Login
Have you ever been browsing online and clicked a link or search result that took you to a site that triggers a “your connection is not private” or “your connection is not secure” error code? If you’re not too interested in that particular result, you may simply move on to another result option. But if you’re tempted to visit the site anyway, you should be sure you understand what the warning means, what the risks are, and how to bypass the error if you need to.
A “your connection is not private” error means that your browser cannot determine with certainty that a website has safe encryption protocols in place to protect your device and data. You can bump into this error on any device connected to the internet — computer, smartphone, or tablet.
So, what exactly is going on when you see the “this connection is not private” error?
For starters, it’s important to know that seeing the error is just a warning, and it does not mean any of your private information is compromised. A “your connection is not private” error means the website you were trying to visit does not have an up-to-date SSL (secure sockets layer) security certificate.
Website owners must maintain the licensing regularly to ensure the site encryption capabilities are up to date. If the website’s SSL certificate is outdated, it means the site owners have not kept their encryption licensing current, but it doesn’t necessarily mean they are up to no good. Even major websites like LinkedIn have had momentary lapses that would throw the error. LinkedIn mistakenly let their subdomain SSL certificates lapse.
In late 2021, a significant provider of SSL certificates, Let’s Encrypt, went out of business. When their root domain officially lapsed, it created issues for many domain names and SSL certificates owned by legitimate companies. The privacy error created problems for unwitting businesses, as many of their website visitors were rightfully concerned about site security.
While it does not always mean a website is unsafe to browse, it should not be ignored. A secure internet connection is critical to protecting yourself online. Many nefarious websites are dangerous to visit, and this SSL certificate error will protect you from walking into them unaware.
SSL certification standards have helped make the web a safer place to transact. It helps ensure online activities like paying bills online, ordering products, connecting to online banking, or keeping your private email accounts safe and secure. Online security continues to improve with a new Transport Layer Security (TLS) standard, which promises to be the successor protocol to SSL.
So be careful whenever visiting sites that trigger the “connection is not private” error, as those sites can potentially make your personal data less secure and make your devices vulnerable to viruses and malware.
Note: The “your connection is not private” error is Google Chrome‘s phrasing. Microsoft Edge or Mozilla Firefox users will instead see a “your connection is not secure” error as the warning message.
If you feel confident that a website or page is safe, despite the warning from your web browser, there are a few things you can do to troubleshoot the error.
Remember, you are taking your chances anytime you ignore an error. As we mentioned, you could leave yourself vulnerable to hackers after your passwords, personal information, and other risks.
Your data and private information are valuable to hackers, so they will continue to find new ways to try and procure it. Here are some ways to protect yourself and your data when browsing online.
As we continue to do more critical business online, we must also do our best to address the risks of the internet’s many conveniences.
A comprehensive cybersecurity tool like McAfee+ Ultimate can help protect you from online scams, identity theft, and phishing attempts, and ensure you always have a secure connection. McAfee helps keep your sensitive information out of the hands of hackers and can help you keep your digital data footprints lighter with personal data cleanup.
With McAfee’s experts on your side, you can enjoy everything the web offers with the confidence of total protection.
The post “This Connection Is Not Private” – What it Means and How to Protect Your Privacy appeared first on McAfee Blog.
Article tags
Something looks a little … sketchy. Is that website safe or unsafe?
Nowadays, it can take a bit work to tell.
And that’s by design. Increasingly, hackers and scammers go to great pains when they create their malicious websites. They take extra steps to make their sites look legit, when in fact they’re anything but. Certainly, plenty of other hackers and scammers slap together malicious sites that still look a bit roughshod, which makes them easier to spot.
So whether it’s a clever knockoff or a slapdash effort, unsafe websites of all kinds have several telltale signs you can spot. We’ll show you, and let’s start things off with what makes an unsafe website unsafe in the first place.
Unsafe websites typically harbor one of two primary forms of attack—yet sometimes both:
Malware: Hackers will use their sites to install malware on your device, often by tricking you into clicking or tapping on a download. They might tempt you with an offer, a prize, a show to stream—just about anything you might want to otherwise download. (Recently, we saw hackers installing malware on sites that offered to stream dubbed versions of the “Barbie” movie.)
