Category Archives: facebook

DoItForState domain name thief gets 14 years for pistol-whipping plot

He hired his cousin to break in, hold the rightful domain holder at gunpoint, and force a transfer to his own GoDaddy account.

Reforming CDA 230

There's a serious debate on reforming Section 230 of the Communications Decency Act. I am in the process of figuring out what I believe, and this is more a place to put resources and listen to people's comments.

The EFF has written extensively on why it is so important and dismantling it will be catastrophic for the Internet. Danielle Citron disagrees. (There's also this law journal article by Citron and Ben Wittes.) Sarah Jeong's op-ed. Another op-ed. Another paper.

Here are good news articles.

Reading all of this, I am reminded of this decade-old quote by Dan Geer. He's addressing Internet service providers:

Hello, Uncle Sam here.

You can charge whatever you like based on the contents of what you are carrying, but you are responsible for that content if it is illegal; inspecting brings with it a responsibility for what you learn.

-or-

You can enjoy common carrier protections at all times, but you can neither inspect nor act on the contents of what you are carrying and can only charge for carriage itself. Bits are bits.

Choose wisely. No refunds or exchanges at this window.

We can revise this choice for the social-media age:

Hi Facebook/Twitter/YouTube/everyone else:

You can build a communications based on inspecting user content and presenting it as you want, but that business model also conveys responsibility for that content.

-or-

You can be a communications service and enjoy the protections of CDA 230, in which case you cannot inspect or control the content you deliver.

Facebook would be an example of the former. WhatsApp would be an example of the latter.

I am honestly undecided about all of this. I want CDA230 to protect things like the commenting section of this blog. But I don't think it should protect dating apps when they are used as a conduit for abuse. And I really don't want society to pay the cost for all the externalities inherent in Facebook's business model.

Facebook users were duped by Cambridge Analytica, FTC rules

Delete the data, and don't do any of that again, the FTC told the data analytics company, which already filed for bankruptcy in 2018.

Facebook suing ILikeAd for hijacking users’ ad accounts

Facebook says the company used celeb bait links to infect victims with malware and hijacked their ad accounts to sell diet pills.

Facebook, Twitter profiles slurped by mobile apps using malicious SDKs

Hundreds of users gave permission to these third-party apps to access their social media accounts, but the apps got more handsy than that.

Malicious Android SDKs Caught Accessing Facebook and Twitter Users Data

Two third-party software development kits integrated by over hundreds of thousands of Android apps have been caught holding unauthorized access to users' data associated with their connected social media accounts. In a blog post published yesterday, Twitter revealed that an SDK developed by OneAudience contains a privacy-violating component which may have passed some of its users' personal

Facebook and Twitter warn some users’ private data was accessed via third-party app SDK

Facebook and Twitter have announced that personal data related to hundreds of users may have been improperly accessed after users logged into third-party Android apps with their social media accounts.

Read more in my article on the Tripwire State of Security blog.

Facebook and Twitter warn of malicious SDK harvesting personal data from its accounts

Some third-party apps quietly scraped personal information from people’s accounts from Twitter and Facebook, the social media companies claim.

Facebook and Twitter revealed that some third-party apps quietly scraped personal information from people’s accounts without their consent.

According to the company, the cause of behavior that violates their policies is a couple of “malicious” software development kits (SDKs) used by the third-party iOS and Android apps.

The SDK was designed to display ads, experts noticed that once users of the social networks were logged into either service using one of these applications, the SDK silently accessed their profiles to collect information.

The apps that includes the SDK code are able to collect user names, email addresses, and Tweets via unspecified Android apps.

The malicious SDK was developed by the marketing firm OneAudience and Twitter already informed its customers of the unauthorized activity.

“We recently received a report about a malicious mobile software development kit (SDK) maintained by oneAudience.” reads the advisory published by Twitter. ” This issue is not due to a vulnerability in Twitter’s software, but rather the lack of isolation between SDKs within an application. Our security team has determined that the malicious SDK, which could be embedded within a mobile application, could potentially exploit a vulnerability in the mobile ecosystem to allow personal information (email, username, last Tweet) to be accessed and taken using the malicious SDK.”

Even if Twitter experts have no evidence to suggest that this was used to take control of a Twitter account, they don’t exclude that it is possible that an attacker could use the SDK to do it. 

Twitter is aware that the malicious SDK was used to access personal data for at least some Twitter account using Android devices, while it has no evidence that the iOS version of this malicious SDK was used in the same way.

Twitter reported the incident to both Google and Apple, and other industry partners, and is calling for action to block the malicious SDK and apps that include its code.

Facebook announced that it has identified at least other two SDKs developed with a similar purpose activity, one of them was maintained by oneAudience and the second one from the marketing company MobiBurn.

The malicious SDKs were allegedly harvesting profile information, including names, genders, and email addresses.

“Security researchers recently notified us about two bad actors, One Audience and Mobiburn, who were paying developers to use malicious software developer kits (SDKs) in a number of apps available in popular app stores,” a Facebook spokesperson told The Register.

“After investigating, we removed the apps from our platform for violating our platform policies and issued cease and desist letters against One Audience and Mobiburn. We plan to notify people whose information we believe was likely shared after they had granted these apps permission to access their profile information like name, email and gender. We encourage people to be cautious when choosing which third-party apps are granted access to their social media accounts.”

While oneAudience did not comment on the incident, MobiBurn published a statement denying that it is harvesting Facebook data and announced an investigation on third-party apps using its SDK.

“No data from Facebook is collected, shared or monetised by MobiBurn,” reads the statement.MobiBurn primarily acts as an intermediary in the data business with its bundle, i.e., a collection of SDKs developed by third-party data monetisation companies. MobiBurn has no access to any data collected by mobile application developers nor does MobiBurn process or store such data. MobiBurn only facilitates the process by introducing mobile application developers to the data monetisation companies. This notwithstanding, MobiBurn stopped all its activities until our investigation on third parties is finalised.”

Pierluigi Paganini

(SecurityAffairs – Twitter, data harversting)

The post Facebook and Twitter warn of malicious SDK harvesting personal data from its accounts appeared first on Security Affairs.

Could Your Child be Sexting? Signs to Look for and Ways to Respond

Teens and sexting

Oh, what we wouldn’t do to travel back in time to the days before smartphones kid-jacked our families, right? But here we are. Our kids are forever connected. And, it’s up to parents to help them navigate the risks — one of which is sexting.

Ouch. Even reading the word may make any parent want to click off this post and run. But don’t. Stay here. Keep reading. Yes, it’s a difficult thing to imagine that your child could be like those “other kids.” (You know, the unruly ones; the wild ones, the ones who must lack parental input and digital monitoring, right?)

But it happens. Good kids — great kids even — may bend the rules and eventually engage in sexting.

As one parent recently reminded with this Direct Message on Twitter:

“I recently discovered my daughter has been sexting with her boyfriend. I’m still shaking over what I found. This is not like her at all. The worst part is she blew it off like it was no big deal! She says everyone does it, and I’m overreacting. Am I the crazy one here? Do a lot of kids do this? Please help. No clue what to do next.” ~ Minnesota Mom

Teens and sextingSexting stats

For Minnesota Mom, and others, here’s what we know.

Some, but not all, kids sext.

One of the latest and most comprehensive studies reveals that while adolescent sexting isn’t an epidemic, it’s still happening despite public campaigns to reduce it. The study, published in the journal Archives of Sexual Behavior, Justin Patchin and Sameer Hinduja, surveyed 5,593 American middle and high school students ages 12 to 17.

In summary, the study found:

  • 14% of middle and high school students had received a sexually explicit image from a boyfriend or girlfriend
  • 6% said they received such an image from someone who was not a current romantic partner.
  • 11% reported sending a sext to a boyfriend or girlfriend.
  • 9% of the students who were asked by a current boyfriend or girlfriend to send a sext complied.
  • 43% of students asked to send a sext by someone who was not a current romantic partner complied.

No, mom, you aren’t crazy.

If you’ve discovered your child is sexting, don’t buy into the flippant (and erroneous) response that “everyone’s doing it.” For those kids who are engaged in sexting, your concerns are more than legitimate.

Sexting can carry enormous emotional, physical, social, and even legal risks. Also, if a situation gets out of hand (not often but it happens), those involved may never fully recover emotionally.

