthy digital habits for your family — that contradiction is going to undermine your success. Take a look at your screen time habits, admit to the bad habits, and establish fresh tech goals moving forward.
  2. No shame zone. We know about establishing device-free zones in the home such as the dinner table, movie time, and the bedroom at night. Consider a no shame zone — the understanding that no one is made to feel shame for his or her not-so-great tech habits. It’s hard to move forward toward new goals if we beat ourselves up for the past, compare ourselves to others, or are made to feel like the bad guy for falling short. Acknowledge bad habits, discuss them openly, and help one another do better in the future. Your chances of success double when you have a team supporting you.
  3. Stick to a device curfew. Try a device curfew — say 8 p.m. to 8 a.m. — when devices are turned off and put into a drawer (yes, you have to get this intentional). A curfew increases face-to-face family interaction and creates space for non-device activities. It specifically reduces the temptation to habitually check your phone, get lost scrolling on Instagram, and getting sucked back into work emails. More importantly, it models for your kids that you don’t have to check your phone constantly, which has countless emotional and physical benefits.
  4. Be realistic with changes. The goal is to reduce your tech and strike a balance that complements — rather than conflicts with — your family’s lifestyle and wellbeing. We know that technology is now an ever-present part of family life so cutting it out completely is neither beneficial nor realistic. Achieving a healthy tech balance is an on-going process. Some days you will fare than others. The goal is to make progress (not perfection) toward a healthier, more balanced relationship with your technology. Going haywire with rules and consequences won’t get you there faster. Discuss as a family what changes need to be made and brainstorm ways to get there. Set some realistic goals that everyone can achieve and maintain not just in the short-term but also as a lifestyle.
  5. Turn off notifications. This is a small, powerful act that can transform your digital life. Getting pop up notifications for apps, emails, texts, calendar events, social media actions — you name it — might be your normal for you but far from beneficial. So, turn them all off. I dare you.
  6. Filter content. Tech balance isn’t just about less tech; it’s also about monitoring the content that flows into your home from the other side of the screen. You can turn off your family’s devices for 23 hours a day and if the content you allow into your home for that remaining one hour isn’t age-appropriate or conflicts with your family’s values and tech goals, then that one hour has tremendous influence. Take the time to explore filtering options that allow you to set time limits on your child’s (and your) technology, block dangerous websites and apps, and helps you strike a healthy tech balance that reflects your family’s lifestyle and needs. Roll up your sleeves: Co-view movies, go through apps and video games and discuss the issues that arise around the media your kids consume.
  7. Be the parent. Kids crave consistency and leadership from parents. No matter what age your child may be, as a parent, you are the most influential person in your child’s life. You pay the bills. You can shut devices and routers off — regardless of the tantrum level. Your opinion matters on video games, media, apps, friend groups, and content. Don’t let your child’s emotional protests keep you from parenting well and establishing and enforcing good tech habits. If you think your child has a technology addiction issue trust that instinct and take action.
  8. Get a plan, work it. We all nod when we read this but who has done it? You can’t get where you are going without a map. Put a family tech plan in place (with group input) and stick to it. Ideas to consider: Phone free zones, device curfew, chores and responsibilities, physical activity vs. screen time, social media behavior, tech security rules, TV viewing time, video game time limits, content guidelines, and expectations. If you discover that your tech plan isn’t working, zero in and make adjustments.
  9. Rediscover real life — together. Maybe you’ve gotten in some bad habits over the years. Don’t beat yourself up. Just decide to change things up moving forward. It’s never too late to change your family vibe. Explore new things together — nature, art classes, concerts, camping — anything that helps you disconnect from technology and reconnect to each other and real life.
  10. Keep. On. Talking. Sure you’ve said it before, so what? Make the conversation about digital issues a priority in your home. Ask your kids what’s going on with their friend groups and online. Talk about tech issues in the news. Talk about the health and emotional issues connected to excessive tech use. According to your child’s age, talk about the stuff that’s tough to talk about talking about like cyberbullying, suicide, self-harm, body image, and sexting. A good rapport with your child is the most powerful tool you have as a parent today.

Remember, technology is a tool not a way of life. Healthy screen habits begin parents who are grounded in reality and who model healthy screen habits themselves. Times have changed, there are challenges to be sure but stay the course parent: You’ve got the tools and the tenacity you need to get in front of those challenges and equip our kids to live wise, balanced digital lives.