Phishing: Another classic attack. Phishing involves scammers who try to hoodwink you into providing account or financial information. Common ruses include links in emails, texts, and DMs that appear to be urgent messages from streaming services, banks, social media, and other accounts. Of course, those messages are phony.
As a result, unsafe websites can lead to some not-so-good things.
On the malware side, attackers can install spyware and similar apps that siphon financial and personal information from your device while you’re using it. Other malware might steal files outright or maliciously delete them altogether. Ransomware remains a major concern today as well, where attackers hold devices and data hostage. And even if victims end up paying the ransom, they have no guarantee that the attacker will free their device or data.
Phishing attacks often lead to financial headaches, sometimes large ones at that. It depends on the information scammers get their hands on. In some cases, the damage might lead to identity fraud and a few illicit charges on a debit or credit card. If scammers gather enough information, they can take that a step further and commit identity theft. That can include opening new credit or loans in your name. It could also give a scammer the info they need to get driver’s licenses or employment in your name.
Above and beyond committing fraud or theft on their own, scammers might also sell stolen information to others on the dark web.
Again, all not-so-good. Yet quite preventable.
For some sites, it only takes one sign. For other sites, it takes a few signs—a series of red flags that warn you a site is unsafe. When you’re online, keep a sharp eye out for the following:
The “s” stands for “secure.” Specifically, it means that the website uses SSL (Secure Sockets Layer) that creates an encrypted link between a web server and a web browser. SSL helps prevent others from intercepting and reading your sensitive information as it’s transmitted, which is particularly important when you shop or bank online. Likewise, you can also look for a little lock symbol in the address bar of your web browser. That’s one more way you can spot a site that uses SSL.
From spelling errors and grammatical mistakes, to stretched out logos and cheap photography, some unsafe websites are designed poorly. Legitimate businesses pride themselves on error-free and professional-looking sites. If a website looks like it got cobbled together in a hurry or doesn’t seem to be well-designed, that’s usually a red flag. The site might be unsafe, created by attackers who don’t have a strong attention to detail—or the creative capabilities to create a good-looking website in the first place.
Plenty of unsafe sites are imposter sites. They’ll try to pass themselves off as a legitimate company, like the streaming services, banks, and so forth that we mentioned earlier—all to get a hold of your account information. With all these imposter sites in play, look at the site’s address. Scammers will gin up web addresses that are close to but different from legitimate sites, so close that you might miss it. If you’re uncertain about the address, leave the page. Also note that many companies have web pages that provide lists of the official addresses that they use. Amazon provides on example, and we do the same here at McAfee. Reviewing these lists can help you spot an imposter site.
A window or graphic pops up on your screen. The site you’re on says that it’s identified a security issue with your device. Or maybe it says that your system isn’t current. Either way, there’s a file the site wants you to download. “You can correct the issue with a click!” Don’t. It’s a classic trick. Instead of fixing your non-existent problem, the download will create one. Scammers use the security alert trick to install malware on the devices of unsuspecting victims.
A screen full of links insisting you to click ranks among the top signs of an unsafe site. So much so, it’s often the subject of sitcom bits. Needless to say, the attackers behind these sites want you to click for one of several reasons. It might be to get you to download malware. It might be to generate ad revenue with clicks. Or it might be to get you to click a link that redirects you to another malicious site. In all, if you encounter a site like this, close your browser. And then run a system scan with your online protection software.
These unsafe sites sprout up around the holidays and gift-giving seasons. When stores run low on particularly popular or hot items, scammers will quickly launch sites that claim these items are in stock and ready to ship. Similarly, they might promote popular items at a deep discount. Of course, shopping at these sites will likely lead to one thing—a credit card charge and no item on your doorstep. Be wary when you see ads for stores in your social media feed, in search, and elsewhere. Stick with known, trusted retailers. (And for more on shopping safely online, give this article a quick read.)
These sites bear similarities to malicious online shopping sites. When popular movies hit the big screen or major sporting events come around, so do scam sites that promise to stream them for free or at a low cost. Avoid them. Trusted streamers will only carry shows and events that they have the rights to. If you find an offer to stream something that’s heavily discounted, free, or not available on known media outlets, it’s likely a scam. At the very least, it might serve up pirated content, which could carry malware threats along with it.