Some signs of sexting

  • Increased secrecy. If your daughter (or son) is sexting, they may become overly protective of their cell phone and hide their screen from public view. They may sleep with their phones under their pillows to safeguard its contents.
  • Grade changes. Grades may drop as risky behaviors edge out day to day responsibilities.
  • Friend changes. If you check your child’s social accounts and notice an increase in flirty photos and language or friends who do the same, it could be a sign of risky digital behavior.
  • Spike in screen time. You may notice your tween or teen on the phone more, leave the room to talk or text, and insist on using their phone from a private place.
  • Anger, defensiveness. While kids may try to rationalize or normalize sexting, your child knows sending a racy photo on a device is risky. Hiding that behavior can cause anger and defensiveness. Your child also likely knows about the specific risks associated with sexting — things like sextortion (pressuring, threatening), revenge porn (sharing to humiliate), bullying, a wrecked reputation, anxiety, and depression. However, she may be in denial that the consequences apply to her personally.

How to respond

Don’t lose your cool or shame. Today’s digital teen culture is something parents haven’t experienced. Peer pressure plays a significant role in sexting. Girls may sext to compete for and win someone’s approval, to prove loyalty or love, or as relational insurance. Boys can be bullied or shamed by male peers if they don’t have girls sexting them.

Keep in mind: What the teenage brain believes to be a good idea at 15 isn’t likely to align with that of a parent. Coming-of-age behaviors in the digital era do not look like they did decades ago. So getting angry, shaming, or getting extreme with restrictions, may not be as useful as working together to figure out why your child is sexting, why it isn’t wise, and how to avoid doing it in the future.

Act quickly. If you discover your child is sexting, immediately remove all suggestive images from your child’s phone and be aggressive to get them deleted from anyone else’s devices. Sexting will often end between the participants without incident. Other situations can escalate. Every situation will be different. Gather all facts and carefully consider bringing other people into the situation. State laws vary, and sexting allegations can have profound consequences. Some options may be to 1) talk to the other kids or parents involved 2) speak to the school (if relevant) 3) contact the police (if a situation evolves to conflict or threats) 4) pursue legal action (if related) 5) seek counseling if a situation causes anxiety or depression for your child.

Teach responsibility; consider filtering. Teaching digital responsibility is one of the top tasks of parents today. And, a healthy parent-child relationship is the best way to equip your child to deal with and avoid sexting. In addition to discussing the risks, but time limits, and phone curfews in place, and consider protecting your family devices with parental controls.

Be proactive. Sexting is a tough but necessary conversation. Start talking to your kids at a young age about the importance of protecting their privacy — information, images, reputation — online. Get specific about what kind of content is okay and not okay to share. Have age-appropriate conversations on how to avoid the temptation of sexting and possible consequences. This handbook from Common Sense Media is an excellent resource as you approach the sexting discussion.

Make the consequences clear. Work together to create ground rules for responsible phone use that include clear consequences. Be prepared to enforce those consequences. If you say you will take away a phone for a week that isn’t used responsibly, be prepared to do that (even if you have to endure not being able to communicate with your child throughout the school day).

Parenting in the digital age certainly isn’t for the faint of heart. Kids are always one poor choice away from an emotional avalanche. Find different ways to let your kids know you are there for them — without condition — to listen, to counsel, and to help them work through any difficult situation.

The post Could Your Child be Sexting? Signs to Look for and Ways to Respond appeared first on McAfee Blogs.

Google to Throttle Political Advertising

Google has announced major revisions to its policies on political advertising.

In a press release on its company blog, Google unveiled several major adjustments to its advertising policies relating to politics.

“[G]iven recent concerns and debates about political advertising, and the importance of shared trust in the democratic process, we want to improve voters’ confidence in the political ads they may see on our ad platforms,” stated the blog.

The biggest shift in Google policy is the limiting of how audiences are targeted. After January 2020, advertisers will no longer be able to serve ads on the basis of voting history and political affiliation.

“[W]e’re limiting election ads audience targeting to the following general categories: age, gender, and general location (postal code level), the blog stated. “Political advertisers can, of course, continue to do contextual targeting, such as serving ads to people reading or watching a story about, say, the economy.”

Google also announced that it would ban ads deliberately serving false or misleading claims, including ads that promote the wrong dates and locations for polling, or fictitious candidate obituaries.

Online advertising has come under closer scrutiny following widespread reports of election interference during the 2016 presidential election cycle via manipulative or misleading social media and online content. While Facebook has drawn heavy criticism for its reticence to police political advertising of any kind, Twitter recently announced that it would ban political ads altogether. 

The post Google to Throttle Political Advertising appeared first on Adam Levin.

How Much is Your Data Worth on the Dark Web?

You may not know much about the dark web, but it may know things about you.

What is the Dark Web?

The dark web is a part of the internet that is not visible to search engines. What makes the dark web, dark? it allows users to anonymise their identity by hiding their IP addresses. This makes those using the dark web nearly impossible to identify.

Only 4% of the internet is available to the general public, which means a vast 96% of the internet is made up of the deep web. It’s important to note here, that the dark web is just a small section of the internet but it’s a powerful small sector.

How much are your bank details worth?
The dark web is full of stolen personal bank credentials. It’s common to see MasterCard, Visa, and American Express credentials on the dark web from a variety of different countries.

Credit card data in the US, UK, Canada and Australia increased in price anywhere from 33% to 83% in the time from 2015 to 2018. The average price for a UK Visa or Mastercard in 2015 was £9, however, this did increase to £17 in 2018. This is approximately an 83% increase. Bank accounts that can transfer funds in stealth mode to United Kingdom banks are considerably more expensive. An account with a £12,500 account balance goes for around £700.


How much are your subscription services worth?
The sale value of your PayPal credentials depends on the available account balance. PayPal details can be sold for as little as £40 and this can increase to £820 - £2,500 for an available balance of £6580.

Your Amazon, British Airways, Facebook, Fortnite and Netflix logins are also available on the dark web. These can go for around £7 which is surprising as they hold various information about your banking and identity. Stolen hotel loyalty programs and auctions accounts can cost as much as £1,150 due to the extensive information they provide the buyer.

Are you surprised to learn that even reward programs and viewing subscriptions can be purchased on dark web markets?


How much is your whole identity worth on the dark web
The average modern person now has many online accounts. These can range from email and Facebook to online shopping, food delivery and banking. Combine all of those accounts and the typical internet user's identity is worth around £987 to hackers. The personal loss for victims is of course much higher.

Jade works for Total Processing, an advanced independent payment gateway provider who answers only to our customers.

WhatsApp RCE flaw can be exploited by sending malicious MP4 files

Facebook has patched a critical vulnerability (CVE-2019-11931) affecting various versions of its popular WhatsApp Messenger app and is urging users to update as soon as possible. About the patched flaw (CVE-2019-11931) CVE-2019-11931 is a stack-based buffer overflow vulnerability that could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. “The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS … More

The post WhatsApp RCE flaw can be exploited by sending malicious MP4 files appeared first on Help Net Security.

How much did cyberattacks cost organizations in 2018?

Estimated reading time: 3 minutes

In today’s day, it has become common knowledge that cyberattacks are dangerous for an organization. However, sometimes, people within the organization can differ on the exact impact of these threats. These differences can often blindside businesses on the total value of monetary and operational losses– without cold, hard numbers to back up the effect of cyberattacks, companies can tend to underestimate cybersecurity, often preferring to prioritize their budgets to other things.

Every security expert will state that this can often be the first step to a disaster.

While there are no guarantees to cybersecurity, it’s obvious that a business which spends more time and investment in protecting its perimeters has a better chance of protection against the rampant cyber threats that exist in today’s times, rather than, say, another enterprise which hasn’t taken its cyber protection that seriously.

Seqrite is sharing numbers from different reports and surveys around the world about the impact and cost of cyberattacks so that they act as an eye-opener for stakeholders to understand clearly that cyberthreats have a deep impact on the overall business functionality.

These numbers and descriptions should illustrate the real danger enterprises face, both financially and on the reputation front if cybersecurity is not taken seriously.

Cyberattacks: The numbers

In July 2019, the Online Trust Alliance, a component of the Internet Society (an American organization committed to leading Internet standards, access and policy) dedicated for the promotion & security and privacy best practices, released its 11th Cyber Incident & Breach Trends Report, providing an overview of cyber incidents in 2018. Some of the key findings from the report were:

  • It was estimated that there were more than 2 million cyber incidents in 2018 and even this number is likely to be a rough estimate for the actual number
  • The financial impact of all these incidents was at least USD 45 billion
  • The main types of attacks were (in terms of number of incidents) cryptojacking, ransomware, breaches, supply chain attacks, Business Email Compromise (BEC)
  • Cryptojacking attacks saw a marked increase in 2018 which indicates that attackers are continuously innovating and finding new attack vectors

Large companies bore the brunt of some of the biggest cyber attacks the world saw in 2018.