The post 10 Ways to Help Your Family Break Bad Tech Habits appeared first on McAfee Blogs.

Facebook stored hundreds of millions of passwords unprotected

Company admits to mistake and says it has no evidence of abuse – but the risk was huge

Facebook mistakenly stored “hundreds of millions” of passwords in plaintext, unprotected by any encryption, the company has admitted.

The mistake, which led to user passwords being kept in Facebook’s internal servers in an insecure way, affects “hundreds of millions of Facebook Lite users, tens of millions of other Facebook users, and tens of thousands of Instagram users”, according to the social networking site. Facebook Lite is a version of Facebook created for use in nations where mobile data is unaffordable or unavailable.

Related: Facebook's security is so bad it's surprising Zuckerberg hasn't deleted his account

Continue reading...

Learning from the Big Data Breaches of 2018

Guest article by Cybersecurity Professionals

What can we learn from the major data breaches of 2018?
2018 was a major year for cybersecurity. With the introduction of GDPR, the public’s awareness of their cyber identities has vastly increased – and the threat of vulnerability along with it. The Information Commissioner’s Office received an increased number of complaints this year and the news was filled with reports of multi-national and multi-millionaire businesses suffering dramatic breaches at the hand of cybercriminals.

2018 Data Breaches
Notable breaches last year include:

5. British Airways
The card details of 380,000 customers were left vulnerable after a hack affected bookings on BA’s website and app. The company insists that no customer’s card details have been used illegally but they are expected to suffer a major loss of money in revenue and fines as a result of the attack.

4. T-Mobile
Almost 2 million users had their personal data, including billing information and email addresses accessed through an API by an international group of hackers last August.

3. Timehop
A vulnerability in the app’s cloud computing account meant that the names and contact details of 21 million users were affected on Timehop. The company assured users that memories were only shared on the day and deleted after, meaning that the hackers were not able to access their Facebook and Twitter history.

2. Facebook & Cambridge Analytica
One of the most sensationalised news stories of the last year, Facebook suffered a string of scandals after it was released that analytics firm Cambridge Analytica had used the Facebook profile data of 87 million users in an attempt to influence President Trump’s campaign and potentially aid the Vote Leave campaign in the UK-EU referendum.

1. Quora
After a “malicious third party” accessed Quora’s system, the account information, including passwords, names and email addresses, of 100 million users was compromised. The breach was discovered in November 2018.

GDPR
As the UK made the switch from the Data Protection Act to GDPR, businesses and internet users across the country suddenly became more aware of their internet identities and their rights pertaining to how businesses handled their information.

With the responsibility now firmly on the business to protect the data of UK citizens, companies are expected to keep a much higher standard of security in order to protect all personal data of their clients.

How many complaints to the ICO?
Elizabeth Denham, the UK’s Information Commissioner, said that the year 2017-18 was ‘one of increasing activity and challenging actions, some unexpected, for the office’.

This is shown in an increase in data protection complaints by 15%, as well as an increase in self-reported breaches by 30%. Since this is the first year of GDPR, it is expected that self-reported breaches have increased as businesses work to insure themselves against much higher fines for putting off their announcement.

The ICO also reports 19 criminal prosecutions and 18 convictions last year and fines totalling £1.29 million for serious security failures under the Data Protection Act 1998. The office has assured that they don’t intend to make an example of firms reporting data breaches in the early period of GDPR but as time goes on, leniency is likely to fade as businesses settle into the higher standards.

What does it mean for SMEs?
With 36% of SMEs having no cybersecurity plan, the general consensus is that they make for unpopular targets. However, with the GDPR, the responsibility is on the business to protect their data so being vulnerable could result in business-destroying costs. Considering the cost to businesses could total the higher of 2% of annual turnover or €10 million, data protection is of paramount importance to small businesses.

How exposed are we in the UK?
At 31%, our vulnerability rating is higher than the Netherlands, Germany, Estonia (30%) and Finland (29%), but the UK is a more likely target for cybercriminals looking to exploit high tech and financial services industries, which are some of the most vulnerable across Great Britain.