Not every site that promotes some kind of giveaway or deal is a scam. Yet the ones that ask for personal or financial information likely are. Scammers prey on people’s love for saving money or even winning a buck or two. Enter the prize, coupon, and quiz sites. Malicious prize and coupon sites will often ask for credit or debit card information, often under the guise of a payout or a discount. Malicious quiz sites will likewise ask for all kinds of personal information, typically questions about the name of your pet, the first car you owned, or where you went to school. The questions share much in common with the security questions used by banks and credit card companies. Handing this information over could lead to a breached account. Give these sites a pass.
Comprehensive online protection software like ours includes web protection that can spot malicious sites for you. It has further features that can prevent downloading malware by accident, not to mention strong antivirus protection if a hacker makes their way through to you. In all, it gives you extra confidence that wherever your travels take you online, you’re protected from sketchy and unsafe sites.
However, another part of your best defense against unsafe websites is you. Knowing what the red flags are and the kinds of information hackers want to steal can help you avoid their attacks from the start.
The post How to Tell Whether a Website Is Safe or Unsafe appeared first on McAfee Blog.
Following up on our previous blog, How to Stop the Popups, McAfee Labs saw a sharp decrease in the number of deceptive push notifications reported by McAfee consumers running Microsoft’s Edge browser on Windows.
Such browser-delivered push messages appear as toaster pop-ups in the tray above the system clock and are meant to trick users into taking various actions, such as installing software, purchasing a subscription, or providing personal information.
Upon further investigation, this major drop seems to be associated with a change in the behavior of the Edge browser with two notable improvements over older versions.
First, when users visit websites known to deliver deceptive push notifications, Edge blocks authorization prompts that could trick users into opting-in to receive popups:
Second, when unwanted popups do occur, it is now easier than ever to disable them, on a per-site basis. Users can simply click the three dots (…) on the right of the notification and choose to “Turn off all notifications for” the domain responsible for the popup.
This is a great improvement over the previous experience of having to manually navigate browser settings to achieve the desired result.
Earlier this year, 9TO5Google reported a Chrome code change may be indicative of a similar crack down by Google on nefarious popups.
One can hope Google will follow Microsoft’s example to improve browser security and usability.
The post Microsoft’s Edge over Popups (and Google Chrome) appeared first on McAfee Blog.
Here’s one way you can help reduce your chances of identity theft: remove your personal information from the internet.
And chances are, you have more personal information posted online than you think.
According to the U.S. Federal Trade Commission (FTC), consumers registered 1.4 million identity theft complaints in 2021, all part of a year where consumers reported losing $5.8 billion to fraud overall—a 70% increase over the year prior.
What fuels all this theft and fraud? Access to personal information.
Scammers and thieves can get a hold of personal information in several ways, such as through phishing attacks that lure you into handing it over, malware that steals it from your devices, by purchasing your information on dark web marketplaces, or as a result of information leaked in data breaches, just to name a few.
However, scammers and thieves have other resources to help them commit theft and fraud—data broker sites, places where personal information is posted online for practically anyone to see. Which makes removing your info from them so important, from both an identity and privacy standpoint.
Think of data broker sites as huge repositories of personal information. Search your name and address online and you’ll see. You’ll likely find dozens of sites that turn up information about you, some of which offer a few pieces for free and others that offer far more information for a price.
Data brokers collect and then aggregate personal information from several sources, including:
Data brokers also buy personal information from other data brokers. As a result, some data brokers have thousands of pieces of data for billions of individuals worldwide.
What could that look like? A broker may know how much you paid for your home, your education level, where you’ve lived over the years and who your lived with, your driving record, and possibly your political leanings. A broker may also know your favorite flavor of ice cream and your preferred over-the-counter allergy medicine thanks to information from loyalty cards. Further, they may also have health-related information from fitness apps. The amount of personal information can run that broadly, and that deeply.
With information at this potential level of detail, it’s no wonder that data brokers rake in an estimated at $200 billion U.S. dollars worldwide every year.
On the legitimate side, it’s used by advertisers to create targeted ad campaigns. With information sold by data brokers, they can generate lists based on highly specific criteria, such as shopping histories, personal interests, and even political leanings as mentioned above. Likely without you being aware of it—and likely with no way to contest that information if it’s incorrect.