Marriott

Among the world’s largest and most influential hospitality chains, Starwood Hotels revealed in September 2018 that up to 500 million hotel guests’ information had been stolen in a data breach. The attackers stole a huge array of Personally Identifiable Information (PII) leaving the hospitality chain in the midst of a big crisis.

British Airways data breach

As one of the oldest and most well-known airlines of the world, there was a sense of concern when British Airways announced that 380,000 card payments on its website were compromised during a 15-day period between August 21st and September 5th.

Details like name, email address, credit card information like number, expiration date and CVV code were stolen. While it did not affect flight operations, it caused a lot of anxiety and concern for customers who had booked flights in the intervening period

Facebook-Cambridge Analytica data breach

Facebook’s troubles had emerged earlier in the year, in March, when the news erupted of the Cambridge Analytica scandal. According to investigations made by the American and the British media, Cambridge Analytica stole personal information from 50 million Facebook user profiles.

This was done by getting users to submit answers to a personality prediction application by a psychologist from the University of Cambridge Aleksandr Kogan. This application needed users to login using their Facebook account and gained access to their profiles, locations, likes and other personal data. It also gathered data on the friends of the users who downloaded the application.

This data was then sent to Cambridge Analytica – which is a violation of Facebook’s terms of service – which created psychographic profiles on 30 million of these profiles, to influence voter behaviour for its clients. This news caused a huge uproar over the world with Facebook being investigated by authorities of several countries and many angry users even starting a ‘DeleteFacebook’ hashtag on social media.

It is quite obvious that cyber attacks can have a significant impact on enterprises. To protect against them, enterprises can consider powerful & efficient security solutions like Seqrite’s Endpoint Security (EPS), mSuite and Unified Threat Management (UTM), to provide a layer of defence against advanced cyberthreats.

The post How much did cyberattacks cost organizations in 2018? appeared first on Seqrite Blog.

Is Facebook Secretly Accessing Your iPhone’s Camera? Some Users Claimed

It appears that Facebook at the center of yet another issue involving privacy. Reportedly, multiple iPhone users have come forward on social media complaining that the Facebook app secretly activates their smartphone's camera in the background while they scroll through their Facebook feeds or looking at the photos on the social network. As shown in the Twitter videos below, when users click

Facebook’s Terrible, Horrible, No Good, Very Bad Week Could Be Yours

In a new trend, Facebook managed to garner more negative attention than President Donald Trump last week. True or False?

While the correct answer is “false,” the social network has certainly been getting pummeled recently, so much so that it’s hard to know where to start. There’s the coverage of CEO Mark Zuckerberg’s support of Mayor Pete Buttigieg’s candidacy for president, and the myriad concerns about that. Then there was that well-earned uproar about the company’s decision to run political ads with content known to be false and/or misleading.

Never one to pass on a chance to make negative publicity worse, the fearless social network founder defended his company’s “hands-off fake news” policy as a free speech issue, trying to argue an affinity with the legacy of Dr. Martin Luther King, Jr. Let’s just say, the move was poorly received by many. Dr. King’s daughter said that fake news contributed to the atmosphere that got her father assassinated.

What got less attention–but is arguably bigger news–was the exodus of several high-profile members from Facebook’s cryptocurrency initiative. Facebook’s Libra didn’t need this to be a heavy lift–in fact it was banking on it being relatively easy. But then, PayPal withdrew from the project in early October. It was soon followed by eBay, Stripe, Visa, and Mastercard, among others.

While the essence of their statements as to why they were abandoning Libra was basically “let’s wait and see,” it’s not much of a leap to assume that these organizations came around to what consumers and regulators alike already knew: Facebook as a company has too much baggage and too little credibility when it comes to security and privacy to be trusted with something like cryptocurrency.

On the face of it, Libra is an interesting if not an utterly compelling idea. It improves upon many of the weaknesses and vulnerabilities of more established cryptocurrencies, and its stated goal of providing developing nations with broader access to financial systems is commendable. It represents the kind of moonshot thinking that put Silicon Valley on the map, and most likely would have been greeted with widespread enthusiasm a decade ago when Facebook had not yet become the digital equivalent of the Empire’s Death Star.

But that was then. The “now” for Facebook, with its constant privacy gaffes and the endless news about data breaches, data leaks, and industry-wide abuses of privacy, is that the public has become considerably more circumspect when it comes to the promises of new technology–and rightly so.

Facebook’s attempt to mitigate this perception is one of the reasons the company tried to bring several companies without Cambridge Analytica-sized holes in their reputations onto Libra’s board for its launch.

Privacy and Security Are No Longer Optional

When it comes to privacy and data security, the honeymoon period for tech companies seems to be pretty much over. Consumers and regulators are increasingly asking questions about how, why, and by whom their data is being shared and monetized.

Cybersecurity is increasingly viewed as a bottom line issue with the average cost of a data breach increasing with each passing year. The news of our growing state of cyber insecurity is everywhere. Recently, Moody’s decided to add a “credit negative” event note to Pitney-Bowes after a ransomware attack disabled some of the company’s services. Consequences will become more commonplace in the future, and that’s partly to blame for the exodus from Libra.

While Facebook is by no means alone in the difficulties it faces in navigating greater cyber expectations, it is arguably the poster child of privacy depredation.  It would be hard to find a company with a comparable number of gaffessecurity issues, and evidence of an overarching willingness to violate user privacy and trust for short-term profit.

Facebook’s decision to abdicate any fact-checking responsibility in the 2020 elections after being a keystone for Russian election interference in 2016 is proof positive that it still hasn’t caught up to the barest minimum of expectations, and it has rightfully sent its Libra partners running for the hills.

The lesson here is a straightforward one: when it comes to privacy and security, your reputation matters. Internet companies are experiencing their Unsafe at Any Speed moment where consumers are less interested in how shiny a product is than where the seatbelts are. Facebook is learning (maybe) a hard lesson that all businesses need to understand, namely that responsible stewardship of user data matters.

The post Facebook’s Terrible, Horrible, No Good, Very Bad Week Could Be Yours appeared first on Adam Levin.

Facebook Reveals New Data Leak Incident Affecting Groups’ Members

Facebook today revealed yet another security incident admitting that roughly 100 app developers may have improperly accessed its users' data in certain Facebook groups, including their names and profile pictures. In a blog post published Tuesday, Facebook said the app developers that unauthorizedly access this information were primarily social media management and video streaming apps that let

5 Digitally-Rich Terms to Define, Discuss with Your Kids

online privacy

Over the years, I’ve been the star of a number of sub-stellar parenting moments. More than once, I found myself reprimanding my kids for doing things that kids do — things I never stopped to teach them otherwise.

Like the time I reprimanded my son for not thanking his friend’s mother properly before we left a birthday party. He was seven when his etiquette deficit disorder surfaced. Or the time I had a meltdown because my daughter cut her hair off. She was five when she brazenly declared her scorn for the ponytail.

The problem: I assumed they knew.

Isn’t the same true when it comes to our children’s understanding of the online world? We can be quick to correct our kids when they fail to exercise the best judgment or handle a situation the way we think they should online.

But often what’s needed first is a parental pause to ask ourselves: Am I assuming they know? Have I taken the time to define and discuss the issue?

With that in mind, here are five digitally-rich terms dominating the online conversation. If possible, find a few pockets of time this week and start from the beginning — define the words, then discuss them with your kids. You may be surprised where the conversation goes.

5 digital terms that matter

Internet Privacy

Internet privacy is the personal privacy that every person is entitled to when they display, store, or provide information regarding themselves on the internet. 

Highlight: We see and use this word often but do our kids know what it means? Your personal information has value, like money. Guard it. Lock it down. Also, respect the privacy of others. Be mindful about accidentally giving away a friend’s information, sharing photos without permission, or sharing secrets. Remember: Nothing shared online (even in a direct message or private text) is private—nothing. Smart people get hacked every day.
Ask: Did you know that when you go online, websites and apps track your activity to glean personal information? What are some ways you can control that? Do you know why people want your data?
Act: Use privacy settings on all apps, turn off cookies in search engines, review privacy policies of apps, and create bullet-proof passwords.

Digital Wellbeing

Digital wellbeing (also called digital wellness) is an ongoing awareness of how social media and technology impacts our emotional and physical health.

Highlight: Every choice we make online can affect our wellbeing or alter our sense of security and peace. Focusing on wellbeing includes taking preventative measures, making choices, and choosing behaviors that build help us build a healthy relationship with technology. Improving one’s digital wellbeing is an on-going process.
Ask: What do you like to do online that makes you feel good about yourself? What kinds of interactions make you feel anxious, excluded, or sad? How much time online do you think is healthy?
Act:
Digital wellness begins at home. To help kids “curb the urge” to post so frequently, give them a “quality over quantity” challenge. Establish tech curfews and balance screen time to green time. Choose apps and products that include wellbeing features in their design. Consider security software that blocks inappropriate apps, filters disturbing content, and curbs screen time.