Despite a higher level of vulnerability, the UK has one of the largest cyber security talent pools, showing there is time and manpower being dedicated to the protection of our data online.

https://www.cybersecurity-professionals.com/blog/2019/03/01/cybercrime-in-the-uk-infographic/

How to Make Sure Spring Break Doesn’t Wreck Your Digital Rep

Spring Break and reputation management

Spring Break and reputation management Spring Break 2019 is in full swing, which means high school and college kids have hit the road determined to make this rite of passage epic. Unfortunately, not everyone will return home with his or her online reputation intact.

Despite the headlines and warnings, kids are still uploading their lives 24/7 and not all of their choices will be wise. While impressive at the moment, showcasing one’s exceptional beer pong or body shot skills could become a future digital skeleton.

Define it

The decision to share reckless content online has damaged (even destroyed) scholarships, opportunities, reputations, and careers.

Each day more than one billion names are searched on Google, and 77% of job recruiters look up potential employees up online during the hiring process, according to BrandYourself.com. Also, 45% of people have found content in an online search that made them decide not to do business with someone.

As elementary as it sounds, the first step to helping your child safeguard his or her online reputation this spring break is defining what is and is not appropriate online content.

Spring Break and reputation management

Technology has created a chasm between generations so don’t assume your values align with your child’s in this area. Behavior once considered inappropriate has slowly become acceptable to kids who grew up in the online space. Also, peers often have far more influence than parents.

So take the time to define (and come to an agreement on) content you consider off limits such as profanity, racy photos, mean, disrespectful, or racist comments, irresponsible or prank videos, or pictures that include alcohol or drug use. (Yes, state the obvious!)

Untag It

Spring Break and reputation management

Turn off tagging. Like it or not, people often judged us by the company we keep. Your child’s online behavior may be stellar but tag-happy, reckless friends can sink that quickly. To make sure your child doesn’t get tagged in risky photos on Twitter, Instagram, or Facebook, encourage them to adjust privacy settings to prevent tagging or require user approval. Also, help your kids to pay more attention to unflattering Snapchat photos and Snapchat story photos that other people post about them that can be problematic if shared elsewhere.

Lock It

Amp privacy settings. By adjusting privacy settings to “friends only” on select social networks content, digital mistakes can be minimized. However, we know that anything uploaded can be shared and screen captured before it’s deleted so tightening privacy settings isn’t a guarantee.

Google It

Spring Break and reputation management To get a clear picture of your child’s digital footprint and what a school or future employer might find, Google your child’s name. Examine the social networks, links, and sites that have cataloged information about your child. One of the best ways to replace damaging digital information is by creating positive information that overshadows it. Encourage your child to set up a Facebook page that reflects their best self — their values, their goals, and their character. Make the page public so others can view it. They may also consider setting up a LinkedIn page that highlights specific achievements, goals, and online endorsements from teachers and past employers.

If for some reason there’s damaging content that can’t be removed by request, encourage your child to set up a personal website and blog weekly. This can be a professional or hobby blog, but the idea is to repopulate the search results with favorable content and push the tainted content further down on Google.

Balance It

In your guiding, don’t forget the wise words of Cyndi Lauper who reminds us all, “Girls just wanna have fun!” Strive for balance in giving kids the room to make memories with friends while at the same time equipping them to make wise choices online.

The post How to Make Sure Spring Break Doesn’t Wreck Your Digital Rep appeared first on McAfee Blogs.

Valentine’s Alert: Don’t Let Scammers Break Your Heart or Your Bank Account

Online Dating ScamsIt’s hard to believe that as savvy as we’ve become about our tech, people are still getting catfished, scammed, and heartbroken in their pursuit of love online.

The dinner conversation between bystanders goes something like this: “How could anyone be so dumb? Seriously? If they are going to be that reckless and uninformed, then maybe they deserve what they got!”

Some friends and I recently had a similar conversation about online dating scams. I noticed, however, that one friend, Sarah*, wasn’t so eager to jump into the conversation. She shrunk back in the booth and quietly sipped her margarita. Only later did she share her story with me.

The power of love

A single mom in her late 40s, well-educated, and attractive, Sarah’s teenager had convinced her to join a dating site the year before. She was especially lonely after her divorce three years earlier, so she agreed to create a profile on a popular dating app. After a handful of dates fell flat, she found Scott. He was charismatic, kind. “We had an instant connection,” according to Sarah. They spent hours on the phone sharing their deepest secrets and even started imagining a future together. But after about three months, Scott fell on hard times. At first, he needed to borrow $400 to pay for airfare to visit a dying relative, which he paid back immediately. Over the next few months, the numbers grew to $1,000 for rent and $3,000 for a business venture.