Other legitimate uses include using these sites for background checks. Law enforcement, reporters, and employers will use data brokers as a starting point for research because the leg work has largely been done for them. Namely, data brokers have aggregated a person’s information already, which is an otherwise time-consuming process.
If this seems a little shady, it’s still legal. As of now, the U.S. has no federal laws that regulate data brokers or require data them to remove personal information if requested. A few states, such as Nevada, Vermont, and California, have legislation in place aimed at protecting consumers. Meanwhile, the General Data Protection Regulation (GDPR) in the European Union has stricter rules about what information can be collected and what can be done with it. Still, the data broker economy thrives.
On the darker side, scammers and thieves use personal information for identity theft and fraud. With enough personal information gathered from enough sources, they can create a high-fidelity profile of their victims. One that gives them enough information to open new accounts in their name.
So, from the standpoint of both privacy and identity, cleaning up your personal information online makes a great deal of sense.
Let’s review some ways you can remove your personal information from data brokers and other sources on the internet.
The process starts with finding the sites that have your information. From there, you can request to have it removed. Yet as mentioned above, there are dozens and dozens of these sites. Knowing where to start is a challenge in of itself, as is manually making the requests once you have identified the sites that post and sell information about you.
Our Personal Data Cleanup can do the work for you. Personal Data Cleanup scans some of the riskiest data broker sites and shows you which ones are selling your personal info. It also provides guidance on how you can remove your data from those sites and can even manage the removal for you depending on your plan. It also monitors those sites, so if your info gets posted again, you can request its removal again.
As of September 2022, Google accounts for just over 92% of search engine market share worldwide. Aside from being a search engine, Google offers a myriad of other services and applications, such as Gmail and Google Maps. While Google offers plenty of tools for productivity, travel, work, and play for free, they still come at a cost—the gathering and analysis of your personal information.
You can limit the data Google associates with you by removing your name from Google search results with a removal request. This will disable anyone online from getting any results if they search your name. (Note that this will not remove your information from the original sites and sources where it’s posted.) Moreover, Google collects all your browsing data continuously. You have the option to turn on “Auto Delete” in your privacy settings to ensure that the data is deleted regularly and help limit the amount of time your sensitive data stays vulnerable.
You can also occasionally delete your cookies or use your browser in incognito mode to prevent websites from being tracked back to you. Go to your Google Chrome settings to clear your browser and cookie history.
As discussed above, data brokers can collect information from public social media profiles. You can minimize your presence on social media to the bare minimum. Make a list of the ones you use or have used in the past. If there are old accounts that you no longer use or websites that have gone by the wayside like Myspace or Tumblr, you may want to deactivate them or consider deleting them entirely.
For social media platforms that you still may use regularly, like Facebook and Instagram, consider adjusting your privacy settings to ensure that your personal information on these social media platforms is the bare minimum. For example, on Facebook you can lock your profile, while on Instagram you can stay private.
If you’ve ever published articles, written blogs, or created any content online, it might be a good time to consider taking it down if it is no longer serving a purpose. Depending on what you’ve posted, you may have shared personal details about your life. Additionally, you might be mentioned by other people in various social media posts, articles, or blogs. It is worth reaching out to these people to request them to take down posts with sensitive information.
Social media and online articles that host your personal information are often used when businesses or hackers are doing “internet scrapes” to find better ways to use your targeted information. Asking your friends or third-party sites to remove that information can help protect your privacy.
Another way you can tidy up your digital footprint online involves deleting all the unnecessary phone apps that you no longer need or use. Even when apps are not open or in use, they may be able to track personal information such as your real-time location and even your payment details if you have a paid subscription to the app.
Some apps even sell this data as it can be extremely advantageous to other companies, which they use to target certain consumer segments and profiles for advertising. Try to share as little information with apps as possible if you’re looking to minimize your online footprint, and provide them access to your photos, contacts, and location only on as-needed basis and only when the app is in use. Your phone’s app and location services settings will give you the tools to do it.
In addition to the steps above, comprehensive online protection software can keep you more private and minimize your risk of cybercrime. It can include:
So while it may seem like all this rampant collecting and selling of personal information is out of your hands, there’s plenty you can do to take control. With the steps outlined above and strong online protection software at your back, you can keep your personal information more private and secure.