Media Literacy

Media literacy is the ability to access, analyze, evaluate, and create media in a variety of forms. It’s the ability to think critically about the messages you encounter.

Highlight: Technology has redefined media. Today, anyone can be a content creator and publisher online, which makes it difficult to discern the credibility of the information we encounter. The goal of media literacy curriculum in education is to equip kids to become critical thinkers, effective communicators, and responsible digital citizens.
Ask: Who created this content? Is it balanced or one-sided? What is the author’s motive behind it? Should I share this?  How might someone else see this differently?
Act: Use online resources such as Cyberwise to explore concepts such as clickbait, bias, psychographics, cyberethics, stereotypes, fake news, critical thinking/viewing, and digital citizenship. Also, download Google’s new Be Internet Awesome media literacy curriculum.

Empathy

Empathy is stepping into the shoes of another person to better understand and feel what they are going through.

Highlight: Empathy is a powerful skill in the online world. Empathy helps dissolve stereotypes, perceptions, and prejudices. According to Dr. Michelle Borba, empathetic children practice these nine habits that run contrary to today’s “selfie syndrome” culture. Empathy-building habits include moral courage, kindness, and emotional literacy. Without empathy, people can be “mean behind the screen” online. But remember: There is also a lot of people practicing empathy online who are genuine “helpers.” Be a helper.
Ask: How can you tell when someone “gets you” or understands what you are going through? How do they express that? Is it hard for you to stop and try to relate to what someone else is feeling or see a situation through their eyes? What thoughts or emotions get in your way?
Act:  Practice focusing outward when you are online. Is there anyone who seems lonely, excluded, or in distress? Offer a kind word, an encouragement, and ask questions to learn more about them. (Note: Empathy is an emotion/skill kids learn over time with practice and parental modeling).

Cyberbullying

Cyberbullying is the use of technology to harass, threaten, embarrass, shame, or target another person online.

Highlight: Not all kids understand the scope of cyberbullying, which can include spreading rumors, sending inappropriate photos, gossiping, subtweeting, and excessive messaging. Kids often mistake cyberbullying for digital drama and overlook abusive behavior. While kids are usually referenced in cyberbullying, the increase in adults involved in online shaming, unfortunately, is quickly changing that ratio.
Ask: Do you think words online can hurt someone in a way, more than words said face-to-face? Why? Have you ever experienced cyberbullying? Would you tell a parent or teacher about it? Why or why not?
Act: Be aware of changes in your child’s behavior and pay attention to his or her online communities. Encourage kids to report bullying (aimed at them or someone else). Talk about what it means to be an Upstander when bullied. If the situation is unresolvable and escalates to threats of violence, report it immediately to law enforcement.

We hope these five concepts spark some lively discussions around your dinner table this week. Depending on the age of your child, you can scale the conversation to fit. And don’t be scared off by eye rolls or sighs, parents. Press into the hard conversations and be consistent. Your voice matters in their noisy, digital world.

The post 5 Digitally-Rich Terms to Define, Discuss with Your Kids appeared first on McAfee Blogs.

5 Hidden Hashtag Risks Every Parent Needs Know

Adding hashtags to a social post has become second nature. In fact, it’s so common, few of us stop to consider that as fun and useful as hashtags can be, they can also have consequences if we misuse them.

But hashtags are more than add-ons to a post, they are power tools. In fact, when we put the pound (#) sign in front of a word, we turn that word into a piece of metadata that tags the word, which allows a search engine to index and categorize the attached content so anyone can search it. Looking for advice parenting an autistic child? Then hashtags like #autism #spectrum, or #autismspeaks will connect you with endless content tagged the same way.

Hashtags have become part of our lexicon and are used by individuals, businesses, and celebrities to extend digital influence. Social movements — such as #bekind and #icebucketchallenge — also use hashtags to educate and rally people around a cause. However, the power hashtags possess also means it’s critical to use them with care. Here are several ways people are using hashtags in harmful ways.

5 hidden hashtag risks

  1. Hashtags can put children at risk. Unfortunately, innocent hashtags commonly used by proud parents such as #BackToSchool, #DaddysGirl, or #BabyGirl can be magnets for a pedophile. According to the Child Rescue Coalition, predators troll social media looking for hashtags like #bathtimefun, #cleanbaby, and #pottytrain, to collect images of children. CRC has compiled a list of hashtags parents should avoid using.
  2. Hashtags can compromise privacy. Connecting a hashtag to personal information such as your hometown, your child’s name, or even #HappyBirthdayToMe can give away valuable pieces of your family’s info to a cybercriminal on the hunt to steal identities.
  3. Hashtags can be used in scams. Scammers can use popular hashtags they know people will search to execute several scams. According to NBC News, one popular scam on Instagram is scammers who use luxury brand hashtags like #Gucci or #Dior or coded hashtags such as #mirrorquality #replica and #replicashoes to sell counterfeit goods. Cybercriminals will also search hashtags such as #WaitingToAdopt to target and run scams on hopeful parents.
  4. Hashtags can have hidden meanings. Teens use code or abbreviation hashtags to reference drugs, suicide, mental health, and eating disorders. By searching the hashtag, teens band together with others on the same topic. Some coded hashtags include: #anas (anorexics) #mias (bulimics) #sue (suicide), #cuts (self-harm), #kush and #420 (marijuana).
  5. Hashtags can be used to cyberbully. Posting a picture on a social network and adding mean hashtags is a common way for kids to bully one another. They use hashtags such as #whatnottowear, #losr, #yousuck, #extra, #getalife, #tbh (to be honest) and #peoplewhoshouldoffthemselves on photo captions bully or harass peers. Kids also cyberbully by making up hashtags like #jackieisacow and asking others to use it too. Another hashtag is #roastme in which kids post a photo of themselves and invite others to respond with funny comments only the humor can turn mean very quickly.

When it comes to understanding the online culture, taking the time to stay informed, pausing before you post, and trusting your instincts are critical. Also, being intentional to monitor your child’s social media (including reviewing hashtags) can help you spot potential issues such as bullying, mental health problems, or drug abuse.

The post 5 Hidden Hashtag Risks Every Parent Needs Know appeared first on McAfee Blogs.

Are Cash Transfer Apps Safe to Use? Here’s What Your Family Needs to Know

cash appsI can’t recall the last time I gave my teenage daughter cash for anything. If she needs money for gas, I Venmo it. A Taco Bell study break with the roommates? No problem. With one click, I transfer money from my Venmo account to hers. She uses a Venmo credit card to make her purchase. To this mom, cash apps may be the best thing to happen to parenting since location tracking became possible. But as convenient as these apps may be, are they safe for your family to use?

How do they work?

The research company, eMarketer, estimates that 96.0 million people used Peer-to-Peer (P2P) payment services this year (that’s 40.4% of all mobile phone users), up from an estimated 82.5 million last year.

P2P technology allows you to create a profile on a transfer app and link your bank account or credit card to it. Once your banking information is set up, you can locate another person’s account on the app (or invite someone to the app) and transfer funds instantly into their P2P account (without the hassle of getting a bank account number, email, or phone number). That person can leave the money in their app account, move it into his or her bank account, or use a debit card issued by the P2P app to use the funds immediately. If the app offers a credit card (like Venmo does), the recipient can use the Venmo card like a credit card at retailers most anywhere. 

Some of the more popular P2P apps include Venmo, Cash App, Zelle, Apple Pay, Google Wallet, PayPal.me, Facebook Messenger, and Snapcash, among others. Because of the P2P platform’s rapid growth, more and more investors are entering the market each day to introduce new cash apps, which is causing many analysts to speculate on need for paper check transactions in the future.

Are they safe?

While sending your hard-earned money back and forth through cyberspace on an app doesn’t sound safe, in general, it is. Are there some exceptions? Always. 

Online scam trends often follow consumer purchasing trends and, right now, the hot transaction spot is P2P platforms. Because P2P money is transferred instantly (and irreversibly), scammers exploit this and are figuring out how to take people’s money. After getting a P2P payment, scammers then delete their accounts and disappear — instantly

In 2018 Consumer Reports (CR) compared the potential financial and privacy risks of five mobile P2P services with a focus on payment authentication and data privacy. CR found all the apps had acceptable encryption but some were dinged for not clearly explaining how they protected user data. The consumer advocacy group ranked app safety strength in this order: Apple Pay, Venmo, Cash App, Facebook Messenger, and Zelle. CR also noted they “found nothing to suggest that using these products would threaten the security of your financial and personal data.”