Online Dating Scams

Before long, Sarah had loaned her new love over $8,500. When she pressed him to repay the money, Scott ghosted Sarah online, moved out of town, and she never saw him again. My friend didn’t share her story with many people. She didn’t report it. She was too embarrassed and humiliated and even became depressed following what she calls “the Scott scam.” Her trust in other people and in love itself has been obliterated.

Sarah’s story doesn’t just echo that of desperate, clueless people, or lonely older women. Scammers are targeting good people who still believe in and value love and companionship. The pursuit of love online extends to adults as well as teens.

Confidence Fraud

Law enforcement calls these kinds of online romance scams confidence fraud because scammers will take a considerable amount of time gaining the trust and confidence of their victims. They will appear empathetic and supportive as they gather personal information they can use over time to carry out their scam.

According to the Federal Bureau of Investigation (FBI) confidence fraud has jumped 20% in the past year despite reports and warnings — especially around this time of year.

The FBI’s Internet Crime Complaint Center (IC3) reports that romance scams top all other financial online crimes. In 2016, people reported almost 15,000 romance scams to IC3 (nearly 2,500 more than the previous year), with losses exceeding $230 million.

Tips for Safe Online Dating

Never send money. Be it a romantic relationship you’ve engaged with or a phishing email, no matter the sob story, do not send money to anyone online. If you do send money, put a loan agreement in place that is legally enforceable should one party default.

Suspicious behavior. If someone promises to meet you somewhere but keeps canceling or if he or she refuses to video chat, those are red flags. Technology means anyone from anywhere in the world can successfully maintain a scam.Online Dating Scams

Take things slow. If someone is pushing the pace of a relationship or too quick to declare love and talk about the future, pause and assess the situation.

Do a background check. Love is a powerful force and can easily cloud a person’s correct understanding of reality. If you dare to create a dating profile, make a deal with yourself that you will extend the same courage to doing a background check on someone.

Be a sleuth. Don’t be afraid to gather facts on someone you’ve met online. Simple steps such as Googling the person’s name or dropping their photo in Google’s Reverse Image Search will help you get a better understanding of a person. Have faith: Good, legitimate people do exist. However, if there’s anything dubious, it’s best to find it out earlier rather than later. Part of doing your homework is tracking down mutual friends and making inquiries about the person you are talking with online.

Keep your social profiles private. Experts agree that you should edit your online footprint before you start dating people you’ve met online. Making your Instagram, Twitter, and Facebook private will guard you against potential.

Never send racy photos. Some scammers gain the confidence of their victims with every intention of extorting them in the future. They will threaten to send any racy photos with your family, friends, or business associates. The best way to avoid this is to never, ever send racy photos to anyone.Online Dating Scams

Google yourself, restrict info. Google yourself to see if there are any digital breadcrumbs that give away your home address or phone number. If possible, delete or revise that info. Likewise, go through your social accounts and remove any personal information you’ve shared in the past. Digital stalking is a risk for people who date online so turn off GPS on your dating apps and make sure your profile information is vague. Even if you get comfortable online with others, never get too comfortable since apps have privacy loopholes that can easily be exploited by hackers.

Take solid precautions. Enlist at least one friend as your dating safety pal. This will be the person who knows where you are going, who you will be with, and the background on the person you are meeting. Ask that person to check in with you during the date and carry pepper spray or a taser for physical protection. Go the extra step and turn on your Friend Finder or a location app that allows safety friend to track your whereabouts during a date.

*Names have been changed

The post Valentine’s Alert: Don’t Let Scammers Break Your Heart or Your Bank Account appeared first on McAfee Blogs.

Facebook’s Plans to Merge Messaging Platforms: What This Means for Online Safety

Integration: it seems to be all the rage. As technology becomes more sophisticated, we sprint to incorporate these new innovations into our everyday lives. But as we celebrate Safer Internet Day, one can’t help but wonder, is all integration good when it comes to information shared online? Major privacy concerns have been raised surrounding Facebook’s recent plans to merge Messenger, WhatsApp, and Instagram. This integration will allow cross-messaging between the three platforms (which will all still operate as standalone apps), so users could talk to their Messenger-only friends without leaving WhatsApp.