The post 5 Steps to Removing Your Personal Information From the Internet appeared first on McAfee Blog.
Your digital footprint grows with every internet account you make. While your old Tumblr account may be fun for reminiscing, dormant accounts are actually one of the most significant sources of user data on the internet. These accounts can be used by data brokers or third parties to access your personal information.
To improve your data security, it’s good practice to remove public-facing information by deleting unused accounts. Simply put, having less personal data stored on the internet reduces the risk of theft and/or non-consensual data usage.
Deleting, canceling, unsubscribing, or removing your account can be a long process, depending on the service. This article will walk you through the simplest ways to delete unwanted accounts from various social media platforms.
Deleting unwanted accounts protects your information and prevents the monetization of your data. Your internet accounts often hold personal information like your name, age, email, or home address. What’s more alarming is that some platforms may even have credit card details, phone numbers, and bank account information.
When left unattended, internet accounts become vulnerable to being suspended or taken over by the platform. This means that if your accounts are left inactive for too long, you might be handing some or all of your data over to the tech platform.
For example, even if you believe an old Google account doesn’t have any sensitive information stored, it may be linked to other platforms you use (like Amazon or Google services like Gmail and Google Play). This exposes all of these accounts to several data privacy vulnerabilities.
Moreover, a recent survey found that 70% of surveyed adults admitted using the same password for more than one service. People who don’t use password managers or reuse passwords are at a greater security risk than others, as multiple accounts can become compromised at once. Whether the platform is now out of service or you are cutting down on your app usage, deleting dormant accounts will minimize security threats and safeguard your data.
Every platform has a different process for deleting accounts: Some take only a few clicks to complete and others are a little longer. Companies usually don’t want a user to stop using their services, so account deletion pages are often hidden in a complex web of tabs that you have to navigate.
In addition, some subscription services might require that you send an email to customer support to close your account. You can go to justdelete.me, an online directory that lets you access direct links to account deletion pages of various web services.
Remember to download your personal information and data before pulling the plug on your account. Most platforms let you download your data before initiating a deletion request, which saves you from losing important details and files. It is also important to check whether your Google account is used for your YouTube channel or connected to other online accounts.
To help you get rid of accounts you no longer use, we’ve broken down deleting accounts from some of the most popular social networks. The steps described below are for a desktop browser and may not apply to Android or iOS devices (unless specified).
Facebook’s user privacy policy enables it to store a large amount of user information, including personal messages, posts, search history, name, age, birthdate, and even metadata from posted photos and videos.
Follow these simple steps to delete your Facebook account:
LinkedIn collects information on users and uses it for targeted advertising. As a result, it amasses quite a lot of your data, from professional details to personal preferences and even your online behavior trail.
Follow these simple steps from your desktop to delete your account:
It’s simple to delete your Twitter account, but you’ll have to wait 30 days for your data and tweets to clear. To delete your account, you first need to deactivate it.
Once you’ve decided to delete your account from the micro-blogging site, follow these steps from your desktop:
Remember to revoke third-party access to your Twitter account to avoid having your account reactivated in the 30 days following deactivation.
Since Facebook and Instagram are both owned by Meta, they share a lot of data for targeted advertising. You can adjust the privacy settings of your Instagram account from the mobile app, but you will need to log in from a web browser like Chrome to delete your account.
To delete your Instagram account:
Your information and data will be permanently deleted after 30 days and you won’t be able to retrieve it. However, completing a deletion process may take up to 90 days.
Tumblr has a fairly simple process to delete your account:
Follow these steps to delete your account from the popular picture-sharing platform:
Pinterest servers continue to store your data after deletion, but your information won’t be visible to other users.
There are different steps to deleting your email account depending on which email service you use. Backing up email data usually takes more time because of the sheer volume of data a mail account can hold.
Complete the following steps to delete your Google account:
Here’s what you need to do to delete your Yahoo email account:
Deleting your Yahoo account also deletes the linked information from Yahoo’s other services.
Follow these steps to delete your Microsoft account on Outlook 2010, 2013, or 2016:
Leaving old information scattered across the internet makes you susceptible to identity theft. There are multiple ways to keep your identity and data secure online, including McAfee’s Total Protection plan.