While any app’s architecture may be deemed safe, no app user is immune from scams, which is where app safety can make every difference. If your family uses P2P apps regularly, confirm each user understands the potential risks. Here are just a few of the schemes that have been connected to P2P apps.

cash apps

Potential scams

Fraudulent sellers. This scam targets an unassuming buyer who sends money through a P2P app to purchase an item from someone they met online. The friendly seller casually suggests the buyer “just Venmo or Cash App me.” The buyer sends the money, but the item is never received, and the seller vanishes. This scam has been known to happen in online marketplaces and other trading sites and apps.

Malicious emails. Another scam is sending people an email telling them that someone has deposited money in their P2P account. They are prompted to click a link to go directly to the app, but instead, the malicious link downloads malware onto the person’s phone or computer. The scammer can then glean personal information from the person’s devices. To avoid a malware attack, consider installing comprehensive security software on your family’s computers and devices.

Ticket scams. Beware of anyone selling concert or sporting event tickets online. Buyers can get caught up in the excitement of scoring tickets for their favorite events, send the money via a P2P app, but the seller leaves them empty-handed.

Puppy and romance scams. In this cruel scam, a pet lover falls in love with a photo of a puppy online, uses a P2P app to pay for it, and the seller deletes his or her account and disappears. Likewise, catfish scammers gain someone’s trust. As the romantic relationship grows, the fraudulent person eventually asks to borrow money. The victim sends money using a P2P app only to have their love interest end all communication and vanish.  

P2P safety: Talking points for families

Only connect with family and friends. When using cash apps, only exchange money with people you know. Unlike an insured bank, P2P apps do not refund the money you’ve paid out accidentally or in a scam scenario. P2P apps hold users 100% responsible for transfers. 

Verify details of each transfer. The sender is responsible for funds, even in the case of an accidental transfer. So, if you are paying Joe Smith your half of the rent, be sure you select the correct Joe Smith, (not Joe Smith_1, or Joe Smithe) before you hit send. There could be dozens of name variations to choose from in an app’s directory. Also, verify with your bank that each P2P transaction registers.

Avoid public Wi-Fi transfers. Public Wi-Fi is susceptible to hackers trying to access valuable financial and personal information. For this reason, only use a secure, private Wi-Fi network when using a P2P payment app. If you must use public Wi-Fi, consider using a Virtual Private Network (VPN).

cash apps

Don’t use P2P apps for business. P2P apps are designed to be used between friends and include no-commercial-use clauses in their policies. For larger business transactions such as buying and selling goods or services use apps like PayPal. 

Lock your app. When you have a P2P app on your phone, it’s like carrying cash. If someone steals your phone, they can go into an unlocked P2P app and send themselves money from your bank account. Set up extra security on your app. Most apps offer PINs, fingerprint IDs, and two-factor authentication. Also, always lock your device home screen.

Adjust privacy settings. Venmo includes a feed that auto shares when users exchange funds, much like a social media feed. To avoid a stranger seeing that you paid a friend for Ed Sheeran tickets (and won’t be home that night), be sure to adjust your privacy settings. 

Read disclosures. One way to assess an app’s safety is to read its disclosures. How does the app protect your privacy and security? How does the app use your data? What is the app’s error-resolution policy? Feel secure with the app you choose.

We’ve learned that the most significant factor in determining an app’s safety comes back to the person using it. If your family loves using P2P apps, be sure to take the time to discuss the responsibility that comes with exchanging cash through apps. 

The post Are Cash Transfer Apps Safe to Use? Here’s What Your Family Needs to Know appeared first on McAfee Blogs.

Attention Facebook Users: Here’s What You Need to Know About the Recent Breach

With over 2.4 billion monthly active users, Facebook is the biggest social network worldwide. And with so many users come tons of data, including some personal information that may now potentially be exposed. According to TechCrunch, a security researcher found an online database exposing 419 million user phone numbers linked to Facebook accounts.

It appears that the exposed server wasn’t password-protected, meaning that anyone with internet access could find the database. This server held records containing a user’s unique Facebook ID and the phone number associated with the account. In some cases, records also revealed the user’s name, gender, and location by country. TechCrunch was able to verify several records in the database by matching a known Facebook user’s phone number with their listed Facebook ID. Additionally, TechCrunch was able to match some phone numbers against Facebook’s password reset feature, which partially reveals a user’s phone number linked to their account.

It’s been over a year since Facebook restricted public access to users’ phone numbers. And although the owner of the database wasn’t found, it was pulled offline after the web host was contacted. Even though there has been no evidence that the Facebook accounts were compromised as a result of this breach, it’s important for users to do everything they can to protect their data. Here are some tips to keep in your cybersecurity arsenal:

  • Change your password. Most people will rotate between the same three passwords for all of their accounts. While this makes it easier to remember your credentials, it also makes it easier for hackers to access more than one of your accounts. Try using a unique password for every one of your accounts or employ a password manager.
  • Enable two-factor authentication. While a strong and unique password is a good first line of defense, enabling app-based two-factor authentication across your accounts will help your cause by providing an added layer of security.

And, of course, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post Attention Facebook Users: Here’s What You Need to Know About the Recent Breach appeared first on McAfee Blogs.

Chinese deepfake app Zao sparks privacy row after going viral

Critics say face-swap app could spread misinformation on a massive scale

A Chinese app that lets users convincingly swap their faces with film or TV characters has rapidly become one of the country’s most downloaded apps, triggering a privacy row.

Related: The rise of the deepfake and the threat to democracy

In case you haven't heard, #ZAO is a Chinese app which completely blew up since Friday. Best application of 'Deepfake'-style AI facial replacement I've ever seen.

Here's an example of me as DiCaprio (generated in under 8 secs from that one photo in the thumbnail) pic.twitter.com/1RpnJJ3wgT

Continue reading...

How to Spring Clean Your Digital Life

With winter almost gone, now is the perfect time to start planning your annual spring clean. When we think about our yearly sort out, most of us think about decluttering our chaotic linen cupboards or the wardrobes that we can’t close. But if you want to minimise the opportunities for a hacker to get their hands on your private online information then a clean-up of your digital house (aka your online life) is absolutely essential.

Not Glamourous but Necessary

I totally accept that cleaning up your online life isn’t exciting but let me assure you it is a must if you want to avoid becoming a victim of identity theft.

Think about how much digital clutter we have accumulated over the years? Many of us have multiple social media, messaging and email accounts. And don’t forget about all the online newsletters and ‘accounts’ we have signed up for with stores and online sites? Then there are the apps and programs we no longer use.

Well, all of this can be a liability. Holding onto accounts and files you don’t need exposes you to all sorts of risks. Your devices could be stolen or hacked or, a data breach could mean that your private details are exposed quite possibly on the Dark Web. In short, the less information that there is about you online, the better off you are.

Digital clutter can be distracting, exhausting to manage and most importantly, detrimental to your online safety. A thorough digital spring clean will help to protect your important, online personal information from cybercriminals.

What is Identity Theft?

Identity theft is a serious crime that can have devastating consequences for its victims. It occurs when a person’s personal information is stolen to be used primarily for financial gain. A detailed set of personal details is often all a hacker needs to access bank accounts, apply for loans or credit cards and basically destroy your credit rating and reputation.

How To Do a Digital Spring Clean

The good news is that digital spring cleaning doesn’t require nearly as much elbow grease as scrubbing down the microwave! Here are my top tips to add to your spring-cleaning list this year:

  1. Weed Out Your Old Devices

Gather together every laptop, desktop computer, tablet and smartphone that lives in your house. Now, you need to be strong – work out which devices are past their use-by date and which need to be spring cleaned.

If it is finally time to part ways with your first iPad or the old family desktop, make sure any important documents or holiday photos are backed up in a few places (on another computer, an external hard drive AND in cloud storage program such as Dropbox and or iCloud) so you can erase all remaining data and recycle the device with peace of mind. Careful not to get ‘deleting’ confused with ‘erasing,’ which means permanently clearing data from a device. Deleted files can often linger in a device’s recycling folder.

  1. Ensure Your Machines Are Clean!

It is not uncommon for viruses or malware to find their way onto your devices through outdated software so ensure all your internet-connected devices have the latest software updates including operating systems and browsers. Ideally, you should ensure that you are running the latest version of apps too. Most software packages do auto-update but please take the time to ensure this is happening on all your devices.

  1. Review and Consolidate Files, Applications and Services

Our devices play such a huge part in our day to day lives so it is inevitable that they become very cluttered. Your kids’ old school assignments, outdated apps and programs, online subscriptions and unused accounts are likely lingering on your devices.