While Facebook’s plans to merge the messaging platforms are not yet finalized, the company is in the process of rebuilding the underlying infrastructure so that users who might utilize only one of the apps will be able to communicate with others within the company’s ecosystem. Facebook plans to include end-to-end encryption for the apps, ensuring that only the participants of a conversation can view the messages being sent. By allowing each app to speak to one another across platforms, Facebook hopes users become more engaged and use this as their primary messaging service.

But Facebook’s messaging changes have greater implications for online safety as consumers become more protective of their data. For example, WhatsApp only requires a phone number to sign up for the app while Facebook asks users to verify their identities. Will this force more data to be shared with WhatsApp, or will its encryption become less secure? While nothing has been finalized, it’s important for users to think about how the information they share online could be affected by this merge.

Although the internet has paved the way for advancements in social media and technology in general, users need to make sure they’re aware of the potential risks involved. And while this merge hasn’t happened yet, Safer Internet Day helps remind us to make good choices when it comes to browsing online. Following these tips can help keep you and your data safe and secure:

  • Get selective about what you share. Although social media is a great way to keep your friends and family in the loop on your daily life, be conservative about the information you put on the internet. Additionally, be cautious of what you send through messaging platforms, especially when it comes to your personally identifiable information.
  • Update your privacy settings. To make sure that you’re sharing your status with just your intended audience, check your privacy settings. Choose which apps you wish to share your location with and turn your profiles to private if you don’t want all users to have access to your information.
  • Keep your apps up-to-date. Keeping your social media apps updated can prevent exposure to threats brought on by software bugs. Turn on automatic updates so you always have the latest security patches, and make sure that your security software is set to run regular scans.
  • Click with caution. Cybercriminals can leverage social media messaging to spread phishing links. Don’t interact with users or messages that seem suspicious and keep your guard up by blocking unfamiliar users who try to send you sketchy content.
  • Stay secure while you browse online. Security solutions like McAfee WebAdvisor can help block malware and phishing sites if you accidentally click on a malicious link. This can help protect you from potential threats when you access your social channels from a desktop or laptop.

And, as always, stay on top of the latest consumer and mobile security threats by following @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Facebook’s Plans to Merge Messaging Platforms: What This Means for Online Safety appeared first on McAfee Blogs.

Safer Internet Day 2019 – Together for a Better Internet

What You Can Do Today to Help Create a Better Internet

 

Today is Safer Internet Day (SID) – an annual worldwide event to encourage us all to work together to create a better internet. Celebrated globally in over 130 countries, SID is an opportunity for millions of people worldwide to come together to inspire positive change and raise awareness about the importance of online safety.

The theme for 2019 is: ‘Together for a Better Internet’ which I believe is a timely reminder of the importance of us all working together if we are serious about making the internet a safer place. Whether we are parents, carers, teachers or just avid users, we all have a part to play.

The 4R’s of Online Safety

In order to make a positive change to our online world, this year we are being encouraged to focus on four critical skills that many experts believe will help us all (especially our kids) better navigate the internet and create a more positive online environment. Let’s call them the 4R’s of online safety: Respect, Responsibility, Reasoning and Resilience. So, here is my advice on what we can do to try and incorporate these four important skills into our family’s digital lives

  1. Respect – ‘I treat myself and others the way I like to be treated’

I firmly believe that having respect for others online is critical if we are going to foster a safer and more supportive internet for our children and future generations. While many parents realise that our constant reminders about the importance of good manners and respect must also now be extended to include the online world, not everyone is on the same page.

Keyboard warriors who fire off abusive comments online, or harass and troll others clearly do not have any notion of online respect. Online actions can have serious real-world implications. In fact, online actions can often have more significant implications as the dialogue is not just contained to a few, rather it is witnessed by everyone’s online friends which could stretch into the 1000’s. Such public exchanges then create the opportunity for commentary which often further magnifies the hurt and fallout.

It is therefore essential that we have very direct conversations with our children about what is and isn’t appropriate online. And if there is even any confusion, always revert to one of my favourite lessons from my Sunday School days: treat others how you would like to be treated yourself.

  1. Responsibility – ‘I am accountable for my actions and I take a stand when I feel something is wrong’

In my opinion, teaching our kids online responsibility is another important step in making the internet a better place. Ensuring our kids understand that they are not only responsible but accountable for their behaviour is essential. If they harass or bully others online, or are involved in sending inappropriate pics, there are consequences that could quite possible include interactions with the police department.