Total Protection lets you choose from multiple affordable subscription models that provide comprehensive security against identity theft and potential data breaches and offers web protection and several related benefits. In addition, having access to 24/7 online security experts and a 30-day money-back guarantee make the Total Protection plan an easy, reliable, and safe choice. You can also have peace of mind with McAfee’s Personal Data Cleanup feature where our teams will work to find your personal information online and assist in removing it.
The post How to Delete Old Accounts Containing Personal Information appeared first on McAfee Blog.
Private tech companies gather tremendous amounts of user data. These companies can afford to let you use social media platforms free of charge because it’s paid for by your data, attention, and time.
Big tech derives most of its profits by selling your attention to advertisers — a well-known business model. Various documentaries (like Netflix’s “The Social Dilemma”) have tried to get to the bottom of the complex algorithms that big tech companies employ to mine and analyze user data for the benefit of third-party advertisers.
Tech companies benefit from personal info by being able to provide personalized ads. When you click “yes” at the end of a terms and conditions agreement found on some web pages, you might be allowing the companies to collect the following data:
For someone unfamiliar with privacy issues, it is important to understand the extent of big tech’s tracking and data collection. After these companies collect data, all this info can be supplied to third-party businesses or used to improve user experience.
The problem with this is that big tech has blurred the line between collecting customer data and violating user privacy in some cases. While tracking what content you interact with can be justified under the garb of personalizing the content you see, big tech platforms have been known to go too far. Prominent social networks like Facebook and LinkedIn have faced legal trouble for accessing personal user data like private messages and saved photos.
The info you provide helps build an accurate character profile and turns it into knowledge that gives actionable insights to businesses. Private data usage can be classified into three cases: selling it to data brokers, using it to improve marketing, or enhancing customer experience.
To sell your info to data brokers
Along with big data, another industry has seen rapid growth: data brokers. Data brokers buy, analyze, and package your data. Companies that collect large amounts of data on their users stand to profit from this service. Selling data to brokers is an important revenue stream for big tech companies.
Advertisers and businesses benefit from increased info on their consumers, creating a high demand for your info. The problem here is that companies like Facebook and Alphabet (Google’s parent company) have been known to mine massive amounts of user data for the sake of their advertisers.
To personalize marketing efforts
Marketing can be highly personalized thanks to the availability of large amounts of consumer data. Tracking your response to marketing campaigns can help businesses alter or improve certain aspects of their campaign to drive better results.
The problem is that most AI-based algorithms are incapable of assessing when they should stop collecting or using your info. After a point, users run the risk of being constantly subjected to intrusive ads and other unconsented marketing campaigns that pop up frequently.
To cater to the customer experience
Analyzing consumer behavior through reviews, feedback, and recommendations can help improve customer experience. Businesses have access to various facets of data that can be analyzed to show them how to meet consumer demands. This might help improve any part of a consumer’s interaction with the company, from designing special offers and discounts to improving customer relationships.
For most social media platforms, the goal is to curate a personalized feed that appeals to users and allows them to spend more time on the app. When left unmonitored, the powerful algorithms behind these social media platforms can repeatedly subject you to the same kind of content from different creators.
Here are the big tech companies that collect and mine the most user data.
Users need a comprehensive data privacy solution to tackle the rampant, large-scale data mining carried out by big tech platforms. While targeted advertisements and easily found items are beneficial, many of these companies collect and mine user data through several channels simultaneously, exploiting them in several ways.
It’s important to ensure your personal info is protected. Protection solutions like McAfee’s Personal Data Cleanup feature can help. It scours the web for traces of your personal info and helps remove it for your online privacy.
McAfee+ provides antivirus software for all your digital devices and a secure VPN connection to avoid exposure to malicious third parties while browsing the internet. Our Identity Monitoring and personal data removal solutions further remove gaps in your devices’ security systems.
With our data protection and custom guidance (complete with a protection score for each platform and tips to keep you safer), you can be sure that your internet identity is protected.
The post What Personal Data Do Companies Track? appeared first on McAfee Blog.
Introduction Browsers have become an inherent part of our virtual life and we all make use of browsers for surfing the internet in some or the other way. Also, browsers can be used not only for surfing, we can make use of browsers for navigating through the file system of the OS. You might have […]
The post Browser Forensics: Google Chrome appeared first on Infosec Resources.
FreshRSS