The big problem with old accounts is that they get hacked! And they can often lead hackers to your current accounts so it’s a no-brainer to ensure the number of accounts you are using is kept to a minimum.

Once you have decided which apps and accounts you are keeping, take some time to review the latest privacy agreements and settings so you understand what data they are collecting and when they are collecting it. You might also discover that some of your apps are using far more of your data than you realised! Might be time to opt-out!

  1. Update Passwords and Enable Two-Factor Authentication

As the average consumer manages a whopping 11 online accounts – social media, shopping, banking, entertainment, the list goes on – updating our passwords is an important ‘cyber hygiene’ practice that is often neglected. Why not use your digital spring cleaning as an excuse to update and strengthen your credentials?

Creating long and unique passwords using a variety of upper and lowercase numbers, letters and symbols is an essential way of protecting yourself and your digital assets online. And if that all feels too complicated, why not consider a password management solution? Password managers help you create, manage and organise your passwords. Some security software solutions include a password manager such as McAfee Total Protection.

Finally, wherever possible, you should enable two-factor authentication for your accounts to add an extra layer of defense against cyber criminals. Two-factor authentication is where a user is verified by opt-out password or one-off code through a separate personal device like a smart phone.

Still not convinced? If you use social media, shop online, subscribe to specialist newsletters then your existence is scattered across the internet. By failing to clean up your ‘digital junk’ you are effectively giving a set of front door keys to hackers and risking having your identity stolen. Not a great scenario at all. So, make yourself a cuppa and get to work!

Til Next Time

Alex xx

 

 

 

 

The post How to Spring Clean Your Digital Life appeared first on McAfee Blogs.

Clicks & Cliques: How to Help Your Daughter Deal with Mean Girls Online

According to a new report released by the National Center for Education Statistics (NCES), mean girls are out in force online. Data shows that girls report three times as much harassment online (21%) as boys (less than 7%). While the new data does not specify the gender of the aggressors, experts say most girls are bullied by other girls.

With school back in full swing, it’s a great time to talk with your kids — especially girls — about how to deal with cyberbullies. Doing so could mean the difference between a smooth school year and a tumultuous one.

The mean girl phenomenon, brought into the spotlight by the 2004 movie of the same name, isn’t new. Only today, mean girls use social media to dish the dirt, which can be devastating to those targeted. Mean girls are known to use cruel digital tactics such as exclusion, cliques, spreading rumors online, name-calling, physical threats, sharing explicit images of others, shaming, sharing secrets, and recruiting others to join the harassment effort.

How parents can help

Show empathy. If your daughter is the target of mean girls online, she needs your ears and your empathy. The simple, powerful phrase, “I understand,” can be an instant bridge builder. Parents may have trouble comprehending the devastating effects of cyberbullying because they, unlike their child, did not grow up under the threat of being electronically attacked or humiliated. This lack of understanding, or empathy gap, can be closed by a parent making every effort empathize with a child’s pain.

Encourage confidence and assertiveness. Mean girls target people they consider weak or vulnerable. If they know they can exploit another person publicly and get away with it, it’s game on. Even if your daughter is timid, confidence and assertiveness can be practiced and learned. Find teachable moments at home and challenge your daughter to boldly express her opinions, thoughts, and feelings. Her ability to stand up for herself will grow over time, so get started role-playing and brainstorming various ways to respond to mean girls with confidence.

Ask for help. Kids often keep bullying a secret to keep a situation from getting worse. Unfortunately, this thinking can backfire. Encourage your daughter to reach out for help if a mean girl situation escalates. She can reach out to a teacher, a parent, or a trusted adult. She can also reach out to peers. There’s power in numbers, so asking friends to come alongside during a conflict can curb a cyberbully’s efforts.

Exercise self-control. When it comes to her behavior, mean girls habitually go low, so encourage your daughter always to go high.  Regardless of the cruelty dished out, it’s important to maintain a higher standard. Staying calm, using respectful, non-aggressive language, and speaking in a confident voice, can discourage a mean girl’s actions faster than retribution.

Build a healthy perspective. Remind your daughter that even though bullying feels extremely personal, it’s not. A mean girl’s behavior reflects her own pain and character deficits, which has nothing to do with her target. As much as possible, help your daughter separate herself from the rumors or lies being falsely attached to her. Remind her of her strengths and the bigger picture that exists beyond the halls of middle school and high school.

Teach and prioritize self-care. In this context, self-care is about balance and intention. It includes spending more time doing what builds you up emotionally and physically — such as sleep and exercise — and less time doing things that deplete you (like mindlessly scrolling through Instagram).

Digitally walk away. When mean girls attack online, they are looking for a fight. However, if their audience disengages, a bully can quickly lose power and interest. Walk away digitally by not responding, unfollowing, blocking, flagging, or reporting an abusive account. Parents can also help by monitoring social activity with comprehensive software. Knowing where your child spends time online and with whom, is one way to spot the signs of cyberbullying.

Parenting doesn’t necessarily get easier as our kids get older and social media only adds another layer of complexity and concern. Even so, with consistent family conversation and connection, parents can equip kids to handle any situation that comes at them online.

The post Clicks & Cliques: How to Help Your Daughter Deal with Mean Girls Online appeared first on McAfee Blogs.

Digital Parenting: How to Keep the Peace with Your Kids Online

Simply by downloading the right combination of apps, parents can now track their child’s location 24/7, monitor their same social conversations, and inject their thoughts into their lives in a split second. To a parent, that’s called safety. To kids, it’s considered maddening.

Kids are making it clear that parents armed with apps are overstepping their roles in many ways. And, parents, concerned about the risks online are making it clear they aren’t about to let their kids run wild.

I recently watched the relationship of a mother and her 16-year-old daughter fall apart over the course of a year. When the daughter got her driver’s license (along with her first boyfriend), the mother started tracking her daughter’s location with the Life360 app to ease her mind. However, the more she tracked, the more the confrontations escalated. Eventually, the daughter, feeling penned in, waged a full-blown rebellion that is still going strong.

There’s no perfect way to parent, especially in the digital space. There are, however, a few ways that might help us drive our digital lanes more efficiently and keep the peace. But first, we may need to curb (or ‘chill out on’ as my kids put it) some annoying behaviors we may have picked up along the way.

Here are just a few ways to keep the peace and avoid colliding with your kids online:

Interact with care on their social media. It’s not personal. It’s human nature. Kids (tweens and teens) don’t want to hang out with their parents in public — that especially applies online. They also usually aren’t too crazy about you connecting with their friends online. And tagging your tween or teen in photos? Yeah, that’s taboo. Tip: If you need to comment on a photo (be it positive or negative) do it in person or with a direct message, not under the floodlights of social media. This is simply respecting your child’s social boundaries. 

Ask before you share pictures. Most parents think posting pictures of their kids online is a simple expression of love or pride, but to kids, it can be extremely embarrassing, and even an invasion of privacy. Tip: Be discerning about how much you post about your kids online and what you post. Junior may not think a baby picture of him potty training is so cute. Go the extra step and ask your child’s permission before posting a photo of them.

Keep tracking and monitoring in check. Just because you have the means to monitor your kids 24/7 doesn’t mean you should. It’s wise to know where your child goes online (and off) but when that action slips into a preoccupation, it can wreck a relationship (it’s also exhausting). The fact that some kids make poor digital choices doesn’t mean your child will. If your fears about the online world and assumptions about your child’s behavior have led you to obsessively track their location, monitor their conversations, and hover online, it may be time to re-engineer your approach. Tip: Put the relationship with your child first. Invest as much time into talking to your kids and spending one-one time with them as you do tracking them. Put conversation before control so that you can parent from confidence, rather than fear.

Avoid interfering in conflicts. Kids will be bullied, meet people who don’t like them and go through tough situations. Keeping kids safe online can be done with wise, respectful monitoring. However, that monitoring can slip into lawnmower parenting (mowing over any obstacle that gets in a child’s path) as described in this viral essay. Tip: Don’t block your child’s path to becoming a capable adult. Unless there’s a serious issue to your child’s health and safety, try to stay out of his or her online conflicts. Keep it on your radar but let it play out. Allow your child to deal with peers, feel pain, and find solutions. 

As parents, we’re all trying to find the balance between allowing kids to have their space online and still keep them safe. Too much tracking can cause serious family strife while too little can be inattentive in light of the risks. Parenting today is a difficult road that’s always a work-in-progress so give yourself permission to keep learning and improving your process along the way

The post Digital Parenting: How to Keep the Peace with Your Kids Online appeared first on McAfee Blogs.