But being responsible online also means getting involved if you feel something isn’t right. Whether a mate is on the receiving end of online harassment or a cruel joke, getting involved and telling the perpetrator that their behaviour ‘isn’t cool’ is essential.

  1. Reasoning – ‘I question what is real’

Teaching our kids to think critically is an essential survival skill for our kids in our content-driven online world. We need our kids to question, analyse and verify online content. They need to be able to identify reputable and credible sources and think carefully before they share and digest information.

The best thing we can do as parents is challenge our kids and get them thinking! If for example, your child is researching online for a school assignment then get them thinking. Ask them what agenda the author of the article has. Ask them whether there is a counter argument to the one laid out in the article. Ask them whether the source sharing the information is trustworthy. The aim is to teach them to question and not take anything they find online at face value.

  1. Resilience – ‘I get back up from tough situations’

Unfortunately, the chances that your child will experience some challenges online is quite high. Whether someone posts a mean comment, they are harassed, or worst case, cyberbullied – these nasty online interactions can really hurt.

Ensuring your kids know that they can come to you about any issue they experience is essential. And you need to repeat this to them regularly, so they don’t forget! And if your child does come to you with a problem they experienced online, the worst thing you can do is threaten to disconnect them. If you do this, I guarantee you that they will never share anything else with you again.

In 2014, Parent Zone, one of the UK’s leading family digital safety organisations collaborated with the Oxford Internet Institute to examine ways to build children’s online resilience. The resulting report, A Shared Responsibility: Building Children’s Online Resilience, showed that unconditional love and respect from parents, a good set of digital skills plus the opportunity for kids to take risks and develop strategies in the online world – without being overly micro-managed by their parents – were key to building online resilience.

So, love them, educate them and give them some independence so they can start to take some small risks online and start developing resilience.

What Can You Do this Safer Internet Day?

Why not pledge to make one small change to help make the internet a better place this Safer Internet Day? Whether it’s modelling online respect, reminding your kids of their online responsibilities, challenging them to demonstrate reasoning when assessing online content or working with them to develop online resilience, just a few small steps can make a positive change.

 

 

 

 

 

The post Safer Internet Day 2019 – Together for a Better Internet appeared first on McAfee Blogs.

43% of Cybercrimes Target Small Businesses – Are You Next?

Cybercrimes cost UK small companies an average of £894 in the year ending February of 2018. Small businesses are an easy target for cybercrooks, so it little surprise that around about 43% of cybercrime is committed against small businesses. According to research conducted by EveryCloud, there is much more at stake than a £900 annual loss, with six out of ten small businesses closing within six months of a data breach.

Damage to a small company’s reputation can be difficult to repair and recover from following a data breach. Since the GDPR data privacy law came in force in May 2018, companies face significant financial sanctions from regulators if found negligent in safeguarding personal information. Add in the potential for civil suits the potential costs start mounting up fast, which could even turn into a business killer.  Case in point is political consulting and data mining firm Cambridge Analytica, which went under in May 2018 after being implicated with data privacy issues related to its use of personal data held on Facebook. However, most small businesses taken out by cyber attacks don't have the public profile to make the deadly headlines.

Most big companies have contingency plans and resources to take the hit from a major cyber attack, although major cyber attacks prove highly costly to big business, the vast majority are able to recover and continue trading. Working on a tight budget, small businesses just doesn't the deep pockets of big business. Cyber resilience is not a high priority within most small businesses strategies, as you might image business plans are typically very business growth focused.

Cyber resilience within small business need not be difficult, but it does involve going beyond installing antivirus. A great starting point is UK National Cyber Security Centre's Cyber Essentials Scheme, a simple but effective approach to help businesses protect themselves from the most common cyber attacks. You’ll also need to pay attention to staff security awareness training in the workplace.

Every employee must ensure that the company is protected from attacks as much as possible. It’s your responsibility to make sure that everyone understands this and knows what preventative measures to put in place.

It may cost a few bob, but getting an expert in to check for holes in your cybersecurity is a good place to start. They can check for potential risk areas and also educate you and your staff about security awareness.

We all know the basics, but how many times do we let convenience trump good common sense? For example, how many times have you used the same password when registering for different sites?

How strong is the password that you chose? If it’s easy for you to remember, then there’s a good chance that it’s not as secure as you’d like. If you’d like more tips on keeping your information secure, then check out the infographic below.