How To Help Your Kids Manage Our ‘Culture of Likes’

As a mum of 4 sons, my biggest concerns about the era of social media is the impact of the ‘like culture’ on our children’s mental health. The need to generate likes online has become a biological compulsion for many teens and let’s be honest – adults too! The rush of dopamine that surges through one’s body when a new like has been received can make this like culture understandably addictive.

 

Research Shows Likes Can Make You Feel As Good As Chocolate!

The reason why our offspring (and even us) just can’t give up social media is because it can make us feel just so damn good! In fact, the dopamine surges we get from the likes we collect can give us a true psychological high and create a reward loop that is almost impossible to break. Research published in Psychological Science, a journal of the Association for Psychological Science, shows the brain circuits that are activated by eating chocolate and winning money are also activated when teens see large numbers of ‘likes’ on their own photos or photos of peers in a social network.

Likes and Self Worth

Approval and validation by our peers has, unfortunately, always had an impact on our sense of self-worth. Before the era of social media, teens may have measured this approval by the number of invitations they received to parties or the number of cards they received on their birthday. But in the digital world of the 21st  century, this is measured very publicly through the number of followers we have or the number of likes we receive on our posts.

But this is dangerous territory. Living our lives purely for the approval of others is a perilous game. If our self-worth is reliant on the amount of likes we receive then we are living very fragile existences.

Instagram’s Big Move

In recognition of the competition social media has become for many, Instagram has decided to trial hiding the likes tally on posts. Instagram believes this move, which is also being trialled in six other countries including Canada and New Zealand, will improve the well-being of users and allow them to focus more on ‘telling their story’ and less on their likes tally.

But the move has been met with criticism. Some believe Instagram is ‘mollycoddling’ the more fragile members of our community whilst others believe it is threatening the livelihood of ‘Insta influencers’ whose income is reliant on public displays of likes.

Does Instagram’s Move Really Solve Address our Likes Culture?

While I applaud Instagram for taking a step to address the wellbeing and mental health of users, I believe that it won’t be long before users simply find another method of social validation to replace our likes stats. Whether it’s follower numbers or the amount of comments or shares, many of us have been wired to view social media platforms like Instagram as a digital popularity contest so will adjust accordingly. Preparing our kids for the harshness of this competitive digital environment needs to be a priority for all parents.

What Can Parents Do?

Before your child joins social media, it is imperative that you do your prep work with your child. There are several things that need to be discussed:

  1. Your Kids Are So Much More Than Their Likes Tally

It is not uncommon for tweens and teens to judge their worth by the number of followers or likes they receive on their social media posts. Clearly, this is crazy but a common trend/ So, please discuss the irrationality of the likes culture and online popularity contest that has become a feature of almost all social media platforms. Make sure they understand that social media platforms play on the ‘reward loop’ that keep us coming back for more. Likes on our posts and validating comments from our followers provide hits of dopamine that means we find it hard to step away. While many tweens and teens view likes as a measure of social acceptance, it is essential that you continue to tell them that this is not a true measure of a person.

  1. Encourage Off-Line Activities

Help your kids develop skills and relationships that are not dependent on screens. Fill their time with activities that build face-to-face friendships and develop their individual talents. Whether it’s sport, music, drama, volunteering or even a part time job – ensuring your child has a life away from screens is essential to creating balance.

  1. Education is Key

Teaching your kids to be cyber safe and good digital citizens will minimise the chances of them experiencing any issues online. Reminding them about the perils of oversharing online, the importance of proactively managing their digital reputation and the harsh reality of online predators will prepare them for the inevitable challenges they will have to navigate.

  1. Keep the Communication Channels Open – Always!

Ensuring your kids really understand that they can speak to you about ANYTHING that is worrying them online is one of the best digital parenting insurance policies available. If they do come to you with an issue, it is essential that you remain calm and do not threaten to disconnect them from their online life. Whether it’s cyberbullying, inappropriate texting or a leak of their personal information, working with them to troubleshoot and solve problems and challenges they face is a must for all digital parents.

Like many parents, I wish I could wave a magic wand and get rid of the competition the likes culture has created online for many of our teens. But that is not possible. So, instead let’s work with our kids to educate them about its futility and help them develop a genuine sense of self-worth that will buffer them from harshness this likes culture has created.

Alex xx

The post How To Help Your Kids Manage Our ‘Culture of Likes’ appeared first on McAfee Blogs.

Cyber Security Roundup for July 2019

July was a month of mega data privacy fines. The UK Information Commissioners Office (ICO) announced it intended to fine British Airways £183 million for last September's data breach, where half a million BA customer personal records were compromised. The ICO also announced a £100 million fine for US-based Marriot Hotels after the Hotel chain said 339 million guest personal data records had been compromised by hackers. Those fines were dwarfed on the other side of the pond, with Facebook agreeing to pay a US Federal Trade Commission (FTC) fine of $5 billion dollars, to put the Cambridge Analytica privacy scandal to bed. And Equifax paid $700 million to FTC to settle their 2017 data breach, which involved the loss of at least 147 million personal records. Big numbers indeed, we are seeing the big stick of the GDPR kicking in within the UK, and the FTC flexing some serious privacy rights protection punishment muscles in the US. All 'food for thought' when performing cybersecurity risk assessments.

Through a Freedom of Information request, the UK Financial Conduct Authority (FCA) disclosure a sharp rise of over 1000% in cyber-incidents within UK financial sector in 2018. In my view, this rise was fueled by the mandatory data breach reporting requirement of the GDPR, given it came into force in May 2018. I also think the finance sector was reluctant to report security weakness pre-GDPR, over fears of damaging their customer trust. Would you trust and use a bank if you knew its customers were regularly hit by fraud?

Eurofins Scientific, the UK's largest forensic services provider, which was taken down by a mass ransomware attack last month, paid the cybercrooks ransom according to the BBC News. It wasn't disclosed how much Eurofins paid, but it is highly concerning when large ransoms are paid, as it fuels further ransomware attacks.

A man was arrested on suspicion of carrying out a cyberattack against Lancaster University. The UK National Crime Agency said university had been compromised and "a very small number" of student records, phone numbers and ID documents were accessed. In contrast, the FBI arrested a 33 old software engineer from Seattle, she is alleged to have taken advantage of a misconfigured web application firewall to steal a massive 106 million personal records from Capital One. A stark reminder of the danger of misconfiguring and mismanaging IT security components.

The Huawei international political rhetoric and bun fighting has gone into retreat. UK MPs said there were no technological grounds for a complete Huawei banwhile Huawei said they were 'confident' the UK will choose to include it within 5G infrastructure. Even the White House said it would start to relax the United States Huawei ban. It seems something behind the scenes has changed, this reversal in direction is more likely to be financially motivated than security motivated in my rather cynical view.

A typical busy month for security patch releases, Microsoft, Adobe and Cisco all releasing the expected barrage of security updates for their products. There was security updates released by Apple as well, however, Google researchers announced six iPhone vulnerabilities, including one that remains unpatched.

BLOG
NEWS
VULNERABILITIES AND SECURITY UPDATES
HUAWEI NEWS AND THREAT INTELLIGENCE

FOMO: How to Help Digital Kids Overcome the Feeling of Missing Out

What happens when you give hundreds of teenagers smartphones and unlimited access to chat apps and social networks 24/7? A generation emerges with a condition called Fear of Missing Out, or, FOMO. While feelings of FOMO have been around for centuries, social media has done its part to amplify it, which can cause some serious emotional fallout for teens today.

What is FOMO

FOMO is that uneasy and often consuming feeling you’re missing out on something more interesting, exciting or better than what you are currently doing. FOMO affects people of all ages in various ways since 77% of humans now own phones. However, for uber-digital teens, FOMO can hit especially hard. Seeing a friend’s Paris vacation photos on Instagram or watching friends at a party on Snapchat can spark feelings of sadness and loneliness that can lead to anxiety and even depression.

As one mom recently shared with us: “My daughter called me a few months ago saying she wanted to drop out of college and travel the world. When I asked her what sparked this and how she planned to finance her adventure, she said, ‘everyone else is doing it, so I’m sure I’ll figure it out.'”

After further discussion, the mom discovered that her daughter’s idea to drop out was a combination of intense FOMO and lack of sleep. It was exam week, the pressure was high, and scrolling Instagram made her daughter question her life choices. When exams ended, her daughter got some sleep and took a few days off of social media and remains in school today.

Signs of FOMO

  • Constantly checking social media (even while on vacation, out with friends, or attending a fun event)
  • Constantly refreshing your screen to get the latest updates and to see people’s responses to your posts
  • Feeling you need to be available and respond to your friends 24/7
  • Obsessively posting your daily activities online
  • Feeling of needing new things, new experiences, a better life
  • Feeling sad, lonely, or depressed after being on social media for extended periods of time
  • Feeling dissatisfaction with one’s life
  • Making life choices or financial decisions based on what you see online

Coaching Kids through FOMO

Nurture JOMO. The Joy of Missing Out, JOMO, is the opposite of FOMO. It’s the feeling of freedom and even relief that we’ve unplugged and are fully present in the moment. To encourage more JOMO and less FOMO, parents can help guide kids toward personal contentment with more phone-free activities such as reading, journaling, face-to-face conversations, outdoor activities, and practicing mindfulness.

Other ways to encourage JOMO: Remind kids they have choices and don’t have to say “yes” to every invitation and to ask themselves, “Is this something I really want to do?” Also, consider challenging them to turn off their phone notifications, try a digital cleanse for a day or even a week, and read and discuss this great JOMO Manifesto together. A big perk of embracing JOMO is also “missing out” on some of the digital risks such as oversharing and risks to reputation and privacy.

Keep a thought journal. Changing your thinking is hard work. Experts suggest that kids suffering from anxiety, depression, or FOMO keep a thought journal to track, analyze, and reframe negative thoughts in more realistic, honest ones. For example, an initial thought might be: “I can’t believe my friends went to the concert without me. They must not want me around.” After thinking honestly about the situation, that thought might change to: “I don’t even like that band, wouldn’t spend money to see them, and my friends know that. Anyway, I had a blast with Ashley at the movies tonight.”

Cut back on social media. Cutting back sounds like an obvious fix, right? That’s the thing about unhealthy habits — they can be very tough to break and sometimes we need help. Most kids will be quick to argue that the amount of time they spend online doesn’t impact their emotions at all but numerous studies and common sense contradict that reasoning. They say this because the thought of cutting back on their social media habits can strike panic. It’s a love-hate routine they don’t quite know how to stop and it is their go-to remedy for boredom. So persist in helping your child reduce screen time. Be creative by offering alternate activities and helping them stay on track with their goals.

Curate for quality. This tip will, no doubt, challenge your kids. You may even get a flat “no way” when you suggest it. When it comes to photo-based platforms like Instagram and Snapchat, challenge your child to think about why they follow certain friends or accounts. Challenge them to delete feeds that are not encouraging, useful, or post quality content. They may not want to reduce their friends’ list (follower and friend counts matter) but they can mute accounts so they don’t have to see content that triggers FOMO feelings.

FOMO is a very real feeling so if your child shows signs of it be sure to validate their feelings. Periodic feelings of exclusion and hurt are part of being human. Don’t, however, allow faulty, streaming perceptions to push out the true joys of real-life experiences. Be the bridge of reason for your kids reminding them that social media spotlights the best versions of people’s lives — the filtered versions — but that nothing compares to showing up and living the real adventure.

The post FOMO: How to Help Digital Kids Overcome the Feeling of Missing Out appeared first on McAfee Blogs.

4 Ways for Parents to Handle the Facebook Messenger Bug

9 out of 10 children in the U.S. between the ages of six and twelve have access to smart devices. And while parents know it’s important for their children to learn to use technology in today’s digital world, 75% want more visibility into their kids’ digital activities. This is precisely why Facebook designed Messenger Kids to empower parents to monitor their children’s safety online. However, the popular social media platform had to recently warn users of a security issue within this app for kids.

The central benefit of Messenger Kids is that children can only chat with other users their parents approve of. Yet one design flaw within the group chat feature prevented Facebook from upholding this rule. Children who started a group chat could include any of their approved connections in the conversation, even if a user was not authorized to message the other kids in the chat. As a result, thousands of children were able to connect with users their parents weren’t aware of via this flaw.

Luckily, Facebook removed the unauthorized group chats and flagged the issue to all affected users, promising that that potentially unsafe chats won’t happen again. While Facebook has not yet made a formal public response, they confirmed the bug to The Verge:

“We recently notified some parents of Messenger Kids account users about a technical error that we detected affecting a small number of group chats. We turned off the affected chats and provided parents with additional resources on Messenger Kids and online safety.”

Now, Facebook is currently working on still resolving the bug itself. However, there are still many actions parents can take to ensure that their child is safe on Facebook Messenger, and social media apps in general. Start by following these four best practices to secure your kid’s online presence:

  • Turn on automatic app updates on your child’s device. Updates usually include new and improved app features that your child will be excited to try. But more importantly, they tend to account for security bugs. Delaying updates can leave apps vulnerable to cybercriminals and turning on automatic app updates ensures that you don’t have to worry about missing one.
  • Get educated. Some parents find it helpful to use the same apps as their child to better understand how it works and what safety threats might be relevant. Facebook also offers resources online that provide guidance for staying safe, such as how and when to block a user and what kind of content is or isn’t risky to share. Additionally, it’s always a best practice to read the terms and conditions of an app before downloading to make sure you’re aware of what your child is signing up for.
  • Keep an open dialogue about online safety. It’s important to discuss your child’s online activities with them and walk them through best internet practices, such as changing passwords every so often and not clicking on links from unknown sources. That way, they’ll be better prepared for potential cyberthreats. Making the internet a part of the conversion will also help your child feel comfortable coming to you about things they might be skeptical about online.
  • Consider leveraging a security solution with parental controls. Depending on your child’s age and how much of a window you want into their online behaviors, you can leverage a solution such as McAfee Safe Family that can be helpful for creating a safe online environment. You can block certain websites and create predefined rules, which will help prevent your child from sharing comprising information.

And, of course, to stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post 4 Ways for Parents to Handle the Facebook Messenger Bug appeared first on McAfee Blogs.

Family Safety: Twitter, Instagram Beef Up Measures to Fight Hate Speech, Bullying

The past few weeks have proven to be wins for family safety with several top social networks announcing changes to their policies and procedures to reduce the amount of hateful conduct and online bullying.

Twitter: ‘Dehumanizing Language Increases Risk’

In response to rising violence against religious minorities, Twitter said this week that it would update its hateful conduct rules to include dehumanizing speech against religious groups.

“Our primary focus is on addressing the risks of offline harm, and research shows that dehumanizing language increases that risk . . . we’re expanding our rules against hateful conduct to include language that dehumanizes others based on religion,” the company wrote on its Twitter Safety blog.

Twitter offered two resources that go in-depth on the link between dehumanizing language and offline harm that is worth reading and sharing with your kids. Experts Dr. Susan Benesch and Nick Haslam and Michelle Stratemeyer define hate speech, talk about its various contexts, and advise on how to counter it.

Instagram: ‘This intervention gives people a chance to reflect.’ 

Instagram announced it would be rolling out two new features to reduce potentially offensive content. The first, powered by artificial intelligence, prompts users to pause before posting. For instance, if a person is about to post a cruel comment such as “you are so stupid,” the user will get a pop-up notification asking, “are you sure you want to post this?”

A second anti-bullying function new to Instagram is called “Restrict,” a setting that will allow users to indiscreetly block bullies from looking at your account. Restrict is a quieter way to cut someone off from seeing your content than blocking, reporting, or unfollowing, which could spark more bullying.

These digital safety moves by both Instagram and Twitter are big wins for families concerned about the growing amount of questionable content and bullying online.

If you get a chance, go over the basics of these new social filters with your kids.

Other ways to avoid online bullying:

Wise posting. Encourage kids to pause and consider tone, word choice, and any language that may be offensive or hurtful to another person, race, or gender. You are your child’s best coach and teacher when it comes to using social apps responsibly.

Stay positive and trustworthy. Coach kids around online conflict and the importance of sharing verified information. Encourage your child to be part of the solution in stopping rumors and reporting digital skirmishes and dangerous content to appropriate platforms.

Avoid risky apps. Apps like ask.fm allow anonymity should be off limits. Kik Messenger, Yik Yak, Tinder, Down, and Whisper may also present risks. Remember: Any app is risky if kids are reckless with privacy settings, conduct, content, or the people they allow to connect with them.

Layer security. Use a comprehensive solution to help monitor screentime, filter content, and monitor potentially risky apps and websites.

Monitor gaming communities. Gaming time can skyrocket during the summer and in a competitive environment, so can cyberbullying. Listen in and monitor game time conversations and make every effort to help him or her balance summer gaming time.

Make profiles and photos private. Require kids under 18 to make all social profiles private. By doing this, you limit online circles to known friends and reduces the possibility of cyberbullying and online conflict.

The post Family Safety: Twitter, Instagram Beef Up Measures to Fight Hate Speech, Bullying appeared first on McAfee Blogs.